/* |
|
* Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved. |
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
* |
|
* This code is free software; you can redistribute it and/or modify it |
|
* under the terms of the GNU General Public License version 2 only, as |
|
* published by the Free Software Foundation. Oracle designates this |
|
* particular file as subject to the "Classpath" exception as provided |
|
* by Oracle in the LICENSE file that accompanied this code. |
|
* |
|
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
* version 2 for more details (a copy is included in the LICENSE file that |
|
* accompanied this code). |
|
* |
|
* You should have received a copy of the GNU General Public License version |
|
* 2 along with this work; if not, write to the Free Software Foundation, |
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
* |
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
* or visit www.oracle.com if you need additional information or have any |
|
* questions. |
|
*/ |
|
package sun.net.www.protocol.https; |
|
import java.net.URL; |
|
import java.net.Proxy; |
|
import java.net.SecureCacheResponse; |
|
import java.security.Principal; |
|
import java.io.IOException; |
|
import java.util.List; |
|
import javax.net.ssl.SSLPeerUnverifiedException; |
|
import sun.net.www.http.*; |
|
import sun.net.www.protocol.http.HttpURLConnection; |
|
/** |
|
* HTTPS URL connection support. |
|
* We need this delegate because HttpsURLConnection is a subclass of |
|
* java.net.HttpURLConnection. We will avoid copying over the code from |
|
* sun.net.www.protocol.http.HttpURLConnection by having this class |
|
* |
|
*/ |
|
public abstract class AbstractDelegateHttpsURLConnection extends |
|
HttpURLConnection { |
|
protected AbstractDelegateHttpsURLConnection(URL url, |
|
sun.net.www.protocol.http.Handler handler) throws IOException { |
|
this(url, null, handler); |
|
} |
|
protected AbstractDelegateHttpsURLConnection(URL url, Proxy p, |
|
sun.net.www.protocol.http.Handler handler) throws IOException { |
|
super(url, p, handler); |
|
} |
|
protected abstract javax.net.ssl.SSLSocketFactory getSSLSocketFactory(); |
|
protected abstract javax.net.ssl.HostnameVerifier getHostnameVerifier(); |
|
/** |
|
* No user application is able to call these routines, as no one |
|
* should ever get access to an instance of |
|
* DelegateHttpsURLConnection (sun.* or com.*) |
|
*/ |
|
/** |
|
* Create a new HttpClient object, bypassing the cache of |
|
* HTTP client objects/connections. |
|
* |
|
* Note: this method is changed from protected to public because |
|
* the com.sun.ssl.internal.www.protocol.https handler reuses this |
|
* class for its actual implemantation |
|
* |
|
* @param url the URL being accessed |
|
*/ |
|
public void setNewClient (URL url) |
|
throws IOException { |
|
setNewClient (url, false); |
|
} |
|
/** |
|
* Obtain a HttpClient object. Use the cached copy if specified. |
|
* |
|
* Note: this method is changed from protected to public because |
|
* the com.sun.ssl.internal.www.protocol.https handler reuses this |
|
* class for its actual implemantation |
|
* |
|
* @param url the URL being accessed |
|
* @param useCache whether the cached connection should be used |
|
* if present |
|
*/ |
|
public void setNewClient (URL url, boolean useCache) |
|
throws IOException { |
|
http = HttpsClient.New (getSSLSocketFactory(), |
|
url, |
|
getHostnameVerifier(), |
|
useCache, this); |
|
((HttpsClient)http).afterConnect(); |
|
} |
|
/** |
|
* Create a new HttpClient object, set up so that it uses |
|
* per-instance proxying to the given HTTP proxy. This |
|
* bypasses the cache of HTTP client objects/connections. |
|
* |
|
* Note: this method is changed from protected to public because |
|
* the com.sun.ssl.internal.www.protocol.https handler reuses this |
|
* class for its actual implemantation |
|
* |
|
* @param url the URL being accessed |
|
* @param proxyHost the proxy host to use |
|
* @param proxyPort the proxy port to use |
|
*/ |
|
public void setProxiedClient (URL url, String proxyHost, int proxyPort) |
|
throws IOException { |
|
setProxiedClient(url, proxyHost, proxyPort, false); |
|
} |
|
/** |
|
* Obtain a HttpClient object, set up so that it uses per-instance |
|
* proxying to the given HTTP proxy. Use the cached copy of HTTP |
|
* client objects/connections if specified. |
|
* |
|
* Note: this method is changed from protected to public because |
|
* the com.sun.ssl.internal.www.protocol.https handler reuses this |
|
* class for its actual implemantation |
|
* |
|
* @param url the URL being accessed |
|
* @param proxyHost the proxy host to use |
|
* @param proxyPort the proxy port to use |
|
* @param useCache whether the cached connection should be used |
|
* if present |
|
*/ |
|
public void setProxiedClient (URL url, String proxyHost, int proxyPort, |
|
boolean useCache) throws IOException { |
|
proxiedConnect(url, proxyHost, proxyPort, useCache); |
|
if (!http.isCachedConnection()) { |
|
doTunneling(); |
|
} |
|
((HttpsClient)http).afterConnect(); |
|
} |
|
protected void proxiedConnect(URL url, String proxyHost, int proxyPort, |
|
boolean useCache) throws IOException { |
|
if (connected) |
|
return; |
|
http = HttpsClient.New (getSSLSocketFactory(), |
|
url, |
|
getHostnameVerifier(), |
|
proxyHost, proxyPort, useCache, this); |
|
connected = true; |
|
} |
|
/** |
|
* Used by subclass to access "connected" variable. |
|
*/ |
|
public boolean isConnected() { |
|
return connected; |
|
} |
|
/** |
|
* Used by subclass to access "connected" variable. |
|
*/ |
|
public void setConnected(boolean conn) { |
|
connected = conn; |
|
} |
|
/** |
|
* Implements the HTTP protocol handler's "connect" method, |
|
* establishing an SSL connection to the server as necessary. |
|
*/ |
|
public void connect() throws IOException { |
|
if (connected) |
|
return; |
|
plainConnect(); |
|
if (cachedResponse != null) { |
|
// using cached response |
|
return; |
|
} |
|
if (!http.isCachedConnection() && http.needsTunneling()) { |
|
doTunneling(); |
|
} |
|
((HttpsClient)http).afterConnect(); |
|
} |
|
// will try to use cached HttpsClient |
|
protected HttpClient getNewHttpClient(URL url, Proxy p, int connectTimeout) |
|
throws IOException { |
|
return HttpsClient.New(getSSLSocketFactory(), url, |
|
getHostnameVerifier(), p, true, connectTimeout, |
|
this); |
|
} |
|
// will open new connection |
|
protected HttpClient getNewHttpClient(URL url, Proxy p, int connectTimeout, |
|
boolean useCache) |
|
throws IOException { |
|
return HttpsClient.New(getSSLSocketFactory(), url, |
|
getHostnameVerifier(), p, |
|
useCache, connectTimeout, this); |
|
} |
|
/** |
|
* Returns the cipher suite in use on this connection. |
|
*/ |
|
public String getCipherSuite () { |
|
if (cachedResponse != null) { |
|
return ((SecureCacheResponse)cachedResponse).getCipherSuite(); |
|
} |
|
if (http == null) { |
|
throw new IllegalStateException("connection not yet open"); |
|
} else { |
|
return ((HttpsClient)http).getCipherSuite (); |
|
} |
|
} |
|
/** |
|
* Returns the certificate chain the client sent to the |
|
* server, or null if the client did not authenticate. |
|
*/ |
|
public java.security.cert.Certificate[] getLocalCertificates() { |
|
if (cachedResponse != null) { |
|
List<java.security.cert.Certificate> l = ((SecureCacheResponse)cachedResponse).getLocalCertificateChain(); |
|
if (l == null) { |
|
return null; |
|
} else { |
|
return l.toArray(new java.security.cert.Certificate[0]); |
|
} |
|
} |
|
if (http == null) { |
|
throw new IllegalStateException("connection not yet open"); |
|
} else { |
|
return (((HttpsClient)http).getLocalCertificates ()); |
|
} |
|
} |
|
/** |
|
* Returns the server's certificate chain, or throws |
|
* SSLPeerUnverified Exception if |
|
* the server did not authenticate. |
|
*/ |
|
public java.security.cert.Certificate[] getServerCertificates() |
|
throws SSLPeerUnverifiedException { |
|
if (cachedResponse != null) { |
|
List<java.security.cert.Certificate> l = |
|
((SecureCacheResponse)cachedResponse) |
|
.getServerCertificateChain(); |
|
if (l == null) { |
|
return null; |
|
} else { |
|
return l.toArray(new java.security.cert.Certificate[0]); |
|
} |
|
} |
|
if (http == null) { |
|
throw new IllegalStateException("connection not yet open"); |
|
} else { |
|
return (((HttpsClient)http).getServerCertificates ()); |
|
} |
|
} |
|
/** |
|
* Returns the server's principal, or throws SSLPeerUnverifiedException |
|
* if the server did not authenticate. |
|
*/ |
|
Principal getPeerPrincipal() |
|
throws SSLPeerUnverifiedException |
|
{ |
|
if (cachedResponse != null) { |
|
return ((SecureCacheResponse)cachedResponse).getPeerPrincipal(); |
|
} |
|
if (http == null) { |
|
throw new IllegalStateException("connection not yet open"); |
|
} else { |
|
return (((HttpsClient)http).getPeerPrincipal()); |
|
} |
|
} |
|
/** |
|
* Returns the principal the client sent to the |
|
* server, or null if the client did not authenticate. |
|
*/ |
|
Principal getLocalPrincipal() |
|
{ |
|
if (cachedResponse != null) { |
|
return ((SecureCacheResponse)cachedResponse).getLocalPrincipal(); |
|
} |
|
if (http == null) { |
|
throw new IllegalStateException("connection not yet open"); |
|
} else { |
|
return (((HttpsClient)http).getLocalPrincipal()); |
|
} |
|
} |
|
} |