Example 11 with AllowAllHostnameVerifier
use of org.apache.http.conn.ssl.AllowAllHostnameVerifier in project android_frameworks_base by crdroidandroid.
the class AbstractProxyTest method testConnectViaHttpProxyToHttps.
private void testConnectViaHttpProxyToHttps(ProxyConfig proxyConfig) throws Exception {
TestSSLContext testSSLContext = TestSSLContext.create();
server.useHttps(testSSLContext.serverContext.getSocketFactory(), true);
server.enqueue(new MockResponse().setSocketPolicy(SocketPolicy.UPGRADE_TO_SSL_AT_END).clearHeaders());
server.enqueue(new MockResponse().setResponseCode(200).setBody("this response comes via a secure proxy"));
server.play();
HttpClient httpProxyClient = newHttpClient();
SSLSocketFactory sslSocketFactory = newSslSocketFactory(testSSLContext);
sslSocketFactory.setHostnameVerifier(new AllowAllHostnameVerifier());
httpProxyClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", sslSocketFactory, 443));
HttpGet request = new HttpGet("https://android.com/foo");
proxyConfig.configure(server, httpProxyClient, request);
HttpResponse response = httpProxyClient.execute(request);
assertEquals("this response comes via a secure proxy", contentToString(response));
RecordedRequest connect = server.takeRequest();
assertEquals("Connect line failure on proxy " + proxyConfig, "CONNECT android.com:443 HTTP/1.1", connect.getRequestLine());
assertContains(connect.getHeaders(), "Host: android.com");
RecordedRequest get = server.takeRequest();
assertEquals("GET /foo HTTP/1.1", get.getRequestLine());
assertContains(get.getHeaders(), "Host: android.com");
}
Also used :
RecordedRequest(com.google.mockwebserver.RecordedRequest)
MockResponse(com.google.mockwebserver.MockResponse)
Scheme(org.apache.http.conn.scheme.Scheme)
AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)
HttpClient(org.apache.http.client.HttpClient)
HttpGet(org.apache.http.client.methods.HttpGet)
HttpResponse(org.apache.http.HttpResponse)
TestSSLContext(libcore.javax.net.ssl.TestSSLContext)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
Example 12 with AllowAllHostnameVerifier
use of org.apache.http.conn.ssl.AllowAllHostnameVerifier in project xabber-android by redsolution.
the class ConnectionBuilder method build.
@NonNull
public static XMPPTCPConnection build(AccountJid account, @NonNull final ConnectionSettings connectionSettings) {
XMPPTCPConnectionConfiguration.Builder builder = XMPPTCPConnectionConfiguration.builder();
builder.setXmppDomain(connectionSettings.getServerName());
if (connectionSettings.isCustomHostAndPort()) {
setCustomHost(connectionSettings, builder);
builder.setPort(connectionSettings.getPort());
}
builder.setDebuggerEnabled(true);
builder.setSecurityMode(connectionSettings.getTlsMode().getSecurityMode());
builder.setCompressionEnabled(connectionSettings.useCompression());
builder.setSendPresence(false);
builder.setUsernameAndPassword(connectionSettings.getUserName(), connectionSettings.getPassword());
builder.setResource(connectionSettings.getResource());
builder.setProxyInfo(getProxyInfo(connectionSettings));
try {
LogManager.i(LOG_TAG, "SettingsManager.securityCheckCertificate: " + SettingsManager.securityCheckCertificate());
if (SettingsManager.securityCheckCertificate()) {
SSLContext sslContext = SSLContext.getInstance("TLS");
MemorizingTrustManager mtm = CertificateManager.getInstance().getNewMemorizingTrustManager(account);
sslContext.init(null, new X509TrustManager[] { mtm }, new java.security.SecureRandom());
builder.setCustomSSLContext(sslContext);
builder.setHostnameVerifier(mtm.wrapHostnameVerifier(new CustomDomainVerifier()));
} else {
TLSUtils.acceptAllCertificates(builder);
builder.setHostnameVerifier(new AllowAllHostnameVerifier());
}
} catch (NoSuchAlgorithmException | KeyManagementException e) {
LogManager.exception(LOG_TAG, e);
}
// if account have token
if (connectionSettings.getToken() != null && !connectionSettings.getToken().isEmpty() && connectionSettings.getPassword() != null && connectionSettings.getPassword().isEmpty()) {
// then enable only SASLXOauth2Mechanism
builder.addEnabledSaslMechanism(SASLXOauth2Mechanism.NAME);
// and set token as password
builder.setUsernameAndPassword(connectionSettings.getUserName(), connectionSettings.getToken());
}
LogManager.i(LOG_TAG, "new XMPPTCPConnection " + connectionSettings.getServerName());
return new XMPPTCPConnection(builder.build());
}
Also used :
MemorizingTrustManager(de.duenndns.ssl.MemorizingTrustManager)
XMPPTCPConnection(org.jivesoftware.smack.tcp.XMPPTCPConnection)
AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)
XMPPTCPConnectionConfiguration(org.jivesoftware.smack.tcp.XMPPTCPConnectionConfiguration)
SSLContext(javax.net.ssl.SSLContext)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyManagementException(java.security.KeyManagementException)
NonNull(android.support.annotation.NonNull)
Example 13 with AllowAllHostnameVerifier
use of org.apache.http.conn.ssl.AllowAllHostnameVerifier in project syncany by syncany.
the class CommandLineClient method sendToRest.
private int sendToRest(Command command, String commandName, String[] commandArgs, File portFile) {
try {
// Read port config (for daemon) from port file
PortTO portConfig = readPortConfig(portFile);
// Create authentication details
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(new AuthScope(SERVER_HOSTNAME, portConfig.getPort()), new UsernamePasswordCredentials(portConfig.getUser().getUsername(), portConfig.getUser().getPassword()));
// Allow all hostnames in CN; this is okay as long as hostname is localhost/127.0.0.1!
// See: https://github.com/syncany/syncany/pull/196#issuecomment-52197017
X509HostnameVerifier hostnameVerifier = new AllowAllHostnameVerifier();
// Fetch the SSL context (using the user key/trust store)
SSLContext sslContext = UserConfig.createUserSSLContext();
// Create client with authentication details
CloseableHttpClient client = HttpClients.custom().setSslcontext(sslContext).setHostnameVerifier(hostnameVerifier).setDefaultCredentialsProvider(credentialsProvider).build();
// Build and send request, print response
Request request = buildFolderRequestFromCommand(command, commandName, commandArgs, config.getLocalDir().getAbsolutePath());
String serverUri = SERVER_SCHEMA + SERVER_HOSTNAME + ":" + portConfig.getPort() + SERVER_REST_API;
String xmlMessageString = XmlMessageFactory.toXml(request);
StringEntity xmlMessageEntity = new StringEntity(xmlMessageString);
HttpPost httpPost = new HttpPost(serverUri);
httpPost.setEntity(xmlMessageEntity);
logger.log(Level.INFO, "Sending HTTP Request to: " + serverUri);
logger.log(Level.FINE, httpPost.toString());
logger.log(Level.FINE, xmlMessageString);
HttpResponse httpResponse = client.execute(httpPost);
int exitCode = handleRestResponse(command, httpResponse);
return exitCode;
} catch (Exception e) {
logger.log(Level.SEVERE, "Command " + command.toString() + " FAILED. ", e);
return showErrorAndExit(e.getMessage());
}
}
Also used :
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
HttpPost(org.apache.http.client.methods.HttpPost)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)
Request(org.syncany.operations.daemon.messages.api.Request)
FolderRequest(org.syncany.operations.daemon.messages.api.FolderRequest)
PortTO(org.syncany.config.to.PortTO)
HttpResponse(org.apache.http.HttpResponse)
BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider)
CredentialsProvider(org.apache.http.client.CredentialsProvider)
SSLContext(javax.net.ssl.SSLContext)
ConfigException(org.syncany.config.ConfigException)
IOException(java.io.IOException)
UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)
StringEntity(org.apache.http.entity.StringEntity)
X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier)
AuthScope(org.apache.http.auth.AuthScope)
Example 14 with AllowAllHostnameVerifier
use of org.apache.http.conn.ssl.AllowAllHostnameVerifier in project openhab1-addons by openhab.
the class Util method getConnection.
public static Sardine getConnection(CalDavConfig config) {
if (config.isDisableCertificateVerification()) {
if (config.getUrl().startsWith(HTTP_URL_PREFIX)) {
log.error("do not use '{}' if no ssl is used", CalDavLoaderImpl.PROP_DISABLE_CERTIFICATE_VERIFICATION);
}
log.trace("connecting to caldav '{}' with disabled certificate verification (url={}, username={}, password={})", config.getKey(), config.getUrl(), config.getUsername(), config.getPassword());
HttpClientBuilder httpClientBuilder = HttpClientBuilder.create().setHostnameVerifier(new AllowAllHostnameVerifier());
try {
httpClientBuilder.setSslcontext(new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
return true;
}
}).build());
} catch (KeyManagementException e) {
log.error("error verifying certificate", e);
} catch (NoSuchAlgorithmException e) {
log.error("error verifying certificate", e);
} catch (KeyStoreException e) {
log.error("error verifying certificate", e);
}
if (StringUtils.isEmpty(config.getUsername()) && StringUtils.isEmpty(config.getPassword())) {
log.trace("connecting without credentials for '{}'", config.getKey());
return new SardineImpl(httpClientBuilder);
} else {
return new SardineImpl(httpClientBuilder, config.getUsername(), config.getPassword());
}
} else {
log.trace("connecting to caldav '{}' (url={}, username={}, password={})", config.getKey(), config.getUrl(), config.getUsername(), config.getPassword());
if (StringUtils.isEmpty(config.getUsername()) && StringUtils.isEmpty(config.getPassword())) {
log.trace("connecting without credentials for '{}'", config.getKey());
return new SardineImpl();
} else {
return new SardineImpl(config.getUsername(), config.getPassword());
}
}
}
Also used :
TrustStrategy(org.apache.http.conn.ssl.TrustStrategy)
AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)
CertificateException(java.security.cert.CertificateException)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
X509Certificate(java.security.cert.X509Certificate)
KeyManagementException(java.security.KeyManagementException)
SSLContextBuilder(org.apache.http.conn.ssl.SSLContextBuilder)
SardineImpl(com.github.sardine.impl.SardineImpl)
Example 15 with AllowAllHostnameVerifier
use of org.apache.http.conn.ssl.AllowAllHostnameVerifier in project android_frameworks_base by ParanoidAndroid.
the class AbstractProxyTest method testConnectViaHttpProxyToHttps.
private void testConnectViaHttpProxyToHttps(ProxyConfig proxyConfig) throws Exception {
TestSSLContext testSSLContext = TestSSLContext.create();
server.useHttps(testSSLContext.serverContext.getSocketFactory(), true);
server.enqueue(new MockResponse().setSocketPolicy(SocketPolicy.UPGRADE_TO_SSL_AT_END).clearHeaders());
server.enqueue(new MockResponse().setResponseCode(200).setBody("this response comes via a secure proxy"));
server.play();
HttpClient httpProxyClient = newHttpClient();
SSLSocketFactory sslSocketFactory = newSslSocketFactory(testSSLContext);
sslSocketFactory.setHostnameVerifier(new AllowAllHostnameVerifier());
httpProxyClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", sslSocketFactory, 443));
HttpGet request = new HttpGet("https://android.com/foo");
proxyConfig.configure(server, httpProxyClient, request);
HttpResponse response = httpProxyClient.execute(request);
assertEquals("this response comes via a secure proxy", contentToString(response));
RecordedRequest connect = server.takeRequest();
assertEquals("Connect line failure on proxy " + proxyConfig, "CONNECT android.com:443 HTTP/1.1", connect.getRequestLine());
assertContains(connect.getHeaders(), "Host: android.com");
RecordedRequest get = server.takeRequest();
assertEquals("GET /foo HTTP/1.1", get.getRequestLine());
assertContains(get.getHeaders(), "Host: android.com");
}
Also used :
RecordedRequest(com.google.mockwebserver.RecordedRequest)
MockResponse(com.google.mockwebserver.MockResponse)
Scheme(org.apache.http.conn.scheme.Scheme)
AllowAllHostnameVerifier(org.apache.http.conn.ssl.AllowAllHostnameVerifier)
HttpClient(org.apache.http.client.HttpClient)
HttpGet(org.apache.http.client.methods.HttpGet)
HttpResponse(org.apache.http.HttpResponse)
TestSSLContext(libcore.javax.net.ssl.TestSSLContext)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
Aggregations
AllowAllHostnameVerifier (org.apache.http.conn.ssl.AllowAllHostnameVerifier)25
Scheme (org.apache.http.conn.scheme.Scheme)16
SSLSocketFactory (org.apache.http.conn.ssl.SSLSocketFactory)16
HttpResponse (org.apache.http.HttpResponse)14
HttpClient (org.apache.http.client.HttpClient)13
MockResponse (com.google.mockwebserver.MockResponse)12
RecordedRequest (com.google.mockwebserver.RecordedRequest)12
TestSSLContext (libcore.javax.net.ssl.TestSSLContext)12
HttpGet (org.apache.http.client.methods.HttpGet)12
JndiRegistry (org.apache.camel.impl.JndiRegistry)4
SchemeRegistry (org.apache.http.conn.scheme.SchemeRegistry)4
TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)4
DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)4
IOException (java.io.IOException)3
KeyManagementException (java.security.KeyManagementException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CertificateException (java.security.cert.CertificateException)3
ClientConnectionManager (org.apache.http.conn.ClientConnectionManager)3
KeyStoreException (java.security.KeyStoreException)2
X509Certificate (java.security.cert.X509Certificate)2
