Examples with SSLSocketFactory - javax.net.ssl.SSLSocketFactory

Example 81 with SSLSocketFactory

use of javax.net.ssl.SSLSocketFactory in project atlasdb by palantir.

the class Leaders method createInstrumentedLocalServices.

public static LocalPaxosServices createInstrumentedLocalServices(LeaderConfig config, Supplier<LeaderRuntimeConfig> runtime, RemotePaxosServerSpec remotePaxosServerSpec, String userAgent) {
    UUID leaderUuid = UUID.randomUUID();
    PaxosLeadershipEventRecorder leadershipEventRecorder = PaxosLeadershipEventRecorder.create(AtlasDbMetrics.getMetricRegistry(), leaderUuid.toString());
    PaxosAcceptor ourAcceptor = AtlasDbMetrics.instrument(PaxosAcceptor.class, PaxosAcceptorImpl.newAcceptor(config.acceptorLogDir().getPath()));
    PaxosLearner ourLearner = AtlasDbMetrics.instrument(PaxosLearner.class, PaxosLearnerImpl.newLearner(config.learnerLogDir().getPath(), leadershipEventRecorder));
    Optional<SSLSocketFactory> sslSocketFactory = ServiceCreator.createSslSocketFactory(config.sslConfiguration());
    List<PaxosLearner> learners = createProxyAndLocalList(ourLearner, remotePaxosServerSpec.remoteLearnerUris(), sslSocketFactory, PaxosLearner.class, userAgent);
    List<PaxosAcceptor> acceptors = createProxyAndLocalList(ourAcceptor, remotePaxosServerSpec.remoteAcceptorUris(), sslSocketFactory, PaxosAcceptor.class, userAgent);
    Map<PingableLeader, HostAndPort> otherLeaders = generatePingables(remotePaxosServerSpec.remoteLeaderUris(), sslSocketFactory, userAgent);
    InstrumentedExecutorService proposerExecutorService = new InstrumentedExecutorService(PTExecutors.newCachedThreadPool(new ThreadFactoryBuilder().setNameFormat("atlas-proposer-%d").setDaemon(true).build()), AtlasDbMetrics.getMetricRegistry(), MetricRegistry.name(PaxosProposer.class, "executor"));
    PaxosProposer proposer = AtlasDbMetrics.instrument(PaxosProposer.class, PaxosProposerImpl.newProposer(ourLearner, acceptors, learners, config.quorumSize(), leaderUuid, proposerExecutorService));
    InstrumentedExecutorService leaderElectionExecutor = new InstrumentedExecutorService(PTExecutors.newCachedThreadPool(new ThreadFactoryBuilder().setNameFormat("atlas-leaders-election-%d").setDaemon(true).build()), AtlasDbMetrics.getMetricRegistry(), MetricRegistry.name(PaxosLeaderElectionService.class, "executor"));
    PaxosLeaderElectionService paxosLeaderElectionService = new PaxosLeaderElectionServiceBuilder().proposer(proposer).knowledge(ourLearner).potentialLeadersToHosts(otherLeaders).acceptors(acceptors).learners(learners).executor(leaderElectionExecutor).pingRateMs(config.pingRateMs()).randomWaitBeforeProposingLeadershipMs(config.randomWaitBeforeProposingLeadershipMs()).leaderPingResponseWaitMs(config.leaderPingResponseWaitMs()).eventRecorder(leadershipEventRecorder).onlyLogOnQuorumFailure(JavaSuppliers.compose(LeaderRuntimeConfig::onlyLogOnQuorumFailure, runtime)).build();
    LeaderElectionService leaderElectionService = AtlasDbMetrics.instrument(LeaderElectionService.class, paxosLeaderElectionService);
    PingableLeader pingableLeader = AtlasDbMetrics.instrument(PingableLeader.class, paxosLeaderElectionService);
    return ImmutableLocalPaxosServices.builder().ourAcceptor(ourAcceptor).ourLearner(ourLearner).leaderElectionService(leaderElectionService).pingableLeader(pingableLeader).build();
}

Also used : PaxosAcceptor(com.palantir.paxos.PaxosAcceptor) InstrumentedExecutorService(com.codahale.metrics.InstrumentedExecutorService) PaxosProposer(com.palantir.paxos.PaxosProposer) PaxosLearner(com.palantir.paxos.PaxosLearner) HostAndPort(com.google.common.net.HostAndPort) PingableLeader(com.palantir.leader.PingableLeader) ThreadFactoryBuilder(com.google.common.util.concurrent.ThreadFactoryBuilder) PaxosLeaderElectionService(com.palantir.leader.PaxosLeaderElectionService) PaxosLeaderElectionService(com.palantir.leader.PaxosLeaderElectionService) LeaderElectionService(com.palantir.leader.LeaderElectionService) PaxosLeadershipEventRecorder(com.palantir.leader.PaxosLeadershipEventRecorder) UUID(java.util.UUID) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) PaxosLeaderElectionServiceBuilder(com.palantir.leader.PaxosLeaderElectionServiceBuilder) LeaderRuntimeConfig(com.palantir.atlasdb.config.LeaderRuntimeConfig)

Example 82 with SSLSocketFactory

use of javax.net.ssl.SSLSocketFactory in project atlasdb by palantir.

the class CassandraClientFactory method getRawClient.

private static Cassandra.Client getRawClient(InetSocketAddress addr, CassandraKeyValueServiceConfig config) throws TException {
    TSocket thriftSocket = new TSocket(addr.getHostString(), addr.getPort(), config.socketTimeoutMillis());
    thriftSocket.open();
    try {
        thriftSocket.getSocket().setKeepAlive(true);
        thriftSocket.getSocket().setSoTimeout(config.socketQueryTimeoutMillis());
    } catch (SocketException e) {
        log.error("Couldn't set socket keep alive for host {}", SafeArg.of("address", CassandraLogHelper.host(addr)));
    }
    if (config.usingSsl()) {
        boolean success = false;
        try {
            final SSLSocketFactory factory;
            if (config.sslConfiguration().isPresent()) {
                factory = SslSocketFactories.createSslSocketFactory(config.sslConfiguration().get());
            } else {
                factory = sslSocketFactories.getUnchecked(addr);
            }
            SSLSocket socket = (SSLSocket) factory.createSocket(thriftSocket.getSocket(), addr.getHostString(), addr.getPort(), true);
            thriftSocket = new TSocket(socket);
            success = true;
        } catch (IOException e) {
            throw new TTransportException(e);
        } finally {
            if (!success) {
                thriftSocket.close();
            }
        }
    }
    TTransport thriftFramedTransport = new TFramedTransport(thriftSocket, CassandraConstants.CLIENT_MAX_THRIFT_FRAME_SIZE_BYTES);
    TProtocol protocol = new TBinaryProtocol(thriftFramedTransport);
    Cassandra.Client client = new Cassandra.Client(protocol);
    if (config.credentials().isPresent()) {
        try {
            login(client, config.credentials().get());
        } catch (TException e) {
            client.getOutputProtocol().getTransport().close();
            log.error("Exception thrown attempting to authenticate with config provided credentials", e);
            throw e;
        }
    }
    return client;
}

Also used : TException(org.apache.thrift.TException) SocketException(java.net.SocketException) Client(org.apache.cassandra.thrift.Cassandra.Client) SSLSocket(javax.net.ssl.SSLSocket) Cassandra(org.apache.cassandra.thrift.Cassandra) TTransportException(org.apache.thrift.transport.TTransportException) IOException(java.io.IOException) TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) TFramedTransport(org.apache.thrift.transport.TFramedTransport) TTransport(org.apache.thrift.transport.TTransport) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) QosClient(com.palantir.atlasdb.qos.QosClient) Client(org.apache.cassandra.thrift.Cassandra.Client) QosCassandraClient(com.palantir.atlasdb.keyvalue.cassandra.qos.QosCassandraClient) TSocket(org.apache.thrift.transport.TSocket)

Example 83 with SSLSocketFactory

use of javax.net.ssl.SSLSocketFactory in project openmeetings by apache.

the class SignInPage method prepareConnection.

private void prepareConnection(URLConnection _connection) {
    if (!(_connection instanceof HttpsURLConnection)) {
        return;
    }
    if (!cfgDao.getBool(CONFIG_IGNORE_BAD_SSL, false)) {
        return;
    }
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

        @Override
        public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        // no-op
        }

        @Override
        public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
        // no-op
        }

        @Override
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[] {};
        }
    } };
    try {
        HttpsURLConnection connection = (HttpsURLConnection) _connection;
        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
        connection.setSSLSocketFactory(sslSocketFactory);
        connection.setHostnameVerifier((arg0, arg1) -> true);
    } catch (Exception e) {
        log.error("[prepareConnection]", e);
    }
}

Also used : X509TrustManager(javax.net.ssl.X509TrustManager) SSLContext(javax.net.ssl.SSLContext) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) X509Certificate(java.security.cert.X509Certificate) RedirectToUrlException(org.apache.wicket.request.flow.RedirectToUrlException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) OmException(org.apache.openmeetings.util.OmException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) JSONException(com.github.openjson.JSONException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 84 with SSLSocketFactory

use of javax.net.ssl.SSLSocketFactory in project Gladys-Android-App by LeptitGeek.

the class SelfSigningClientBuilder method getUnsafeOkHttpClient.

public static OkHttpClient getUnsafeOkHttpClient() {
    try {
        // Create a trust manager that does not validate certificate chains
        final TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

            @SuppressLint("TrustAllX509TrustManager")
            @Override
            public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @SuppressLint("TrustAllX509TrustManager")
            @Override
            public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
            }

            @Override
            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        } };
        // Install the all-trusting trust manager
        final SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
        // Create an ssl socket factory with our all-trusting manager
        final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
        return new OkHttpClient.Builder().connectTimeout(30, TimeUnit.SECONDS).readTimeout(30, TimeUnit.SECONDS).sslSocketFactory(sslSocketFactory, (X509TrustManager) trustAllCerts[0]).hostnameVerifier(new HostnameVerifier() {

            @SuppressLint("BadHostnameVerifier")
            @Override
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        }).build();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}

Also used : OkHttpClient(okhttp3.OkHttpClient) SSLSession(javax.net.ssl.SSLSession) SSLContext(javax.net.ssl.SSLContext) X509Certificate(java.security.cert.X509Certificate) CertificateException(java.security.cert.CertificateException) X509TrustManager(javax.net.ssl.X509TrustManager) TrustManager(javax.net.ssl.TrustManager) HostnameVerifier(javax.net.ssl.HostnameVerifier) X509TrustManager(javax.net.ssl.X509TrustManager) SSLSocketFactory(javax.net.ssl.SSLSocketFactory)

Example 85 with SSLSocketFactory

use of javax.net.ssl.SSLSocketFactory in project OA4MP by ncsa.

the class LDAPSSLSocketFactory method getSF.

protected SSLSocketFactory getSF() throws GeneralSecurityException, IOException {
    SSLContext sc = SSLContext.getInstance("SSL");
    MyTrustManager mtm = new MyTrustManager(null, getSslConfiguration());
    mtm.setHost(getLdapConfiguration().getServer());
    TrustManager[] trustAllCerts = new TrustManager[] { mtm };
    sc.init(getKeyManagerFactory().getKeyManagers(), trustAllCerts, new java.security.SecureRandom());
    SSLSocketFactory sf = sc.getSocketFactory();
    // this.socket = (SSLSocket) sf.createSocket(this.hostLookup(), this.port);
    return sf;
}

Also used : SSLContext(javax.net.ssl.SSLContext) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) MyTrustManager(edu.uiuc.ncsa.security.util.ssl.MyTrustManager) TrustManager(javax.net.ssl.TrustManager) MyTrustManager(edu.uiuc.ncsa.security.util.ssl.MyTrustManager)

Aggregations

SSLSocketFactory (javax.net.ssl.SSLSocketFactory)403 SSLContext (javax.net.ssl.SSLContext)150 SSLSocket (javax.net.ssl.SSLSocket)134 IOException (java.io.IOException)106 X509TrustManager (javax.net.ssl.X509TrustManager)69 Socket (java.net.Socket)63 TrustManager (javax.net.ssl.TrustManager)56 HostnameVerifier (javax.net.ssl.HostnameVerifier)49 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)48 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)48 Test (org.junit.Test)46 KeyManagementException (java.security.KeyManagementException)45 URL (java.net.URL)41 CertificateException (java.security.cert.CertificateException)39 OkHttpClient (okhttp3.OkHttpClient)39 OutputStream (java.io.OutputStream)35 InputStream (java.io.InputStream)34 X509Certificate (java.security.cert.X509Certificate)34 SSLSession (javax.net.ssl.SSLSession)30 InetSocketAddress (java.net.InetSocketAddress)29