Example 1 with TrustAllX509TrustManager
use of streamer.ssl.TrustAllX509TrustManager in project cloudstack by apache.
the class SocketWrapperImpl method upgradeToSsl.
@Override
public void upgradeToSsl() {
if (sslSocket != null)
// Already upgraded
return;
if (verbose)
System.out.println("[" + this + "] INFO: Upgrading socket to SSL.");
try {
// Use most secure implementation of SSL available now.
// JVM will try to negotiate TLS1.2, then will fallback to TLS1.0, if
// TLS1.2 is not supported.
SSLContext sslContext = SSLUtils.getSSLContext();
// Trust all certificates (FIXME: insecure)
sslContext.init(null, new TrustManager[] { new TrustAllX509TrustManager(sslState) }, null);
SSLSocketFactory sslSocketFactory = new SecureSSLSocketFactory(sslContext);
sslSocket = (SSLSocket) sslSocketFactory.createSocket(socket, address.getHostName(), address.getPort(), true);
sslSocket.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslSocket.getEnabledProtocols()));
sslSocket.startHandshake();
InputStream sis = sslSocket.getInputStream();
source.setInputStream(sis);
OutputStream sos = sslSocket.getOutputStream();
sink.setOutputStream(sos);
} catch (Exception e) {
throw new RuntimeException("Cannot upgrade socket to SSL: " + e.getMessage(), e);
}
}
Also used :
InputStream(java.io.InputStream)
OutputStream(java.io.OutputStream)
SecureSSLSocketFactory(org.apache.cloudstack.utils.security.SecureSSLSocketFactory)
SSLContext(javax.net.ssl.SSLContext)
TrustAllX509TrustManager(streamer.ssl.TrustAllX509TrustManager)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
SecureSSLSocketFactory(org.apache.cloudstack.utils.security.SecureSSLSocketFactory)
IOException(java.io.IOException)
Aggregations
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
OutputStream (java.io.OutputStream)1
SSLContext (javax.net.ssl.SSLContext)1
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)1
SecureSSLSocketFactory (org.apache.cloudstack.utils.security.SecureSSLSocketFactory)1
TrustAllX509TrustManager (streamer.ssl.TrustAllX509TrustManager)1
