use of okhttp3.CipherSuite in project okhttp by square.
the class JavaApiConverter method createOkResponseForCacheGet.
/**
* Creates an OkHttp {@link Response} using the supplied {@link Request} and {@link CacheResponse}
* to supply the data.
*/
static Response createOkResponseForCacheGet(Request request, CacheResponse javaResponse) throws IOException {
// Build a cache request for the response to use.
Headers responseHeaders = createHeaders(javaResponse.getHeaders());
Headers varyHeaders;
if (HttpHeaders.hasVaryAll(responseHeaders)) {
// "*" means that this will be treated as uncacheable anyway.
varyHeaders = new Headers.Builder().build();
} else {
varyHeaders = HttpHeaders.varyHeaders(request.headers(), responseHeaders);
}
Request cacheRequest = new Request.Builder().url(request.url()).method(request.method(), null).headers(varyHeaders).build();
Response.Builder okResponseBuilder = new Response.Builder();
// Request: Use the cacheRequest we built.
okResponseBuilder.request(cacheRequest);
// Status line: Java has this as one of the headers.
StatusLine statusLine = StatusLine.parse(extractStatusLine(javaResponse));
okResponseBuilder.protocol(statusLine.protocol);
okResponseBuilder.code(statusLine.code);
okResponseBuilder.message(statusLine.message);
// Response headers
Headers okHeaders = extractOkHeaders(javaResponse, okResponseBuilder);
okResponseBuilder.headers(okHeaders);
// Response body
ResponseBody okBody = createOkBody(okHeaders, javaResponse);
okResponseBuilder.body(okBody);
// Handle SSL handshake information as needed.
if (javaResponse instanceof SecureCacheResponse) {
SecureCacheResponse javaSecureCacheResponse = (SecureCacheResponse) javaResponse;
// Handshake doesn't support null lists.
List<Certificate> peerCertificates;
try {
peerCertificates = javaSecureCacheResponse.getServerCertificateChain();
} catch (SSLPeerUnverifiedException e) {
peerCertificates = Collections.emptyList();
}
List<Certificate> localCertificates = javaSecureCacheResponse.getLocalCertificateChain();
if (localCertificates == null) {
localCertificates = Collections.emptyList();
}
String cipherSuiteString = javaSecureCacheResponse.getCipherSuite();
CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
Handshake handshake = Handshake.get(null, cipherSuite, peerCertificates, localCertificates);
okResponseBuilder.handshake(handshake);
}
return okResponseBuilder.build();
}
use of okhttp3.CipherSuite in project okhttp by square.
the class JavaApiConverter method createOkResponseForCachePut.
/**
* Creates an OkHttp {@link Response} using the supplied {@link URI} and {@link URLConnection} to
* supply the data. The URLConnection is assumed to already be connected. If this method returns
* {@code null} the response is uncacheable.
*/
public static Response createOkResponseForCachePut(URI uri, URLConnection urlConnection) throws IOException {
HttpURLConnection httpUrlConnection = (HttpURLConnection) urlConnection;
Response.Builder okResponseBuilder = new Response.Builder();
// Request: Create one from the URL connection.
Headers responseHeaders = createHeaders(urlConnection.getHeaderFields());
// Some request headers are needed for Vary caching.
Headers varyHeaders = varyHeaders(urlConnection, responseHeaders);
if (varyHeaders == null) {
return null;
}
// OkHttp's Call API requires a placeholder body; the real body will be streamed separately.
String requestMethod = httpUrlConnection.getRequestMethod();
RequestBody placeholderBody = HttpMethod.requiresRequestBody(requestMethod) ? Util.EMPTY_REQUEST : null;
Request okRequest = new Request.Builder().url(uri.toString()).method(requestMethod, placeholderBody).headers(varyHeaders).build();
okResponseBuilder.request(okRequest);
// Status line
StatusLine statusLine = StatusLine.parse(extractStatusLine(httpUrlConnection));
okResponseBuilder.protocol(statusLine.protocol);
okResponseBuilder.code(statusLine.code);
okResponseBuilder.message(statusLine.message);
// A network response is required for the Cache to find any Vary headers it needs.
Response networkResponse = okResponseBuilder.build();
okResponseBuilder.networkResponse(networkResponse);
// Response headers
Headers okHeaders = extractOkResponseHeaders(httpUrlConnection, okResponseBuilder);
okResponseBuilder.headers(okHeaders);
// Response body
ResponseBody okBody = createOkBody(urlConnection);
okResponseBuilder.body(okBody);
// Handle SSL handshake information as needed.
if (httpUrlConnection instanceof HttpsURLConnection) {
HttpsURLConnection httpsUrlConnection = (HttpsURLConnection) httpUrlConnection;
Certificate[] peerCertificates;
try {
peerCertificates = httpsUrlConnection.getServerCertificates();
} catch (SSLPeerUnverifiedException e) {
peerCertificates = null;
}
Certificate[] localCertificates = httpsUrlConnection.getLocalCertificates();
String cipherSuiteString = httpsUrlConnection.getCipherSuite();
CipherSuite cipherSuite = CipherSuite.forJavaName(cipherSuiteString);
Handshake handshake = Handshake.get(null, cipherSuite, nullSafeImmutableList(peerCertificates), nullSafeImmutableList(localCertificates));
okResponseBuilder.handshake(handshake);
}
return okResponseBuilder.build();
}
use of okhttp3.CipherSuite in project AntennaPod by AntennaPod.
the class SslClientSetup method installCertificates.
public static void installCertificates(OkHttpClient.Builder builder) {
if (BuildConfig.FLAVOR.equals("free")) {
// The Free flavor bundles a modern conscrypt (security provider), so CustomSslSocketFactory
// is only used to make sure that modern protocols (TLSv1.3 and TLSv1.2) are enabled and
// that old, deprecated, protocols (like SSLv3, TLSv1.0 and TLSv1.1) are disabled.
X509TrustManager trustManager = BackportTrustManager.create();
builder.sslSocketFactory(new NoV1SslSocketFactory(trustManager), trustManager);
} else if (Build.VERSION.SDK_INT < 21) {
X509TrustManager trustManager = BackportTrustManager.create();
builder.sslSocketFactory(new NoV1SslSocketFactory(trustManager), trustManager);
// workaround for Android 4.x for certain web sites.
// see: https://github.com/square/okhttp/issues/4053#issuecomment-402579554
List<CipherSuite> cipherSuites = new ArrayList<>(ConnectionSpec.MODERN_TLS.cipherSuites());
cipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
cipherSuites.add(CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
ConnectionSpec legacyTls = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS).cipherSuites(cipherSuites.toArray(new CipherSuite[0])).build();
builder.connectionSpecs(Arrays.asList(legacyTls, ConnectionSpec.CLEARTEXT));
}
}
use of okhttp3.CipherSuite in project okhttp by square.
the class LoggingEventListenerTest method get.
@Test
public void get() throws Exception {
TestUtil.assumeNotWindows();
server.enqueue(new MockResponse().setBody("Hello!").setHeader("Content-Type", PLAIN));
Response response = client.newCall(request().build()).execute();
assertThat(response.body()).isNotNull();
response.body().bytes();
logRecorder.assertLogMatch("callStart: Request\\{method=GET, url=" + url + "\\}").assertLogMatch("proxySelectStart: " + url).assertLogMatch("proxySelectEnd: \\[DIRECT\\]").assertLogMatch("dnsStart: " + url.host()).assertLogMatch("dnsEnd: \\[.+\\]").assertLogMatch("connectStart: " + url.host() + "/.+ DIRECT").assertLogMatch("connectEnd: http/1.1").assertLogMatch("connectionAcquired: Connection\\{" + url.host() + ":\\d+, proxy=DIRECT hostAddress=" + url.host() + "/.+ cipherSuite=none protocol=http/1\\.1\\}").assertLogMatch("requestHeadersStart").assertLogMatch("requestHeadersEnd").assertLogMatch("responseHeadersStart").assertLogMatch("responseHeadersEnd: Response\\{protocol=http/1\\.1, code=200, message=OK, url=" + url + "\\}").assertLogMatch("responseBodyStart").assertLogMatch("responseBodyEnd: byteCount=6").assertLogMatch("connectionReleased").assertLogMatch("callEnd").assertNoMoreLogs();
}
use of okhttp3.CipherSuite in project okhttp by square.
the class LoggingEventListenerTest method secureGet.
@Test
public void secureGet() throws Exception {
TestUtil.assumeNotWindows();
platform.assumeNotBouncyCastle();
server.useHttps(handshakeCertificates.sslSocketFactory(), false);
url = server.url("/");
server.enqueue(new MockResponse());
Response response = client.newCall(request().build()).execute();
assertThat(response.body()).isNotNull();
response.body().bytes();
platform.assumeHttp2Support();
logRecorder.assertLogMatch("callStart: Request\\{method=GET, url=" + url + "\\}").assertLogMatch("proxySelectStart: " + url).assertLogMatch("proxySelectEnd: \\[DIRECT\\]").assertLogMatch("dnsStart: " + url.host()).assertLogMatch("dnsEnd: \\[.+\\]").assertLogMatch("connectStart: " + url.host() + "/.+ DIRECT").assertLogMatch("secureConnectStart").assertLogMatch("secureConnectEnd: Handshake\\{" + "tlsVersion=TLS_1_[23] " + "cipherSuite=TLS_.* " + "peerCertificates=\\[CN=localhost\\] " + "localCertificates=\\[\\]}").assertLogMatch("connectEnd: h2").assertLogMatch("connectionAcquired: Connection\\{" + url.host() + ":\\d+, proxy=DIRECT hostAddress=" + url.host() + "/.+ cipherSuite=.+ protocol=h2\\}").assertLogMatch("requestHeadersStart").assertLogMatch("requestHeadersEnd").assertLogMatch("responseHeadersStart").assertLogMatch("responseHeadersEnd: Response\\{protocol=h2, code=200, message=, url=" + url + "\\}").assertLogMatch("responseBodyStart").assertLogMatch("responseBodyEnd: byteCount=0").assertLogMatch("connectionReleased").assertLogMatch("callEnd").assertNoMoreLogs();
}
Aggregations