Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.w3c.mwi.mobileok.basic
Class HostnameVerifier.AbstractVerifier

java.lang.Object
  extended by org.w3c.mwi.mobileok.basic.HostnameVerifier.AbstractVerifier
All Implemented Interfaces:
javax.net.ssl.HostnameVerifier
Enclosing interface:
HostnameVerifier
public abstract static class HostnameVerifier.AbstractVerifier
extends java.lang.Object
implements HostnameVerifier

Nested Class Summary
 
Nested classes/interfaces inherited from interface org.w3c.mwi.mobileok.basic.HostnameVerifier
HostnameVerifier.AbstractVerifier
 
Field Summary
private static java.lang.String[] BAD_COUNTRY_2LDS
          This contains a list of 2nd-level domains that are not allowed to have wildcards when combined with country-codes.
private static java.lang.String[] LOCALHOSTS
           
 
Fields inherited from interface org.w3c.mwi.mobileok.basic.HostnameVerifier
ALLOW_ALL, DEFAULT, DEFAULT_AND_LOCALHOST, STRICT, STRICT_IE6
 
Constructor Summary
protected HostnameVerifier.AbstractVerifier()
           
 
Method Summary
static boolean acceptableCountryWildcard(java.lang.String cn)
           
 void check(java.lang.String[] host, javax.net.ssl.SSLSocket ssl)
           
 void check(java.lang.String[] hosts, java.lang.String[] cns, java.lang.String[] subjectAlts, boolean ie6, boolean strictWithSubDomains)
           
 void check(java.lang.String[] host, java.security.cert.X509Certificate cert)
           
 void check(java.lang.String host, javax.net.ssl.SSLSocket ssl)
           
 void check(java.lang.String host, java.lang.String[] cns, java.lang.String[] subjectAlts)
           
 void check(java.lang.String host, java.security.cert.X509Certificate cert)
           
static int countDots(java.lang.String s)
          Counts the number of dots "." in a string.
 java.lang.String[] getCertificateCNs(java.security.cert.X509Certificate cert)
           
 java.lang.String[] getCertificateDNSSubjectAlts(java.security.cert.X509Certificate cert)
          Extracts the array of SubjectAlt DNS names from an X509Certificate.
static boolean isIP4Address(java.lang.String cn)
           
static boolean isLocalhost(java.lang.String host)
           
 boolean verify(java.lang.String host, javax.net.ssl.SSLSession session)
          The javax.net.ssl.HostnameVerifier contract.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.w3c.mwi.mobileok.basic.HostnameVerifier
check
 

Field Detail

BAD_COUNTRY_2LDS

private static final java.lang.String[] BAD_COUNTRY_2LDS
This contains a list of 2nd-level domains that are not allowed to have wildcards when combined with country-codes. For example: [*.co.uk].

The [*.co.uk] problem is an interesting one. Should we just hope that CA's would never foolishly allow such a certificate to happen? Looks like we're the only implementation guarding against this. Firefox, Curl, Sun Java 1.4, 5, 6 don't bother with this check.

LOCALHOSTS

private static final java.lang.String[] LOCALHOSTS
Constructor Detail

HostnameVerifier.AbstractVerifier

protected HostnameVerifier.AbstractVerifier()
Method Detail

verify

public boolean verify(java.lang.String host,
                      javax.net.ssl.SSLSession session)
The javax.net.ssl.HostnameVerifier contract.

Specified by:
verify in interface javax.net.ssl.HostnameVerifier
Parameters:
host - 'hostname' we used to create our socket
session - SSLSession with the remote server
Returns:
true if the host matched the one in the certificate.

check

public void check(java.lang.String host,
                  javax.net.ssl.SSLSocket ssl)
           throws java.io.IOException
Throws:
java.io.IOException

check

public void check(java.lang.String host,
                  java.security.cert.X509Certificate cert)
           throws javax.net.ssl.SSLException
Throws:
javax.net.ssl.SSLException

check

public void check(java.lang.String host,
                  java.lang.String[] cns,
                  java.lang.String[] subjectAlts)
           throws javax.net.ssl.SSLException
Throws:
javax.net.ssl.SSLException

check

public void check(java.lang.String[] host,
                  javax.net.ssl.SSLSocket ssl)
           throws java.io.IOException
Throws:
java.io.IOException

check

public void check(java.lang.String[] host,
                  java.security.cert.X509Certificate cert)
           throws javax.net.ssl.SSLException
Throws:
javax.net.ssl.SSLException

check

public void check(java.lang.String[] hosts,
                  java.lang.String[] cns,
                  java.lang.String[] subjectAlts,
                  boolean ie6,
                  boolean strictWithSubDomains)
           throws javax.net.ssl.SSLException
Throws:
javax.net.ssl.SSLException

isIP4Address

public static boolean isIP4Address(java.lang.String cn)

acceptableCountryWildcard

public static boolean acceptableCountryWildcard(java.lang.String cn)

isLocalhost

public static boolean isLocalhost(java.lang.String host)

countDots

public static int countDots(java.lang.String s)
Counts the number of dots "." in a string.

Parameters:
s - string to count dots from
Returns:
number of dots

getCertificateCNs

public java.lang.String[] getCertificateCNs(java.security.cert.X509Certificate cert)

getCertificateDNSSubjectAlts

public java.lang.String[] getCertificateDNSSubjectAlts(java.security.cert.X509Certificate cert)
Extracts the array of SubjectAlt DNS names from an X509Certificate.

Parameters:
cert - X509Certificate to parse
Returns:
Array of SubjectALT DNS names stored in the certificate. Returns null if there aren't any.
Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD