linkerlau/my-jdk
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(jdk8): move files to new folder to avoid resources compiled.

Browse Source
This commit is contained in:
linkerlau
2025-09-07 15:25:52 +08:00
parent 3f0047bf6f
commit 8c35cfb1c0
17415 changed files with 217 additions and 213 deletions
Download Patch File Download Diff File Expand all files Collapse all files

129
jdkSrc/jdk8/com/sun/net/httpserver/Authenticator.java Normal file
View File

@@ -0,0 +1,129 @@
/*
* Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.util.*;
/**
* Authenticator represents an implementation of an HTTP authentication
* mechanism. Sub-classes provide implementations of specific mechanisms
* such as Digest or Basic auth. Instances are invoked to provide verification
* of the authentication information provided in all incoming requests.
* Note. This implies that any caching of credentials or other authentication
* information must be done outside of this class.
*/
@jdk.Exported
public abstract class Authenticator {
/**
* Base class for return type from authenticate() method
*/
public abstract static class Result {}
/**
* Indicates an authentication failure. The authentication
* attempt has completed.
*/
@jdk.Exported
public static class Failure extends Result {
private int responseCode;
public Failure (int responseCode) {
this.responseCode = responseCode;
}
/**
* returns the response code to send to the client
*/
public int getResponseCode() {
return responseCode;
}
}
/**
* Indicates an authentication has succeeded and the
* authenticated user principal can be acquired by calling
* getPrincipal().
*/
@jdk.Exported
public static class Success extends Result {
private HttpPrincipal principal;
public Success (HttpPrincipal p) {
principal = p;
}
/**
* returns the authenticated user Principal
*/
public HttpPrincipal getPrincipal() {
return principal;
}
}
/**
* Indicates an authentication must be retried. The
* response code to be sent back is as returned from
* getResponseCode(). The Authenticator must also have
* set any necessary response headers in the given HttpExchange
* before returning this Retry object.
*/
@jdk.Exported
public static class Retry extends Result {
private int responseCode;
public Retry (int responseCode) {
this.responseCode = responseCode;
}
/**
* returns the response code to send to the client
*/
public int getResponseCode() {
return responseCode;
}
}
/**
* called to authenticate each incoming request. The implementation
* must return a Failure, Success or Retry object as appropriate :-
* <p>
* Failure means the authentication has completed, but has failed
* due to invalid credentials.
* <p>
* Sucess means that the authentication
* has succeeded, and a Principal object representing the user
* can be retrieved by calling Sucess.getPrincipal() .
* <p>
* Retry means that another HTTP exchange is required. Any response
* headers needing to be sent back to the client are set in the
* given HttpExchange. The response code to be returned must be provided
* in the Retry object. Retry may occur multiple times.
*/
public abstract Result authenticate (HttpExchange exch);
}

107
jdkSrc/jdk8/com/sun/net/httpserver/BasicAuthenticator.java Normal file
View File

@@ -0,0 +1,107 @@
/*
* Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.util.Base64;
/**
* BasicAuthenticator provides an implementation of HTTP Basic
* authentication. It is an abstract class and must be extended
* to provide an implementation of {@link #checkCredentials(String,String)}
* which is called to verify each incoming request.
*/
@jdk.Exported
public abstract class BasicAuthenticator extends Authenticator {
protected String realm;
/**
* Creates a BasicAuthenticator for the given HTTP realm
* @param realm The HTTP Basic authentication realm
* @throws NullPointerException if the realm is an empty string
*/
public BasicAuthenticator (String realm) {
this.realm = realm;
}
/**
* returns the realm this BasicAuthenticator was created with
* @return the authenticator's realm string.
*/
public String getRealm () {
return realm;
}
public Result authenticate (HttpExchange t)
{
Headers rmap = t.getRequestHeaders();
/*
* look for auth token
*/
String auth = rmap.getFirst ("Authorization");
if (auth == null) {
Headers map = t.getResponseHeaders();
map.set ("WWW-Authenticate", "Basic realm=" + "\""+realm+"\"");
return new Authenticator.Retry (401);
}
int sp = auth.indexOf (' ');
if (sp == -1 || !auth.substring(0, sp).equals ("Basic")) {
return new Authenticator.Failure (401);
}
byte[] b = Base64.getDecoder().decode(auth.substring(sp+1));
String userpass = new String (b);
int colon = userpass.indexOf (':');
String uname = userpass.substring (0, colon);
String pass = userpass.substring (colon+1);
if (checkCredentials (uname, pass)) {
return new Authenticator.Success (
new HttpPrincipal (
uname, realm
)
);
} else {
/* reject the request again with 401 */
Headers map = t.getResponseHeaders();
map.set ("WWW-Authenticate", "Basic realm=" + "\""+realm+"\"");
return new Authenticator.Failure(401);
}
}
/**
* called for each incoming request to verify the
* given name and password in the context of this
* Authenticator's realm. Any caching of credentials
* must be done by the implementation of this method
* @param username the username from the request
* @param password the password from the request
* @return <code>true</code> if the credentials are valid,
* <code>false</code> otherwise.
*/
public abstract boolean checkCredentials (String username, String password);
}

121
jdkSrc/jdk8/com/sun/net/httpserver/Filter.java Normal file
View File

@@ -0,0 +1,121 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.io.IOException;
import java.util.*;
/**
* A filter used to pre- and post-process incoming requests. Pre-processing occurs
* before the application's exchange handler is invoked, and post-processing
* occurs after the exchange handler returns. Filters
* are organised in chains, and are associated with HttpContext instances.
* <p>
* Each Filter in the chain, invokes the next filter within its own
* doFilter() implementation. The final Filter in the chain invokes the applications
* exchange handler.
* @since 1.6
*/
@jdk.Exported
public abstract class Filter {
protected Filter () {}
/**
* a chain of filters associated with a HttpServer.
* Each filter in the chain is given one of these
* so it can invoke the next filter in the chain
*/
@jdk.Exported
public static class Chain {
/* the last element in the chain must invoke the users
* handler
*/
private ListIterator<Filter> iter;
private HttpHandler handler;
public Chain (List<Filter> filters, HttpHandler handler) {
iter = filters.listIterator();
this.handler = handler;
}
/**
* calls the next filter in the chain, or else
* the users exchange handler, if this is the
* final filter in the chain. The Filter may decide
* to terminate the chain, by not calling this method.
* In this case, the filter <b>must</b> send the
* response to the request, because the application's
* exchange handler will not be invoked.
* @param exchange the HttpExchange
* @throws IOException let exceptions pass up the stack
* @throws NullPointerException if exchange is <code>null</code>
*/
public void doFilter (HttpExchange exchange) throws IOException {
if (!iter.hasNext()) {
handler.handle (exchange);
} else {
Filter f = iter.next();
f.doFilter (exchange, this);
}
}
}
/**
* Asks this filter to pre/post-process the given exchange. The filter
* can :-
* <ul><li>examine or modify the request headers</li>
* <li>filter the request body or the response body, by creating suitable
* filter streams and calling
* {@link HttpExchange#setStreams(InputStream,OutputStream)}</li>
* <li>set attribute Objects in the exchange, which other filters or the
* exchange handler can access.</li>
* <li>decide to either :-<ol>
* <li>invoke the next filter in the chain, by calling
* {@link Filter.Chain#doFilter(HttpExchange)}</li>
* <li>terminate the chain of invocation, by <b>not</b> calling
* {@link Filter.Chain#doFilter(HttpExchange)}</li></ol>
* <li>if option 1. above taken, then when doFilter() returns all subsequent
* filters in the Chain have been called, and the response headers can be
* examined or modified.</li>
* <li>if option 2. above taken, then this Filter must use the HttpExchange
* to send back an appropriate response</li></ul><p>
* @param exchange the <code>HttpExchange</code> to be filtered.
* @param chain the Chain which allows the next filter to be invoked.
* @throws IOException may be thrown by any filter module, and if
* caught, must be rethrown again.
* @throws NullPointerException if either exchange or chain are <code>null</code>
*/
public abstract void doFilter (HttpExchange exchange, Chain chain)
throws IOException;
/**
* returns a short description of this Filter
* @return a string describing the Filter
*/
public abstract String description ();
}

214
jdkSrc/jdk8/com/sun/net/httpserver/Headers.java Normal file
View File

@@ -0,0 +1,214 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.util.*;
/**
* HTTP request and response headers are represented by this class which implements
* the interface {@link java.util.Map}&lt;
* {@link java.lang.String},{@link java.util.List}&lt;{@link java.lang.String}&gt;&gt;.
* The keys are case-insensitive Strings representing the header names and
* the value associated with each key is a {@link List}&lt;{@link String}&gt; with one
* element for each occurrence of the header name in the request or response.
* <p>
* For example, if a response header instance contains one key "HeaderName" with two values "value1 and value2"
* then this object is output as two header lines:
* <blockquote><pre>
* HeaderName: value1
* HeaderName: value2
* </blockquote></pre>
* <p>
* All the normal {@link java.util.Map} methods are provided, but the following
* additional convenience methods are most likely to be used:
* <ul>
* <li>{@link #getFirst(String)} returns a single valued header or the first value of
* a multi-valued header.</li>
* <li>{@link #add(String,String)} adds the given header value to the list for the given key</li>
* <li>{@link #set(String,String)} sets the given header field to the single value given
* overwriting any existing values in the value list.
* </ul><p>
* All methods in this class accept <code>null</code> values for keys and values. However, null
* keys will never will be present in HTTP request headers, and will not be output/sent in response headers.
* Null values can be represented as either a null entry for the key (i.e. the list is null) or
* where the key has a list, but one (or more) of the list's values is null. Null values are output
* as a header line containing the key but no associated value.
* @since 1.6
*/
@jdk.Exported
public class Headers implements Map<String,List<String>> {
HashMap<String,List<String>> map;
public Headers () {map = new HashMap<String,List<String>>(32);}
/* Normalize the key by converting to following form.
* First char upper case, rest lower case.
* key is presumed to be ASCII
*/
private String normalize (String key) {
if (key == null) {
return null;
}
int len = key.length();
if (len == 0) {
return key;
}
char[] b = key.toCharArray();
if (b[0] >= 'a' && b[0] <= 'z') {
b[0] = (char)(b[0] - ('a' - 'A'));
} else if (b[0] == '\r' || b[0] == '\n')
throw new IllegalArgumentException("illegal character in key");
for (int i=1; i<len; i++) {
if (b[i] >= 'A' && b[i] <= 'Z') {
b[i] = (char) (b[i] + ('a' - 'A'));
} else if (b[i] == '\r' || b[i] == '\n')
throw new IllegalArgumentException("illegal character in key");
}
return new String(b);
}
public int size() {return map.size();}
public boolean isEmpty() {return map.isEmpty();}
public boolean containsKey(Object key) {
if (key == null) {
return false;
}
if (!(key instanceof String)) {
return false;
}
return map.containsKey (normalize((String)key));
}
public boolean containsValue(Object value) {
return map.containsValue(value);
}
public List<String> get(Object key) {
return map.get(normalize((String)key));
}
/**
* returns the first value from the List of String values
* for the given key (if at least one exists).
* @param key the key to search for
* @return the first string value associated with the key
*/
public String getFirst (String key) {
List<String> l = map.get(normalize(key));
if (l == null) {
return null;
}
return l.get(0);
}
public List<String> put(String key, List<String> value) {
for (String v : value)
checkValue(v);
return map.put (normalize(key), value);
}
/**
* adds the given value to the list of headers
* for the given key. If the mapping does not
* already exist, then it is created
* @param key the header name
* @param value the header value to add to the header
*/
public void add (String key, String value) {
checkValue(value);
String k = normalize(key);
List<String> l = map.get(k);
if (l == null) {
l = new LinkedList<String>();
map.put(k,l);
}
l.add (value);
}
private static void checkValue(String value) {
int len = value.length();
for (int i=0; i<len; i++) {
char c = value.charAt(i);
if (c == '\r') {
// is allowed if it is followed by \n and a whitespace char
if (i >= len - 2) {
throw new IllegalArgumentException("Illegal CR found in header");
}
char c1 = value.charAt(i+1);
char c2 = value.charAt(i+2);
if (c1 != '\n') {
throw new IllegalArgumentException("Illegal char found after CR in header");
}
if (c2 != ' ' && c2 != '\t') {
throw new IllegalArgumentException("No whitespace found after CRLF in header");
}
i+=2;
} else if (c == '\n') {
throw new IllegalArgumentException("Illegal LF found in header");
}
}
}
/**
* sets the given value as the sole header value
* for the given key. If the mapping does not
* already exist, then it is created
* @param key the header name
* @param value the header value to set.
*/
public void set (String key, String value) {
LinkedList<String> l = new LinkedList<String>();
l.add (value);
put (key, l);
}
public List<String> remove(Object key) {
return map.remove(normalize((String)key));
}
public void putAll(Map<? extends String,? extends List<String>> t) {
map.putAll (t);
}
public void clear() {map.clear();}
public Set<String> keySet() {return map.keySet();}
public Collection<List<String>> values() {return map.values();}
public Set<Map.Entry<String, List<String>>> entrySet() {
return map.entrySet();
}
public boolean equals(Object o) {return map.equals(o);}
public int hashCode() {return map.hashCode();}
}

113
jdkSrc/jdk8/com/sun/net/httpserver/HttpContext.java Normal file
View File

@@ -0,0 +1,113 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.util.*;
/**
* HttpContext represents a mapping between the root URI path of an application
* to a {@link HttpHandler} which is invoked to handle requests destined
* for that path on the associated HttpServer or HttpsServer.
* <p>
* HttpContext instances are created by the create methods in HttpServer
* and HttpsServer
* <p>
* A chain of {@link Filter} objects can be added to a HttpContext. All exchanges processed by the
* context can be pre- and post-processed by each Filter in the chain.
* @since 1.6
*/
@jdk.Exported
public abstract class HttpContext {
protected HttpContext () {
}
/**
* returns the handler for this context
* @return the HttpHandler for this context
*/
public abstract HttpHandler getHandler () ;
/**
* Sets the handler for this context, if not already set.
* @param h the handler to set for this context
* @throws IllegalArgumentException if this context's handler is already set.
* @throws NullPointerException if handler is <code>null</code>
*/
public abstract void setHandler (HttpHandler h) ;
/**
* returns the path this context was created with
* @return this context's path
*/
public abstract String getPath() ;
/**
* returns the server this context was created with
* @return this context's server
*/
public abstract HttpServer getServer () ;
/**
* returns a mutable Map, which can be used to pass
* configuration and other data to Filter modules
* and to the context's exchange handler.
* <p>
* Every attribute stored in this Map will be visible to
* every HttpExchange processed by this context
*/
public abstract Map<String,Object> getAttributes() ;
/**
* returns this context's list of Filters. This is the
* actual list used by the server when dispatching requests
* so modifications to this list immediately affect the
* the handling of exchanges.
*/
public abstract List<Filter> getFilters();
/**
* Sets the Authenticator for this HttpContext. Once an authenticator
* is establised on a context, all client requests must be
* authenticated, and the given object will be invoked to validate each
* request. Each call to this method replaces any previous value set.
* @param auth the authenticator to set. If <code>null</code> then any
* previously set authenticator is removed,
* and client authentication will no longer be required.
* @return the previous Authenticator, if any set, or <code>null</code>
* otherwise.
*/
public abstract Authenticator setAuthenticator (Authenticator auth);
/**
* Returns the currently set Authenticator for this context
* if one exists.
* @return this HttpContext's Authenticator, or <code>null</code>
* if none is set.
*/
public abstract Authenticator getAuthenticator ();
}

266
jdkSrc/jdk8/com/sun/net/httpserver/HttpExchange.java Normal file
View File

@@ -0,0 +1,266 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.io.*;
import java.nio.*;
import java.nio.channels.*;
import java.net.*;
import javax.net.ssl.*;
import java.util.*;
import sun.net.www.MessageHeader;
/**
* This class encapsulates a HTTP request received and a
* response to be generated in one exchange. It provides methods
* for examining the request from the client, and for building and
* sending the response.
* <p>
* The typical life-cycle of a HttpExchange is shown in the sequence
* below.
* <ol><li>{@link #getRequestMethod()} to determine the command
* <li>{@link #getRequestHeaders()} to examine the request headers (if needed)
* <li>{@link #getRequestBody()} returns a {@link java.io.InputStream} for reading the request body.
* After reading the request body, the stream is close.
* <li>{@link #getResponseHeaders()} to set any response headers, except content-length
* <li>{@link #sendResponseHeaders(int,long)} to send the response headers. Must be called before
* next step.
* <li>{@link #getResponseBody()} to get a {@link java.io.OutputStream} to send the response body.
* When the response body has been written, the stream must be closed to terminate the exchange.
* </ol>
* <b>Terminating exchanges</b>
* <br>
* Exchanges are terminated when both the request InputStream and response OutputStream are closed.
* Closing the OutputStream, implicitly closes the InputStream (if it is not already closed).
* However, it is recommended
* to consume all the data from the InputStream before closing it.
* The convenience method {@link #close()} does all of these tasks.
* Closing an exchange without consuming all of the request body is not an error
* but may make the underlying TCP connection unusable for following exchanges.
* The effect of failing to terminate an exchange is undefined, but will typically
* result in resources failing to be freed/reused.
* @since 1.6
*/
@jdk.Exported
public abstract class HttpExchange {
protected HttpExchange () {
}
/**
* Returns an immutable Map containing the HTTP headers that were
* included with this request. The keys in this Map will be the header
* names, while the values will be a List of Strings containing each value
* that was included (either for a header that was listed several times,
* or one that accepts a comma-delimited list of values on a single line).
* In either of these cases, the values for the header name will be
* presented in the order that they were included in the request.
* <p>
* The keys in Map are case-insensitive.
* @return a read-only Map which can be used to access request headers
*/
public abstract Headers getRequestHeaders () ;
/**
* Returns a mutable Map into which the HTTP response headers can be stored
* and which will be transmitted as part of this response. The keys in the
* Map will be the header names, while the values must be a List of Strings
* containing each value that should be included multiple times
* (in the order that they should be included).
* <p>
* The keys in Map are case-insensitive.
* @return a writable Map which can be used to set response headers.
*/
public abstract Headers getResponseHeaders () ;
/**
* Get the request URI
*
* @return the request URI
*/
public abstract URI getRequestURI () ;
/**
* Get the request method
* @return the request method
*/
public abstract String getRequestMethod ();
/**
* Get the HttpContext for this exchange
* @return the HttpContext
*/
public abstract HttpContext getHttpContext ();
/**
* Ends this exchange by doing the following in sequence:<p><ol>
* <li>close the request InputStream, if not already closed<p></li>
* <li>close the response OutputStream, if not already closed. </li>
* </ol>
*/
public abstract void close () ;
/**
* returns a stream from which the request body can be read.
* Multiple calls to this method will return the same stream.
* It is recommended that applications should consume (read) all of the
* data from this stream before closing it. If a stream is closed
* before all data has been read, then the close() call will
* read and discard remaining data (up to an implementation specific
* number of bytes).
* @return the stream from which the request body can be read.
*/
public abstract InputStream getRequestBody () ;
/**
* returns a stream to which the response body must be
* written. {@link #sendResponseHeaders(int,long)}) must be called prior to calling
* this method. Multiple calls to this method (for the same exchange)
* will return the same stream. In order to correctly terminate
* each exchange, the output stream must be closed, even if no
* response body is being sent.
* <p>
* Closing this stream implicitly
* closes the InputStream returned from {@link #getRequestBody()}
* (if it is not already closed).
* <P>
* If the call to sendResponseHeaders() specified a fixed response
* body length, then the exact number of bytes specified in that
* call must be written to this stream. If too many bytes are written,
* then write() will throw an IOException. If too few bytes are written
* then the stream close() will throw an IOException. In both cases,
* the exchange is aborted and the underlying TCP connection closed.
* @return the stream to which the response body is written
*/
public abstract OutputStream getResponseBody () ;
/**
* Starts sending the response back to the client using the current set of response headers
* and the numeric response code as specified in this method. The response body length is also specified
* as follows. If the response length parameter is greater than zero, this specifies an exact
* number of bytes to send and the application must send that exact amount of data.
* If the response length parameter is <code>zero</code>, then chunked transfer encoding is
* used and an arbitrary amount of data may be sent. The application terminates the
* response body by closing the OutputStream. If response length has the value <code>-1</code>
* then no response body is being sent.
* <p>
* If the content-length response header has not already been set then
* this is set to the appropriate value depending on the response length parameter.
* <p>
* This method must be called prior to calling {@link #getResponseBody()}.
* @param rCode the response code to send
* @param responseLength if > 0, specifies a fixed response body length
* and that exact number of bytes must be written
* to the stream acquired from getResponseBody(), or else
* if equal to 0, then chunked encoding is used,
* and an arbitrary number of bytes may be written.
* if <= -1, then no response body length is specified and
* no response body may be written.
* @see HttpExchange#getResponseBody()
*/
public abstract void sendResponseHeaders (int rCode, long responseLength) throws IOException ;
/**
* Returns the address of the remote entity invoking this request
* @return the InetSocketAddress of the caller
*/
public abstract InetSocketAddress getRemoteAddress ();
/**
* Returns the response code, if it has already been set
* @return the response code, if available. <code>-1</code> if not available yet.
*/
public abstract int getResponseCode ();
/**
* Returns the local address on which the request was received
* @return the InetSocketAddress of the local interface
*/
public abstract InetSocketAddress getLocalAddress ();
/**
* Returns the protocol string from the request in the form
* <i>protocol/majorVersion.minorVersion</i>. For example,
* "HTTP/1.1"
* @return the protocol string from the request
*/
public abstract String getProtocol ();
/**
* Filter modules may store arbitrary objects with HttpExchange
* instances as an out-of-band communication mechanism. Other Filters
* or the exchange handler may then access these objects.
* <p>
* Each Filter class will document the attributes which they make
* available.
* @param name the name of the attribute to retrieve
* @return the attribute object, or null if it does not exist
* @throws NullPointerException if name is <code>null</code>
*/
public abstract Object getAttribute (String name) ;
/**
* Filter modules may store arbitrary objects with HttpExchange
* instances as an out-of-band communication mechanism. Other Filters
* or the exchange handler may then access these objects.
* <p>
* Each Filter class will document the attributes which they make
* available.
* @param name the name to associate with the attribute value
* @param value the object to store as the attribute value. <code>null</code>
* value is permitted.
* @throws NullPointerException if name is <code>null</code>
*/
public abstract void setAttribute (String name, Object value) ;
/**
* Used by Filters to wrap either (or both) of this exchange's InputStream
* and OutputStream, with the given filtered streams so
* that subsequent calls to {@link #getRequestBody()} will
* return the given {@link java.io.InputStream}, and calls to
* {@link #getResponseBody()} will return the given
* {@link java.io.OutputStream}. The streams provided to this
* call must wrap the original streams, and may be (but are not
* required to be) sub-classes of {@link java.io.FilterInputStream}
* and {@link java.io.FilterOutputStream}.
* @param i the filtered input stream to set as this object's inputstream,
* or <code>null</code> if no change.
* @param o the filtered output stream to set as this object's outputstream,
* or <code>null</code> if no change.
*/
public abstract void setStreams (InputStream i, OutputStream o);
/**
* If an authenticator is set on the HttpContext that owns this exchange,
* then this method will return the {@link HttpPrincipal} that represents
* the authenticated user for this HttpExchange.
* @return the HttpPrincipal, or <code>null</code> if no authenticator is set.
*/
public abstract HttpPrincipal getPrincipal ();
}

46
jdkSrc/jdk8/com/sun/net/httpserver/HttpHandler.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.io.IOException;
/**
* A handler which is invoked to process HTTP exchanges. Each
* HTTP exchange is handled by one of these handlers.
* @since 1.6
*/
@jdk.Exported
public interface HttpHandler {
/**
* Handle the given request and generate an appropriate response.
* See {@link HttpExchange} for a description of the steps
* involved in handling an exchange.
* @param exchange the exchange containing the request from the
* client and used to send the response
* @throws NullPointerException if exchange is <code>null</code>
*/
public abstract void handle (HttpExchange exchange) throws IOException;
}

105
jdkSrc/jdk8/com/sun/net/httpserver/HttpPrincipal.java Normal file
View File

@@ -0,0 +1,105 @@
/*
* Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.util.*;
import java.security.Principal;
/**
* Represents a user authenticated by HTTP Basic or Digest
* authentication.
*/
@jdk.Exported
public class HttpPrincipal implements Principal {
private String username, realm;
/**
* creates a HttpPrincipal from the given username and realm
* @param username The name of the user within the realm
* @param realm The realm.
* @throws NullPointerException if either username or realm are null
*/
public HttpPrincipal (String username, String realm) {
if (username == null || realm == null) {
throw new NullPointerException();
}
this.username = username;
this.realm = realm;
}
/**
* Compares two HttpPrincipal. Returns <code>true</code>
* if <i>another</i> is an instance of HttpPrincipal, and its
* username and realm are equal to this object's username
* and realm. Returns <code>false</code> otherwise.
*/
public boolean equals (Object another) {
if (!(another instanceof HttpPrincipal)) {
return false;
}
HttpPrincipal theother = (HttpPrincipal)another;
return (username.equals(theother.username) &&
realm.equals(theother.realm));
}
/**
* returns the contents of this principal in the form
* <i>realm:username</i>
*/
public String getName() {
return username;
}
/**
* returns the username this object was created with.
*/
public String getUsername() {
return username;
}
/**
* returns the realm this object was created with.
*/
public String getRealm() {
return realm;
}
/**
* returns a hashcode for this HttpPrincipal. This is calculated
* as <code>(getUsername()+getRealm().hashCode()</code>
*/
public int hashCode() {
return (username+realm).hashCode();
}
/**
* returns the same string as getName()
*/
public String toString() {
return getName();
}
}

255
jdkSrc/jdk8/com/sun/net/httpserver/HttpServer.java Normal file
View File

@@ -0,0 +1,255 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.nio.*;
import java.security.*;
import java.nio.channels.*;
import java.util.*;
import java.util.concurrent.*;
import javax.net.ssl.*;
import com.sun.net.httpserver.spi.HttpServerProvider;
/**
* This class implements a simple HTTP server. A HttpServer is bound to an IP address
* and port number and listens for incoming TCP connections from clients on this address.
* The sub-class {@link HttpsServer} implements a server which handles HTTPS requests.
* <p>
* One or more {@link HttpHandler} objects must be associated with a server
* in order to process requests. Each such HttpHandler is registered
* with a root URI path which represents the
* location of the application or service on this server. The mapping of a handler
* to a HttpServer is encapsulated by a {@link HttpContext} object. HttpContexts
* are created by calling {@link #createContext(String,HttpHandler)}.
* Any request for which no handler can be found is rejected with a 404 response.
* Management of threads can be done external to this object by providing a
* {@link java.util.concurrent.Executor} object. If none is provided a default
* implementation is used.
* <p>
* <a name="mapping_description"></a>
* <b>Mapping request URIs to HttpContext paths</b><p>
* When a HTTP request is received,
* the appropriate HttpContext (and handler) is located by finding the context
* whose path is the longest matching prefix of the request URI's path.
* Paths are matched literally, which means that the strings are compared
* case sensitively, and with no conversion to or from any encoded forms.
* For example. Given a HttpServer with the following HttpContexts configured.<p>
* <table >
* <tr><td><i>Context</i></td><td><i>Context path</i></td></tr>
* <tr><td>ctx1</td><td>"/"</td></tr>
* <tr><td>ctx2</td><td>"/apps/"</td></tr>
* <tr><td>ctx3</td><td>"/apps/foo/"</td></tr>
* </table>
* <p>
* the following table shows some request URIs and which, if any context they would
* match with.<p>
* <table>
* <tr><td><i>Request URI</i></td><td><i>Matches context</i></td></tr>
* <tr><td>"http://foo.com/apps/foo/bar"</td><td>ctx3</td></tr>
* <tr><td>"http://foo.com/apps/Foo/bar"</td><td>no match, wrong case</td></tr>
* <tr><td>"http://foo.com/apps/app1"</td><td>ctx2</td></tr>
* <tr><td>"http://foo.com/foo"</td><td>ctx1</td></tr>
* </table>
* <p>
* <b>Note about socket backlogs</b><p>
* When binding to an address and port number, the application can also specify an integer
* <i>backlog</i> parameter. This represents the maximum number of incoming TCP connections
* which the system will queue internally. Connections are queued while they are waiting to
* be accepted by the HttpServer. When the limit is reached, further connections may be
* rejected (or possibly ignored) by the underlying TCP implementation. Setting the right
* backlog value is a compromise between efficient resource usage in the TCP layer (not setting
* it too high) and allowing adequate throughput of incoming requests (not setting it too low).
* @since 1.6
*/
@jdk.Exported
public abstract class HttpServer {
/**
*/
protected HttpServer () {
}
/**
* creates a HttpServer instance which is initially not bound to any local address/port.
* The HttpServer is acquired from the currently installed {@link HttpServerProvider}
* The server must be bound using {@link #bind(InetSocketAddress,int)} before it can be used.
* @throws IOException
*/
public static HttpServer create () throws IOException {
return create (null, 0);
}
/**
* Create a <code>HttpServer</code> instance which will bind to the
* specified {@link java.net.InetSocketAddress} (IP address and port number)
*
* A maximum backlog can also be specified. This is the maximum number of
* queued incoming connections to allow on the listening socket.
* Queued TCP connections exceeding this limit may be rejected by the TCP implementation.
* The HttpServer is acquired from the currently installed {@link HttpServerProvider}
*
* @param addr the address to listen on, if <code>null</code> then bind() must be called
* to set the address
* @param backlog the socket backlog. If this value is less than or equal to zero,
* then a system default value is used.
* @throws BindException if the server cannot bind to the requested address,
* or if the server is already bound.
* @throws IOException
*/
public static HttpServer create (
InetSocketAddress addr, int backlog
) throws IOException {
HttpServerProvider provider = HttpServerProvider.provider();
return provider.createHttpServer (addr, backlog);
}
/**
* Binds a currently unbound HttpServer to the given address and port number.
* A maximum backlog can also be specified. This is the maximum number of
* queued incoming connections to allow on the listening socket.
* Queued TCP connections exceeding this limit may be rejected by the TCP implementation.
* @param addr the address to listen on
* @param backlog the socket backlog. If this value is less than or equal to zero,
* then a system default value is used.
* @throws BindException if the server cannot bind to the requested address or if the server
* is already bound.
* @throws NullPointerException if addr is <code>null</code>
*/
public abstract void bind (InetSocketAddress addr, int backlog) throws IOException;
/**
* Starts this server in a new background thread. The background thread
* inherits the priority, thread group and context class loader
* of the caller.
*/
public abstract void start () ;
/**
* sets this server's {@link java.util.concurrent.Executor} object. An
* Executor must be established before {@link #start()} is called.
* All HTTP requests are handled in tasks given to the executor.
* If this method is not called (before start()) or if it is
* called with a <code>null</code> Executor, then
* a default implementation is used, which uses the thread
* which was created by the {@link #start()} method.
* @param executor the Executor to set, or <code>null</code> for default
* implementation
* @throws IllegalStateException if the server is already started
*/
public abstract void setExecutor (Executor executor);
/**
* returns this server's Executor object if one was specified with
* {@link #setExecutor(Executor)}, or <code>null</code> if none was
* specified.
* @return the Executor established for this server or <code>null</code> if not set.
*/
public abstract Executor getExecutor () ;
/**
* stops this server by closing the listening socket and disallowing
* any new exchanges from being processed. The method will then block
* until all current exchange handlers have completed or else when
* approximately <i>delay</i> seconds have elapsed (whichever happens
* sooner). Then, all open TCP connections are closed, the background
* thread created by start() exits, and the method returns.
* Once stopped, a HttpServer cannot be re-used. <p>
*
* @param delay the maximum time in seconds to wait until exchanges have finished.
* @throws IllegalArgumentException if delay is less than zero.
*/
public abstract void stop (int delay);
/**
* Creates a HttpContext. A HttpContext represents a mapping from a
* URI path to a exchange handler on this HttpServer. Once created, all requests
* received by the server for the path will be handled by calling
* the given handler object. The context is identified by the path, and
* can later be removed from the server using this with the {@link #removeContext(String)} method.
* <p>
* The path specifies the root URI path for this context. The first character of path must be
* '/'. <p>
* The class overview describes how incoming request URIs are <a href="#mapping_description">mapped</a>
* to HttpContext instances.
* @param path the root URI path to associate the context with
* @param handler the handler to invoke for incoming requests.
* @throws IllegalArgumentException if path is invalid, or if a context
* already exists for this path
* @throws NullPointerException if either path, or handler are <code>null</code>
*/
public abstract HttpContext createContext (String path, HttpHandler handler) ;
/**
* Creates a HttpContext without initially specifying a handler. The handler must later be specified using
* {@link HttpContext#setHandler(HttpHandler)}. A HttpContext represents a mapping from a
* URI path to an exchange handler on this HttpServer. Once created, and when
* the handler has been set, all requests
* received by the server for the path will be handled by calling
* the handler object. The context is identified by the path, and
* can later be removed from the server using this with the {@link #removeContext(String)} method.
* <p>
* The path specifies the root URI path for this context. The first character of path must be
* '/'. <p>
* The class overview describes how incoming request URIs are <a href="#mapping_description">mapped</a>
* to HttpContext instances.
* @param path the root URI path to associate the context with
* @throws IllegalArgumentException if path is invalid, or if a context
* already exists for this path
* @throws NullPointerException if path is <code>null</code>
*/
public abstract HttpContext createContext (String path) ;
/**
* Removes the context identified by the given path from the server.
* Removing a context does not affect exchanges currently being processed
* but prevents new ones from being accepted.
* @param path the path of the handler to remove
* @throws IllegalArgumentException if no handler corresponding to this
* path exists.
* @throws NullPointerException if path is <code>null</code>
*/
public abstract void removeContext (String path) throws IllegalArgumentException ;
/**
* Removes the given context from the server.
* Removing a context does not affect exchanges currently being processed
* but prevents new ones from being accepted.
* @param context the context to remove
* @throws NullPointerException if context is <code>null</code>
*/
public abstract void removeContext (HttpContext context) ;
/**
* returns the address this server is listening on
* @return the address/port number the server is listening on
*/
public abstract InetSocketAddress getAddress() ;
}

117
jdkSrc/jdk8/com/sun/net/httpserver/HttpsConfigurator.java Normal file
View File

@@ -0,0 +1,117 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.nio.*;
import java.security.*;
import java.nio.channels.*;
import java.util.*;
import java.util.concurrent.*;
import javax.net.ssl.*;
/**
* This class is used to configure the https parameters for each incoming
* https connection on a HttpsServer. Applications need to override
* the {@link #configure(HttpsParameters)} method in order to change
* the default configuration.
* <p>
* The following <a name="example">example</a> shows how this may be done:
* <p>
* <pre><blockquote>
* SSLContext sslContext = SSLContext.getInstance (....);
* HttpsServer server = HttpsServer.create();
*
* server.setHttpsConfigurator (new HttpsConfigurator(sslContext) {
* public void configure (HttpsParameters params) {
*
* // get the remote address if needed
* InetSocketAddress remote = params.getClientAddress();
*
* SSLContext c = getSSLContext();
*
* // get the default parameters
* SSLParameters sslparams = c.getDefaultSSLParameters();
* if (remote.equals (...) ) {
* // modify the default set for client x
* }
*
* params.setSSLParameters(sslparams);
* }
* });
* </blockquote></pre>
* @since 1.6
*/
@jdk.Exported
public class HttpsConfigurator {
private SSLContext context;
/**
* Creates an Https configuration, with the given SSLContext.
* @param context the SSLContext to use for this configurator
* @throws NullPointerException if no SSLContext supplied
*/
public HttpsConfigurator (SSLContext context) {
if (context == null) {
throw new NullPointerException ("null SSLContext");
}
this.context = context;
}
/**
* Returns the SSLContext for this HttpsConfigurator.
* @return the SSLContext
*/
public SSLContext getSSLContext() {
return context;
}
//BEGIN_TIGER_EXCLUDE
/**
* Called by the HttpsServer to configure the parameters
* for a https connection currently being established.
* The implementation of configure() must call
* {@link HttpsParameters#setSSLParameters(SSLParameters)}
* in order to set the SSL parameters for the connection.
* <p>
* The default implementation of this method uses the
* SSLParameters returned from <p>
* <code>getSSLContext().getDefaultSSLParameters()</code>
* <p>
* configure() may be overridden in order to modify this behavior.
* See, the example <a href="#example">above</a>.
* @param params the HttpsParameters to be configured.
*
* @since 1.6
*/
public void configure (HttpsParameters params) {
params.setSSLParameters (getSSLContext().getDefaultSSLParameters());
}
//END_TIGER_EXCLUDE
}

53
jdkSrc/jdk8/com/sun/net/httpserver/HttpsExchange.java Normal file
View File

@@ -0,0 +1,53 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.io.*;
import java.nio.*;
import java.nio.channels.*;
import java.net.*;
import javax.net.ssl.*;
import java.util.*;
/**
* This class encapsulates a HTTPS request received and a
* response to be generated in one exchange and defines
* the extensions to HttpExchange that are specific to the HTTPS protocol.
* @since 1.6
*/
@jdk.Exported
public abstract class HttpsExchange extends HttpExchange {
protected HttpsExchange () {
}
/**
* Get the SSLSession for this exchange.
* @return the SSLSession
*/
public abstract SSLSession getSSLSession ();
}

165
jdkSrc/jdk8/com/sun/net/httpserver/HttpsParameters.java Normal file
View File

@@ -0,0 +1,165 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.InetSocketAddress;
//BEGIN_TIGER_EXCLUDE
import javax.net.ssl.SSLParameters;
//END_TIGER_EXCLUDE
/**
* Represents the set of parameters for each https
* connection negotiated with clients. One of these
* is created and passed to
* {@link HttpsConfigurator#configure(HttpsParameters)}
* for every incoming https connection,
* in order to determine the parameters to use.
* <p>
* The underlying SSL parameters may be established either
* via the set/get methods of this class, or else via
* a {@link javax.net.ssl.SSLParameters} object. SSLParameters
* is the preferred method, because in the future,
* additional configuration capabilities may be added to that class, and
* it is easier to determine the set of supported parameters and their
* default values with SSLParameters. Also, if an SSLParameters object is
* provided via
* {@link #setSSLParameters(SSLParameters)} then those parameter settings
* are used, and any settings made in this object are ignored.
* @since 1.6
*/
@jdk.Exported
public abstract class HttpsParameters {
private String[] cipherSuites;
private String[] protocols;
private boolean wantClientAuth;
private boolean needClientAuth;
protected HttpsParameters() {}
/**
* Returns the HttpsConfigurator for this HttpsParameters.
*/
public abstract HttpsConfigurator getHttpsConfigurator();
/**
* Returns the address of the remote client initiating the
* connection.
*/
public abstract InetSocketAddress getClientAddress();
//BEGIN_TIGER_EXCLUDE
/**
* Sets the SSLParameters to use for this HttpsParameters.
* The parameters must be supported by the SSLContext contained
* by the HttpsConfigurator associated with this HttpsParameters.
* If no parameters are set, then the default behavior is to use
* the default parameters from the associated SSLContext.
* @param params the SSLParameters to set. If <code>null</code>
* then the existing parameters (if any) remain unchanged.
* @throws IllegalArgumentException if any of the parameters are
* invalid or unsupported.
*/
public abstract void setSSLParameters (SSLParameters params);
//END_TIGER_EXCLUDE
/**
* Returns a copy of the array of ciphersuites or null if none
* have been set.
*
* @return a copy of the array of ciphersuites or null if none
* have been set.
*/
public String[] getCipherSuites() {
return cipherSuites != null ? cipherSuites.clone() : null;
}
/**
* Sets the array of ciphersuites.
*
* @param cipherSuites the array of ciphersuites (or null)
*/
public void setCipherSuites(String[] cipherSuites) {
this.cipherSuites = cipherSuites != null ? cipherSuites.clone() : null;
}
/**
* Returns a copy of the array of protocols or null if none
* have been set.
*
* @return a copy of the array of protocols or null if none
* have been set.
*/
public String[] getProtocols() {
return protocols != null ? protocols.clone() : null;
}
/**
* Sets the array of protocols.
*
* @param protocols the array of protocols (or null)
*/
public void setProtocols(String[] protocols) {
this.protocols = protocols != null ? protocols.clone() : null;
}
/**
* Returns whether client authentication should be requested.
*
* @return whether client authentication should be requested.
*/
public boolean getWantClientAuth() {
return wantClientAuth;
}
/**
* Sets whether client authentication should be requested. Calling
* this method clears the <code>needClientAuth</code> flag.
*
* @param wantClientAuth whether client authentication should be requested
*/
public void setWantClientAuth(boolean wantClientAuth) {
this.wantClientAuth = wantClientAuth;
}
/**
* Returns whether client authentication should be required.
*
* @return whether client authentication should be required.
*/
public boolean getNeedClientAuth() {
return needClientAuth;
}
/**
* Sets whether client authentication should be required. Calling
* this method clears the <code>wantClientAuth</code> flag.
*
* @param needClientAuth whether client authentication should be required
*/
public void setNeedClientAuth(boolean needClientAuth) {
this.needClientAuth = needClientAuth;
}
}

105
jdkSrc/jdk8/com/sun/net/httpserver/HttpsServer.java Normal file
View File

@@ -0,0 +1,105 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver;
import java.net.*;
import java.io.*;
import java.nio.*;
import java.security.*;
import java.nio.channels.*;
import java.util.*;
import java.util.concurrent.*;
import javax.net.ssl.*;
import com.sun.net.httpserver.spi.*;
/**
* This class is an extension of {@link HttpServer} which provides
* support for HTTPS. <p>
* A HttpsServer must have an associated {@link HttpsConfigurator} object
* which is used to establish the SSL configuration for the SSL connections.
* <p>
* All other configuration is the same as for HttpServer.
* @since 1.6
*/
@jdk.Exported
public abstract class HttpsServer extends HttpServer {
/**
*/
protected HttpsServer () {
}
/**
* creates a HttpsServer instance which is initially not bound to any local address/port.
* The HttpsServer is acquired from the currently installed {@link HttpServerProvider}
* The server must be bound using {@link #bind(InetSocketAddress,int)} before it can be used.
* The server must also have a HttpsConfigurator established with {@link #setHttpsConfigurator(HttpsConfigurator)}
* @throws IOException
*/
public static HttpsServer create () throws IOException {
return create (null, 0);
}
/**
* Create a <code>HttpsServer</code> instance which will bind to the
* specified {@link java.net.InetSocketAddress} (IP address and port number)
*
* A maximum backlog can also be specified. This is the maximum number of
* queued incoming connections to allow on the listening socket.
* Queued TCP connections exceeding this limit may be rejected by the TCP implementation.
* The HttpsServer is acquired from the currently installed {@link HttpServerProvider}
* The server must have a HttpsConfigurator established with {@link #setHttpsConfigurator(HttpsConfigurator)}
*
* @param addr the address to listen on, if <code>null</code> then bind() must be called
* to set the address
* @param backlog the socket backlog. If this value is less than or equal to zero,
* then a system default value is used.
* @throws BindException if the server cannot bind to the requested address,
* or if the server is already bound.
* @throws IOException
*/
public static HttpsServer create (
InetSocketAddress addr, int backlog
) throws IOException {
HttpServerProvider provider = HttpServerProvider.provider();
return provider.createHttpsServer (addr, backlog);
}
/**
* Sets this server's {@link HttpsConfigurator} object.
* @param config the HttpsConfigurator to set
* @throws NullPointerException if config is null.
*/
public abstract void setHttpsConfigurator (HttpsConfigurator config) ;
/**
* Gets this server's {@link HttpsConfigurator} object, if it has been set.
* @return the HttpsConfigurator for this server, or <code>null</code> if not set.
*/
public abstract HttpsConfigurator getHttpsConfigurator ();
}

127
jdkSrc/jdk8/com/sun/net/httpserver/package-info.java Normal file
View File

@@ -0,0 +1,127 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
Provides a simple high-level Http server API, which can be used to build
embedded HTTP servers. Both "http" and "https" are supported. The API provides
a partial implementation of RFC <a href="http://www.ietf.org/rfc/rfc2616.txt">2616</a> (HTTP 1.1)
and RFC <a href="http://www.ietf.org/rfc/rfc2818.txt">2818</a> (HTTP over TLS).
Any HTTP functionality not provided by this API can be implemented by application code
using the API.
<p>
Programmers must implement the {@link com.sun.net.httpserver.HttpHandler} interface. This interface
provides a callback which is invoked to handle incoming requests from clients.
A HTTP request and its response is known as an exchange. HTTP exchanges are
represented by the {@link com.sun.net.httpserver.HttpExchange} class.
The {@link com.sun.net.httpserver.HttpServer} class is used to listen for incoming TCP connections
and it dispatches requests on these connections to handlers which have been
registered with the server.
<p>
A minimal Http server example is shown below:
<blockquote><pre>
class MyHandler implements HttpHandler {
public void handle(HttpExchange t) throws IOException {
InputStream is = t.getRequestBody();
read(is); // .. read the request body
String response = "This is the response";
t.sendResponseHeaders(200, response.length());
OutputStream os = t.getResponseBody();
os.write(response.getBytes());
os.close();
}
}
...
HttpServer server = HttpServer.create(new InetSocketAddress(8000));
server.createContext("/applications/myapp", new MyHandler());
server.setExecutor(null); // creates a default executor
server.start();
</blockquote></pre>
<p>The example above creates a simple HttpServer which uses the calling
application thread to invoke the handle() method for incoming http
requests directed to port 8000, and to the path /applications/myapp/.
<p>
The {@link com.sun.net.httpserver.HttpExchange} class encapsulates everything an application needs to
process incoming requests and to generate appropriate responses.
<p>
Registering a handler with a HttpServer creates a {@link com.sun.net.httpserver.HttpContext} object and
{@link com.sun.net.httpserver.Filter}
objects can be added to the returned context. Filters are used to perform automatic pre- and
post-processing of exchanges before they are passed to the exchange handler.
<p>
For sensitive information, a {@link com.sun.net.httpserver.HttpsServer} can
be used to process "https" requests secured by the SSL or TLS protocols.
A HttpsServer must be provided with a
{@link com.sun.net.httpserver.HttpsConfigurator} object, which contains an
initialized {@link javax.net.ssl.SSLContext}.
HttpsConfigurator can be used to configure the
cipher suites and other SSL operating parameters.
A simple example SSLContext could be created as follows:
<blockquote><pre>
char[] passphrase = "passphrase".toCharArray();
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream("testkeys"), passphrase);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
SSLContext ssl = SSLContext.getInstance("TLS");
ssl.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
</blockquote></pre>
<p>
In the example above, a keystore file called "testkeys", created with the keytool utility
is used as a certificate store for client and server certificates.
The following code shows how the SSLContext is then used in a HttpsConfigurator
and how the SSLContext and HttpsConfigurator are linked to the HttpsServer.
<blockquote><pre>
server.setHttpsConfigurator (new HttpsConfigurator(sslContext) {
public void configure (HttpsParameters params) {
// get the remote address if needed
InetSocketAddress remote = params.getClientAddress();
SSLContext c = getSSLContext();
// get the default parameters
SSLParameters sslparams = c.getDefaultSSLParameters();
if (remote.equals (...) ) {
// modify the default set for client x
}
params.setSSLParameters(sslparams);
// statement above could throw IAE if any params invalid.
// eg. if app has a UI and parameters supplied by a user.
}
});
</blockquote></pre>
<p>
@since 1.6
*/
@jdk.Exported
package com.sun.net.httpserver;

179
jdkSrc/jdk8/com/sun/net/httpserver/spi/HttpServerProvider.java Normal file
View File

@@ -0,0 +1,179 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.httpserver.spi;
import java.io.IOException;
import java.net.*;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.ServiceLoader;
import java.util.ServiceConfigurationError;
import com.sun.net.httpserver.*;
/**
* Service provider class for HttpServer.
* Sub-classes of HttpServerProvider provide an implementation of
* {@link HttpServer} and associated classes. Applications do not normally use
* this class. See {@link #provider()} for how providers are found and loaded.
*/
@jdk.Exported
public abstract class HttpServerProvider {
/**
* creates a HttpServer from this provider
*
* @param addr
* the address to bind to. May be {@code null}
*
* @param backlog
* the socket backlog. A value of {@code zero} means the systems default
*/
public abstract HttpServer createHttpServer(InetSocketAddress addr,
int backlog)
throws IOException;
/**
* creates a HttpsServer from this provider
*
* @param addr
* the address to bind to. May be {@code null}
*
* @param backlog
* the socket backlog. A value of {@code zero} means the systems default
*/
public abstract HttpsServer createHttpsServer(InetSocketAddress addr,
int backlog)
throws IOException;
private static final Object lock = new Object();
private static HttpServerProvider provider = null;
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("httpServerProvider")}
*/
protected HttpServerProvider() {
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("httpServerProvider"));
}
private static boolean loadProviderFromProperty() {
String cn = System.getProperty("com.sun.net.httpserver.HttpServerProvider");
if (cn == null)
return false;
try {
Class<?> c = Class.forName(cn, true,
ClassLoader.getSystemClassLoader());
provider = (HttpServerProvider)c.newInstance();
return true;
} catch (ClassNotFoundException |
IllegalAccessException |
InstantiationException |
SecurityException x) {
throw new ServiceConfigurationError(null, x);
}
}
private static boolean loadProviderAsService() {
Iterator<HttpServerProvider> i =
ServiceLoader.load(HttpServerProvider.class,
ClassLoader.getSystemClassLoader())
.iterator();
for (;;) {
try {
if (!i.hasNext())
return false;
provider = i.next();
return true;
} catch (ServiceConfigurationError sce) {
if (sce.getCause() instanceof SecurityException) {
// Ignore the security exception, try the next provider
continue;
}
throw sce;
}
}
}
/**
* Returns the system wide default HttpServerProvider for this invocation of
* the Java virtual machine.
*
* <p> The first invocation of this method locates the default provider
* object as follows: </p>
*
* <ol>
*
* <li><p> If the system property
* {@code com.sun.net.httpserver.HttpServerProvider} is defined then it
* is taken to be the fully-qualified name of a concrete provider class.
* The class is loaded and instantiated; if this process fails then an
* unspecified unchecked error or exception is thrown. </p></li>
*
* <li><p> If a provider class has been installed in a jar file that is
* visible to the system class loader, and that jar file contains a
* provider-configuration file named
* {@code com.sun.net.httpserver.HttpServerProvider} in the resource
* directory <tt>META-INF/services</tt>, then the first class name
* specified in that file is taken. The class is loaded and
* instantiated; if this process fails then an unspecified unchecked error
* or exception is thrown. </p></li>
*
* <li><p> Finally, if no provider has been specified by any of the above
* means then the system-default provider class is instantiated and the
* result is returned. </p></li>
*
* </ol>
*
* <p> Subsequent invocations of this method return the provider that was
* returned by the first invocation. </p>
*
* @return The system-wide default HttpServerProvider
*/
public static HttpServerProvider provider () {
synchronized (lock) {
if (provider != null)
return provider;
return (HttpServerProvider)AccessController
.doPrivileged(new PrivilegedAction<Object>() {
public Object run() {
if (loadProviderFromProperty())
return provider;
if (loadProviderAsService())
return provider;
provider = new sun.net.httpserver.DefaultHttpServerProvider();
return provider;
}
});
}
}
}

31
jdkSrc/jdk8/com/sun/net/httpserver/spi/package-info.java Normal file
View File

@@ -0,0 +1,31 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Provides a pluggable service provider interface, which allows the HTTP server
* implementation to be replaced with other implementations.
*/
@jdk.Exported
package com.sun.net.httpserver.spi;

54
jdkSrc/jdk8/com/sun/net/ssl/HostnameVerifier.java Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.HostnameVerifier
*/
package com.sun.net.ssl;
/**
* HostnameVerifier provides a callback mechanism so that
* implementers of this interface can supply a policy for
* handling the case where the host to connect to and
* the server name from the certificate mismatch.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.HostnameVerifier} and
* {@link javax.net.ssl.CertificateHostnameVerifier}.
*/
@Deprecated
public interface HostnameVerifier {
/**
* Verify that the hostname from the URL is an acceptable
* match with the value from the common name entry in the
* server certificate's distinguished name.
*
* @param urlHostname the host name of the URL
* @param certHostname the common name entry from the certificate
* @return true if the certificate host name is acceptable
*/
public boolean verify(String urlHostname, String certHostname);
}

198
jdkSrc/jdk8/com/sun/net/ssl/HttpsURLConnection.java Normal file
View File

@@ -0,0 +1,198 @@
/*
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.HttpsURLConnection
*/
package com.sun.net.ssl;
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.IOException;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;
/**
* HTTP URL connection with support for HTTPS-specific features. See
* <A HREF="http://www.w3.org/pub/WWW/Protocols/"> the spec </A> for
* details.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.HttpsURLConnection}.
*/
@Deprecated
abstract public
class HttpsURLConnection extends HttpURLConnection
{
/*
* Initialize an HTTPS URLConnection ... could check that the URL
* is an "https" URL, and that the handler is also an HTTPS one,
* but that's established by other code in this package.
* @param url the URL
*/
public HttpsURLConnection(URL url) throws IOException {
super(url);
}
/**
* Returns the cipher suite in use on this connection.
* @return the cipher suite
*/
public abstract String getCipherSuite();
/**
* Returns the server's X.509 certificate chain, or null if
* the server did not authenticate.
* @return the server certificate chain
*/
public abstract X509Certificate [] getServerCertificateChain();
/**
* HostnameVerifier provides a callback mechanism so that
* implementers of this interface can supply a policy for
* handling the case where the host to connect to and
* the server name from the certificate mismatch.
*
* The default implementation will deny such connections.
*/
private static HostnameVerifier defaultHostnameVerifier =
new HostnameVerifier() {
public boolean verify(String urlHostname, String certHostname) {
return false;
}
};
protected HostnameVerifier hostnameVerifier = defaultHostnameVerifier;
/**
* Sets the default HostnameVerifier inherited when an instance
* of this class is created.
* @param v the default host name verifier
*/
public static void setDefaultHostnameVerifier(HostnameVerifier v) {
if (v == null) {
throw new IllegalArgumentException(
"no default HostnameVerifier specified");
}
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new SSLPermission("setHostnameVerifier"));
}
defaultHostnameVerifier = v;
}
/**
* Gets the default HostnameVerifier.
* @return the default host name verifier
*/
public static HostnameVerifier getDefaultHostnameVerifier() {
return defaultHostnameVerifier;
}
/**
* Sets the HostnameVerifier.
* @param v the host name verifier
*/
public void setHostnameVerifier(HostnameVerifier v) {
if (v == null) {
throw new IllegalArgumentException(
"no HostnameVerifier specified");
}
hostnameVerifier = v;
}
/**
* Gets the HostnameVerifier.
* @return the host name verifier
*/
public HostnameVerifier getHostnameVerifier() {
return hostnameVerifier;
}
private static SSLSocketFactory defaultSSLSocketFactory = null;
private SSLSocketFactory sslSocketFactory = getDefaultSSLSocketFactory();
/**
* Sets the default SSL socket factory inherited when an instance
* of this class is created.
* @param sf the default SSL socket factory
*/
public static void setDefaultSSLSocketFactory(SSLSocketFactory sf) {
if (sf == null) {
throw new IllegalArgumentException(
"no default SSLSocketFactory specified");
}
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkSetFactory();
}
defaultSSLSocketFactory = sf;
}
/**
* Gets the default SSL socket factory.
* @return the default SSL socket factory
*/
public static SSLSocketFactory getDefaultSSLSocketFactory() {
if (defaultSSLSocketFactory == null) {
defaultSSLSocketFactory =
(SSLSocketFactory)SSLSocketFactory.getDefault();
}
return defaultSSLSocketFactory;
}
/**
* Sets the SSL socket factory.
* @param sf the SSL socket factory
*/
public void setSSLSocketFactory(SSLSocketFactory sf) {
if (sf == null) {
throw new IllegalArgumentException(
"no SSLSocketFactory specified");
}
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkSetFactory();
}
sslSocketFactory = sf;
}
/**
* Gets the SSL socket factory.
* @return the SSL socket factory
*/
public SSLSocketFactory getSSLSocketFactory() {
return sslSocketFactory;
}
}

42
jdkSrc/jdk8/com/sun/net/ssl/KeyManager.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.KeyManager
*/
package com.sun.net.ssl;
/**
* Base interface for JSSE key managers. These manage the
* key material which is used to authenticate to the peer
* of a secure socket.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.KeyManager}.
*/
@Deprecated
public interface KeyManager {
}

220
jdkSrc/jdk8/com/sun/net/ssl/KeyManagerFactory.java Normal file
View File

@@ -0,0 +1,220 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.KeyManagerFactory
*/
package com.sun.net.ssl;
import java.security.*;
/**
* This class acts as a factory for key managers based on a
* source of key material. Each key manager manages a specific
* type of key material for use by secure sockets. The key
* material is based on a KeyStore and/or provider specific sources.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.KeyManagerFactory}.
*/
@Deprecated
public class KeyManagerFactory {
// The provider
private Provider provider;
// The provider implementation (delegate)
private KeyManagerFactorySpi factorySpi;
// The name of the key management algorithm.
private String algorithm;
/**
* <p>The default KeyManager can be changed by setting the value of the
* {@code sun.ssl.keymanager.type} security property to the desired name.
*
* @return the default type as specified by the
* {@code sun.ssl.keymanager.type} security property, or an
* implementation-specific default if no such property exists.
*
* @see java.security.Security security properties
*/
public final static String getDefaultAlgorithm() {
String type;
type = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return Security.getProperty("sun.ssl.keymanager.type");
}
});
if (type == null) {
type = "SunX509";
}
return type;
}
/**
* Creates a KeyManagerFactory object.
*
* @param factorySpi the delegate
* @param provider the provider
* @param algorithm the algorithm
*/
protected KeyManagerFactory(KeyManagerFactorySpi factorySpi,
Provider provider, String algorithm) {
this.factorySpi = factorySpi;
this.provider = provider;
this.algorithm = algorithm;
}
/**
* Returns the algorithm name of this <code>KeyManagerFactory</code> object.
*
* <p>This is the same name that was specified in one of the
* <code>getInstance</code> calls that created this
* <code>KeyManagerFactory</code> object.
*
* @return the algorithm name of this <code>KeyManagerFactory</code> object.
*/
public final String getAlgorithm() {
return this.algorithm;
}
/**
* Generates a <code>KeyManagerFactory</code> object that implements the
* specified key management algorithm.
* If the default provider package provides an implementation of the
* requested key management algorithm, an instance of
* <code>KeyManagerFactory</code> containing that implementation is
* returned. If the algorithm is not available in the default provider
* package, other provider packages are searched.
*
* @param algorithm the standard name of the requested
* algorithm.
*
* @return the new <code>KeyManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available in the default provider package or any of the other provider
* packages that were searched.
*/
public static final KeyManagerFactory getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try {
Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
(String) null);
return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
(Provider)objs[1],
algorithm);
} catch (NoSuchProviderException e) {
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
/**
* Generates a <code>KeyManagerFactory</code> object for the specified
* key management algorithm from the specified provider.
*
* @param algorithm the standard name of the requested
* algorithm.
* @param provider the name of the provider
*
* @return the new <code>KeyManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available from the specified provider.
* @exception NoSuchProviderException if the specified provider has not
* been configured.
*/
public static final KeyManagerFactory getInstance(String algorithm,
String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null || provider.length() == 0)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
provider);
return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
(Provider)objs[1], algorithm);
}
/**
* Generates a <code>KeyManagerFactory</code> object for the specified
* key management algorithm from the specified provider.
*
* @param algorithm the standard name of the requested
* algorithm.
* @param provider an instance of the provider
*
* @return the new <code>KeyManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available from the specified provider.
*/
public static final KeyManagerFactory getInstance(String algorithm,
Provider provider)
throws NoSuchAlgorithmException
{
if (provider == null)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
provider);
return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
(Provider)objs[1], algorithm);
}
/**
* Returns the provider of this <code>KeyManagerFactory</code> object.
*
* @return the provider of this <code>KeyManagerFactory</code> object
*/
public final Provider getProvider() {
return this.provider;
}
/**
* Initializes this factory with a source of key material. The
* provider may also include a provider-specific source
* of key material.
*
* @param ks the key store or null
* @param password the password for recovering keys
*/
public void init(KeyStore ks, char[] password)
throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException {
factorySpi.engineInit(ks, password);
}
/**
* Returns one key manager for each type of key material.
* @return the key managers
*/
public KeyManager[] getKeyManagers() {
return factorySpi.engineGetKeyManagers();
}
}

64
jdkSrc/jdk8/com/sun/net/ssl/KeyManagerFactorySpi.java Normal file
View File

@@ -0,0 +1,64 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.KeyManagerFactorySpi
*/
package com.sun.net.ssl;
import java.security.*;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
* for the <code>KeyManagerFactory</code> class.
*
* <p> All the abstract methods in this class must be implemented by each
* cryptographic service provider who wishes to supply the implementation
* of a particular key manager factory.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.KeyManagerFactorySpi}.
*/
@Deprecated
public abstract class KeyManagerFactorySpi {
/**
* Initializes this factory with a source of key material. The
* provider may also include a provider-specific source
* of key material.
*
* @param ks the key store or null
* @param password the password for recovering keys
*/
protected abstract void engineInit(KeyStore ks, char[] password)
throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException;
/**
* Returns one trust manager for each type of trust material.
* @return the key managers
*/
protected abstract KeyManager[] engineGetKeyManagers();
}

201
jdkSrc/jdk8/com/sun/net/ssl/SSLContext.java Normal file
View File

@@ -0,0 +1,201 @@
/*
* Copyright (c) 2000, 2007, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.SSLContext
*/
package com.sun.net.ssl;
import java.security.*;
import java.util.*;
import javax.net.ssl.*;
import sun.security.ssl.SSLSocketFactoryImpl;
import sun.security.ssl.SSLServerSocketFactoryImpl;
/**
* Instances of this class represent a secure socket protocol
* implementation which acts as a factory for secure socket
* factories. This class is initialized with an optional set of
* key and trust managers and source of secure random bytes.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.SSLContext}.
*/
@Deprecated
public class SSLContext {
private Provider provider;
private SSLContextSpi contextSpi;
private String protocol;
/**
* Creates an SSLContext object.
*
* @param contextSpi the delegate
* @param provider the provider
* @param algorithm the algorithm
*/
protected SSLContext(SSLContextSpi contextSpi, Provider provider,
String protocol) {
this.contextSpi = contextSpi;
this.provider = provider;
this.protocol = protocol;
}
/**
* Generates a <code>SSLContext</code> object that implements the
* specified secure socket protocol.
*
* @param protocol the standard name of the requested protocol.
*
* @return the new <code>SSLContext</code> object
*
* @exception NoSuchAlgorithmException if the specified protocol is not
* available in the default provider package or any of the other provider
* packages that were searched.
*/
public static SSLContext getInstance(String protocol)
throws NoSuchAlgorithmException
{
try {
Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
(String) null);
return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
protocol);
} catch (NoSuchProviderException e) {
throw new NoSuchAlgorithmException(protocol + " not found");
}
}
/**
* Generates a <code>SSLContext</code> object that implements the
* specified secure socket protocol.
*
* @param protocol the standard name of the requested protocol.
* @param provider the name of the provider
*
* @return the new <code>SSLContext</code> object
*
* @exception NoSuchAlgorithmException if the specified protocol is not
* available from the specified provider.
* @exception NoSuchProviderException if the specified provider has not
* been configured.
*/
public static SSLContext getInstance(String protocol, String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null || provider.length() == 0)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
provider);
return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
protocol);
}
/**
* Generates a <code>SSLContext</code> object that implements the
* specified secure socket protocol.
*
* @param protocol the standard name of the requested protocol.
* @param provider an instance of the provider
*
* @return the new <code>SSLContext</code> object
*
* @exception NoSuchAlgorithmException if the specified protocol is not
* available from the specified provider.
*/
public static SSLContext getInstance(String protocol, Provider provider)
throws NoSuchAlgorithmException
{
if (provider == null)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
provider);
return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
protocol);
}
/**
* Returns the protocol name of this <code>SSLContext</code> object.
*
* <p>This is the same name that was specified in one of the
* <code>getInstance</code> calls that created this
* <code>SSLContext</code> object.
*
* @return the protocol name of this <code>SSLContext</code> object.
*/
public final String getProtocol() {
return this.protocol;
}
/**
* Returns the provider of this <code>SSLContext</code> object.
*
* @return the provider of this <code>SSLContext</code> object
*/
public final Provider getProvider() {
return this.provider;
}
/**
* Initializes this context. Either of the first two parameters
* may be null in which case the installed security providers will
* be searched for the highest priority implementation of the
* appropriate factory. Likewise, the secure random parameter may
* be null in which case the default implementation will be used.
*
* @param km the sources of authentication keys or null
* @param tm the sources of peer authentication trust decisions or null
* @param random the source of randomness for this generator or null
*/
public final void init(KeyManager[] km, TrustManager[] tm,
SecureRandom random)
throws KeyManagementException {
contextSpi.engineInit(km, tm, random);
}
/**
* Returns a <code>SocketFactory</code> object for this
* context.
*
* @return the factory
*/
public final SSLSocketFactory getSocketFactory() {
return contextSpi.engineGetSocketFactory();
}
/**
* Returns a <code>ServerSocketFactory</code> object for
* this context.
*
* @return the factory
*/
public final SSLServerSocketFactory getServerSocketFactory() {
return contextSpi.engineGetServerSocketFactory();
}
}

74
jdkSrc/jdk8/com/sun/net/ssl/SSLContextSpi.java Normal file
View File

@@ -0,0 +1,74 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.SSLContextSpi
*/
package com.sun.net.ssl;
import java.util.*;
import java.security.*;
import javax.net.ssl.*;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
* for the <code>SSLContext</code> class.
*
* <p> All the abstract methods in this class must be implemented by each
* cryptographic service provider who wishes to supply the implementation
* of a particular SSL context.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.SSLContextSpi}.
*/
@Deprecated
public abstract class SSLContextSpi {
/**
* Initializes this context.
*
* @param km the sources of authentication keys
* @param tm the sources of peer authentication trust decisions
* @param random the source of randomness for this generator
*/
protected abstract void engineInit(KeyManager[] ah, TrustManager[] th,
SecureRandom sr) throws KeyManagementException;
/**
* Returns a <code>SocketFactory</code> object for this
* context.
*
* @return the factory
*/
protected abstract SSLSocketFactory engineGetSocketFactory();
/**
* Returns a <code>ServerSocketFactory</code> object for
* this context.
*
* @return the factory
*/
protected abstract SSLServerSocketFactory engineGetServerSocketFactory();
}

137
jdkSrc/jdk8/com/sun/net/ssl/SSLPermission.java Normal file
View File

@@ -0,0 +1,137 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.SSLPermission
*/
package com.sun.net.ssl;
import java.security.*;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
import java.security.Permissions;
import java.lang.SecurityManager;
/**
* This class is for various network permissions.
* An SSLPermission contains a name (also referred to as a "target name") but
* no actions list; you either have the named permission
* or you don't.
* <P>
* The target name is the name of the network permission (see below). The naming
* convention follows the hierarchical property naming convention.
* Also, an asterisk
* may appear at the end of the name, following a ".", or by itself, to
* signify a wildcard match. For example: "foo.*" and "*" signify a wildcard
* match, while "*foo" and "a*b" do not.
* <P>
* The following table lists all the possible SSLPermission target names,
* and for each provides a description of what the permission allows
* and a discussion of the risks of granting code the permission.
* <P>
*
* <table border=1 cellpadding=5>
* <tr>
* <th>Permission Target Name</th>
* <th>What the Permission Allows</th>
* <th>Risks of Allowing this Permission</th>
* </tr>
*
* <tr>
* <td>setHostnameVerifier</td>
* <td>The ability to set a callback which can decide whether to
* allow a mismatch between the host being connected to by
* an HttpsURLConnection and the common name field in
* server certificate.
* </td>
* <td>Malicious
* code can set a verifier that monitors host names visited by
* HttpsURLConnection requests or that allows server certificates
* with invalid common names.
* </td>
* </tr>
*
* <tr>
* <td>getSSLSessionContext</td>
* <td>The ability to get the SSLSessionContext of an SSLSession.
* </td>
* <td>Malicious code may monitor sessions which have been established
* with SSL peers or might invalidate sessions to slow down performance.
* </td>
* </tr>
*
* </table>
*
* @see java.security.BasicPermission
* @see java.security.Permission
* @see java.security.Permissions
* @see java.security.PermissionCollection
* @see java.lang.SecurityManager
*
*
* @author Marianne Mueller
* @author Roland Schemers
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.SSLPermission}.
*/
@Deprecated
public final class SSLPermission extends BasicPermission {
private static final long serialVersionUID = -2583684302506167542L;
/**
* Creates a new SSLPermission with the specified name.
* The name is the symbolic name of the SSLPermission, such as
* "setDefaultAuthenticator", etc. An asterisk
* may appear at the end of the name, following a ".", or by itself, to
* signify a wildcard match.
*
* @param name the name of the SSLPermission.
*/
public SSLPermission(String name)
{
super(name);
}
/**
* Creates a new SSLPermission object with the specified name.
* The name is the symbolic name of the SSLPermission, and the
* actions String is currently unused and should be null. This
* constructor exists for use by the <code>Policy</code> object
* to instantiate new Permission objects.
*
* @param name the name of the SSLPermission.
* @param actions should be null.
*/
public SSLPermission(String name, String actions)
{
super(name, actions);
}
}

691
jdkSrc/jdk8/com/sun/net/ssl/SSLSecurity.java Normal file
View File

@@ -0,0 +1,691 @@
/*
* Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.SSLSecurity,
* but was heavily modified to allow com.sun.* users to
* access providers written using the javax.sun.* APIs.
*/
package com.sun.net.ssl;
import java.util.*;
import java.io.*;
import java.security.*;
import java.security.Provider.Service;
import java.net.Socket;
import sun.security.jca.*;
/**
* This class instantiates implementations of JSSE engine classes from
* providers registered with the java.security.Security object.
*
* @author Jan Luehe
* @author Jeff Nisewanger
* @author Brad Wetmore
*/
final class SSLSecurity {
/*
* Don't let anyone instantiate this.
*/
private SSLSecurity() {
}
// ProviderList.getService() is not accessible now, implement our own loop
private static Service getService(String type, String alg) {
ProviderList list = Providers.getProviderList();
for (Provider p : list.providers()) {
Service s = p.getService(type, alg);
if (s != null) {
return s;
}
}
return null;
}
/**
* The body of the driver for the getImpl method.
*/
private static Object[] getImpl1(String algName, String engineType,
Service service) throws NoSuchAlgorithmException
{
Provider provider = service.getProvider();
String className = service.getClassName();
Class<?> implClass;
try {
ClassLoader cl = provider.getClass().getClassLoader();
if (cl == null) {
// system class
implClass = Class.forName(className);
} else {
implClass = cl.loadClass(className);
}
} catch (ClassNotFoundException e) {
throw new NoSuchAlgorithmException("Class " + className +
" configured for " +
engineType +
" not found: " +
e.getMessage());
} catch (SecurityException e) {
throw new NoSuchAlgorithmException("Class " + className +
" configured for " +
engineType +
" cannot be accessed: " +
e.getMessage());
}
/*
* JSSE 1.0, 1.0.1, and 1.0.2 used the com.sun.net.ssl API as the
* API was being developed. As JSSE was folded into the main
* release, it was decided to promote the com.sun.net.ssl API to
* be javax.net.ssl. It is desired to keep binary compatibility
* with vendors of JSSE implementation written using the
* com.sun.net.sll API, so we do this magic to handle everything.
*
* API used Implementation used Supported?
* ======== =================== ==========
* com.sun javax Yes
* com.sun com.sun Yes
* javax javax Yes
* javax com.sun Not Currently
*
* Make sure the implementation class is a subclass of the
* corresponding engine class.
*
* In wrapping these classes, there's no way to know how to
* wrap all possible classes that extend the TrustManager/KeyManager.
* We only wrap the x509 variants.
*/
try { // catch instantiation errors
/*
* (The following Class.forName()s should alway work, because
* this class and all the SPI classes in javax.crypto are
* loaded by the same class loader.) That is, unless they
* give us a SPI class that doesn't exist, say SSLFoo,
* or someone has removed classes from the jsse.jar file.
*/
Class<?> typeClassJavax;
Class<?> typeClassCom;
Object obj = null;
/*
* Odds are more likely that we have a javax variant, try this
* first.
*/
if (((typeClassJavax = Class.forName("javax.net.ssl." +
engineType + "Spi")) != null) &&
(checkSuperclass(implClass, typeClassJavax))) {
if (engineType.equals("SSLContext")) {
obj = new SSLContextSpiWrapper(algName, provider);
} else if (engineType.equals("TrustManagerFactory")) {
obj = new TrustManagerFactorySpiWrapper(algName, provider);
} else if (engineType.equals("KeyManagerFactory")) {
obj = new KeyManagerFactorySpiWrapper(algName, provider);
} else {
/*
* We should throw an error if we get
* something totally unexpected. Don't ever
* expect to see this one...
*/
throw new IllegalStateException(
"Class " + implClass.getName() +
" unknown engineType wrapper:" + engineType);
}
} else if (((typeClassCom = Class.forName("com.sun.net.ssl." +
engineType + "Spi")) != null) &&
(checkSuperclass(implClass, typeClassCom))) {
obj = service.newInstance(null);
}
if (obj != null) {
return new Object[] { obj, provider };
} else {
throw new NoSuchAlgorithmException(
"Couldn't locate correct object or wrapper: " +
engineType + " " + algName);
}
} catch (ClassNotFoundException e) {
IllegalStateException exc = new IllegalStateException(
"Engine Class Not Found for " + engineType);
exc.initCause(e);
throw exc;
}
}
/**
* Returns an array of objects: the first object in the array is
* an instance of an implementation of the requested algorithm
* and type, and the second object in the array identifies the provider
* of that implementation.
* The <code>provName</code> argument can be null, in which case all
* configured providers will be searched in order of preference.
*/
static Object[] getImpl(String algName, String engineType, String provName)
throws NoSuchAlgorithmException, NoSuchProviderException
{
Service service;
if (provName != null) {
ProviderList list = Providers.getProviderList();
Provider prov = list.getProvider(provName);
if (prov == null) {
throw new NoSuchProviderException("No such provider: " +
provName);
}
service = prov.getService(engineType, algName);
} else {
service = getService(engineType, algName);
}
if (service == null) {
throw new NoSuchAlgorithmException("Algorithm " + algName
+ " not available");
}
return getImpl1(algName, engineType, service);
}
/**
* Returns an array of objects: the first object in the array is
* an instance of an implementation of the requested algorithm
* and type, and the second object in the array identifies the provider
* of that implementation.
* The <code>prov</code> argument can be null, in which case all
* configured providers will be searched in order of preference.
*/
static Object[] getImpl(String algName, String engineType, Provider prov)
throws NoSuchAlgorithmException
{
Service service = prov.getService(engineType, algName);
if (service == null) {
throw new NoSuchAlgorithmException("No such algorithm: " +
algName);
}
return getImpl1(algName, engineType, service);
}
/*
* Checks whether one class is the superclass of another
*/
private static boolean checkSuperclass(Class<?> subclass, Class<?> superclass) {
if ((subclass == null) || (superclass == null))
return false;
while (!subclass.equals(superclass)) {
subclass = subclass.getSuperclass();
if (subclass == null) {
return false;
}
}
return true;
}
/*
* Return at most the first "resize" elements of an array.
*
* Didn't want to use java.util.Arrays, as PJava may not have it.
*/
static Object[] truncateArray(Object[] oldArray, Object[] newArray) {
for (int i = 0; i < newArray.length; i++) {
newArray[i] = oldArray[i];
}
return newArray;
}
}
/*
* =================================================================
* The remainder of this file is for the wrapper and wrapper-support
* classes. When SSLSecurity finds something which extends the
* javax.net.ssl.*Spi, we need to go grab a real instance of the
* thing that the Spi supports, and wrap into a com.sun.net.ssl.*Spi
* object. This also mean that anything going down into the SPI
* needs to be wrapped, as well as anything coming back up.
*/
final class SSLContextSpiWrapper extends SSLContextSpi {
private javax.net.ssl.SSLContext theSSLContext;
SSLContextSpiWrapper(String algName, Provider prov) throws
NoSuchAlgorithmException {
theSSLContext = javax.net.ssl.SSLContext.getInstance(algName, prov);
}
protected void engineInit(KeyManager[] kma, TrustManager[] tma,
SecureRandom sr) throws KeyManagementException {
// Keep track of the actual number of array elements copied
int dst;
int src;
javax.net.ssl.KeyManager[] kmaw;
javax.net.ssl.TrustManager[] tmaw;
// Convert com.sun.net.ssl.kma to a javax.net.ssl.kma
// wrapper if need be.
if (kma != null) {
kmaw = new javax.net.ssl.KeyManager[kma.length];
for (src = 0, dst = 0; src < kma.length; ) {
/*
* These key managers may implement both javax
* and com.sun interfaces, so if they do
* javax, there's no need to wrap them.
*/
if (!(kma[src] instanceof javax.net.ssl.KeyManager)) {
/*
* Do we know how to convert them? If not, oh well...
* We'll have to drop them on the floor in this
* case, cause we don't know how to handle them.
* This will be pretty rare, but put here for
* completeness.
*/
if (kma[src] instanceof X509KeyManager) {
kmaw[dst] = (javax.net.ssl.KeyManager)
new X509KeyManagerJavaxWrapper(
(X509KeyManager)kma[src]);
dst++;
}
} else {
// We can convert directly, since they implement.
kmaw[dst] = (javax.net.ssl.KeyManager)kma[src];
dst++;
}
src++;
}
/*
* If dst != src, there were more items in the original array
* than in the new array. Compress the new elements to avoid
* any problems down the road.
*/
if (dst != src) {
kmaw = (javax.net.ssl.KeyManager [])
SSLSecurity.truncateArray(kmaw,
new javax.net.ssl.KeyManager [dst]);
}
} else {
kmaw = null;
}
// Now do the same thing with the TrustManagers.
if (tma != null) {
tmaw = new javax.net.ssl.TrustManager[tma.length];
for (src = 0, dst = 0; src < tma.length; ) {
/*
* These key managers may implement both...see above...
*/
if (!(tma[src] instanceof javax.net.ssl.TrustManager)) {
// Do we know how to convert them?
if (tma[src] instanceof X509TrustManager) {
tmaw[dst] = (javax.net.ssl.TrustManager)
new X509TrustManagerJavaxWrapper(
(X509TrustManager)tma[src]);
dst++;
}
} else {
tmaw[dst] = (javax.net.ssl.TrustManager)tma[src];
dst++;
}
src++;
}
if (dst != src) {
tmaw = (javax.net.ssl.TrustManager [])
SSLSecurity.truncateArray(tmaw,
new javax.net.ssl.TrustManager [dst]);
}
} else {
tmaw = null;
}
theSSLContext.init(kmaw, tmaw, sr);
}
protected javax.net.ssl.SSLSocketFactory
engineGetSocketFactory() {
return theSSLContext.getSocketFactory();
}
protected javax.net.ssl.SSLServerSocketFactory
engineGetServerSocketFactory() {
return theSSLContext.getServerSocketFactory();
}
}
final class TrustManagerFactorySpiWrapper extends TrustManagerFactorySpi {
private javax.net.ssl.TrustManagerFactory theTrustManagerFactory;
TrustManagerFactorySpiWrapper(String algName, Provider prov) throws
NoSuchAlgorithmException {
theTrustManagerFactory =
javax.net.ssl.TrustManagerFactory.getInstance(algName, prov);
}
protected void engineInit(KeyStore ks) throws KeyStoreException {
theTrustManagerFactory.init(ks);
}
protected TrustManager[] engineGetTrustManagers() {
int dst;
int src;
javax.net.ssl.TrustManager[] tma =
theTrustManagerFactory.getTrustManagers();
TrustManager[] tmaw = new TrustManager[tma.length];
for (src = 0, dst = 0; src < tma.length; ) {
if (!(tma[src] instanceof com.sun.net.ssl.TrustManager)) {
// We only know how to wrap X509TrustManagers, as
// TrustManagers don't have any methods to wrap.
if (tma[src] instanceof javax.net.ssl.X509TrustManager) {
tmaw[dst] = (TrustManager)
new X509TrustManagerComSunWrapper(
(javax.net.ssl.X509TrustManager)tma[src]);
dst++;
}
} else {
tmaw[dst] = (TrustManager)tma[src];
dst++;
}
src++;
}
if (dst != src) {
tmaw = (TrustManager [])
SSLSecurity.truncateArray(tmaw, new TrustManager [dst]);
}
return tmaw;
}
}
final class KeyManagerFactorySpiWrapper extends KeyManagerFactorySpi {
private javax.net.ssl.KeyManagerFactory theKeyManagerFactory;
KeyManagerFactorySpiWrapper(String algName, Provider prov) throws
NoSuchAlgorithmException {
theKeyManagerFactory =
javax.net.ssl.KeyManagerFactory.getInstance(algName, prov);
}
protected void engineInit(KeyStore ks, char[] password)
throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException {
theKeyManagerFactory.init(ks, password);
}
protected KeyManager[] engineGetKeyManagers() {
int dst;
int src;
javax.net.ssl.KeyManager[] kma =
theKeyManagerFactory.getKeyManagers();
KeyManager[] kmaw = new KeyManager[kma.length];
for (src = 0, dst = 0; src < kma.length; ) {
if (!(kma[src] instanceof com.sun.net.ssl.KeyManager)) {
// We only know how to wrap X509KeyManagers, as
// KeyManagers don't have any methods to wrap.
if (kma[src] instanceof javax.net.ssl.X509KeyManager) {
kmaw[dst] = (KeyManager)
new X509KeyManagerComSunWrapper(
(javax.net.ssl.X509KeyManager)kma[src]);
dst++;
}
} else {
kmaw[dst] = (KeyManager)kma[src];
dst++;
}
src++;
}
if (dst != src) {
kmaw = (KeyManager [])
SSLSecurity.truncateArray(kmaw, new KeyManager [dst]);
}
return kmaw;
}
}
// =================================
final class X509KeyManagerJavaxWrapper implements
javax.net.ssl.X509KeyManager {
private X509KeyManager theX509KeyManager;
X509KeyManagerJavaxWrapper(X509KeyManager obj) {
theX509KeyManager = obj;
}
public String[] getClientAliases(String keyType, Principal[] issuers) {
return theX509KeyManager.getClientAliases(keyType, issuers);
}
public String chooseClientAlias(String[] keyTypes, Principal[] issuers,
Socket socket) {
String retval;
if (keyTypes == null) {
return null;
}
/*
* Scan the list, look for something we can pass back.
*/
for (int i = 0; i < keyTypes.length; i++) {
if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i],
issuers)) != null)
return retval;
}
return null;
}
/*
* JSSE 1.0.x was only socket based, but it's possible someone might
* want to install a really old provider. We should at least
* try to be nice.
*/
public String chooseEngineClientAlias(
String[] keyTypes, Principal[] issuers,
javax.net.ssl.SSLEngine engine) {
String retval;
if (keyTypes == null) {
return null;
}
/*
* Scan the list, look for something we can pass back.
*/
for (int i = 0; i < keyTypes.length; i++) {
if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i],
issuers)) != null)
return retval;
}
return null;
}
public String[] getServerAliases(String keyType, Principal[] issuers) {
return theX509KeyManager.getServerAliases(keyType, issuers);
}
public String chooseServerAlias(String keyType, Principal[] issuers,
Socket socket) {
if (keyType == null) {
return null;
}
return theX509KeyManager.chooseServerAlias(keyType, issuers);
}
/*
* JSSE 1.0.x was only socket based, but it's possible someone might
* want to install a really old provider. We should at least
* try to be nice.
*/
public String chooseEngineServerAlias(
String keyType, Principal[] issuers,
javax.net.ssl.SSLEngine engine) {
if (keyType == null) {
return null;
}
return theX509KeyManager.chooseServerAlias(keyType, issuers);
}
public java.security.cert.X509Certificate[]
getCertificateChain(String alias) {
return theX509KeyManager.getCertificateChain(alias);
}
public PrivateKey getPrivateKey(String alias) {
return theX509KeyManager.getPrivateKey(alias);
}
}
final class X509TrustManagerJavaxWrapper implements
javax.net.ssl.X509TrustManager {
private X509TrustManager theX509TrustManager;
X509TrustManagerJavaxWrapper(X509TrustManager obj) {
theX509TrustManager = obj;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
if (!theX509TrustManager.isClientTrusted(chain)) {
throw new java.security.cert.CertificateException(
"Untrusted Client Certificate Chain");
}
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain, String authType)
throws java.security.cert.CertificateException {
if (!theX509TrustManager.isServerTrusted(chain)) {
throw new java.security.cert.CertificateException(
"Untrusted Server Certificate Chain");
}
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return theX509TrustManager.getAcceptedIssuers();
}
}
final class X509KeyManagerComSunWrapper implements X509KeyManager {
private javax.net.ssl.X509KeyManager theX509KeyManager;
X509KeyManagerComSunWrapper(javax.net.ssl.X509KeyManager obj) {
theX509KeyManager = obj;
}
public String[] getClientAliases(String keyType, Principal[] issuers) {
return theX509KeyManager.getClientAliases(keyType, issuers);
}
public String chooseClientAlias(String keyType, Principal[] issuers) {
String [] keyTypes = new String [] { keyType };
return theX509KeyManager.chooseClientAlias(keyTypes, issuers, null);
}
public String[] getServerAliases(String keyType, Principal[] issuers) {
return theX509KeyManager.getServerAliases(keyType, issuers);
}
public String chooseServerAlias(String keyType, Principal[] issuers) {
return theX509KeyManager.chooseServerAlias(keyType, issuers, null);
}
public java.security.cert.X509Certificate[]
getCertificateChain(String alias) {
return theX509KeyManager.getCertificateChain(alias);
}
public PrivateKey getPrivateKey(String alias) {
return theX509KeyManager.getPrivateKey(alias);
}
}
final class X509TrustManagerComSunWrapper implements X509TrustManager {
private javax.net.ssl.X509TrustManager theX509TrustManager;
X509TrustManagerComSunWrapper(javax.net.ssl.X509TrustManager obj) {
theX509TrustManager = obj;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] chain) {
try {
theX509TrustManager.checkClientTrusted(chain, "UNKNOWN");
return true;
} catch (java.security.cert.CertificateException e) {
return false;
}
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] chain) {
try {
theX509TrustManager.checkServerTrusted(chain, "UNKNOWN");
return true;
} catch (java.security.cert.CertificateException e) {
return false;
}
}
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return theX509TrustManager.getAcceptedIssuers();
}
}

42
jdkSrc/jdk8/com/sun/net/ssl/TrustManager.java Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.TrustManager
*/
package com.sun.net.ssl;
/**
* Base interface for JSSE trust managers which manage
* authentication trust decisions for different types of
* authentication material.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.TrustManager}.
*/
@Deprecated
public interface TrustManager {
}

220
jdkSrc/jdk8/com/sun/net/ssl/TrustManagerFactory.java Normal file
View File

@@ -0,0 +1,220 @@
/*
* Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.TrustManagerFactory
*/
package com.sun.net.ssl;
import java.security.*;
/**
* This class acts as a factory for trust managers based on a
* source of trust material. Each trust manager manages a specific
* type of trust material for use by secure sockets. The trust
* material is based on a KeyStore and/or provider specific sources.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.TrustManagerFactory}.
*/
@Deprecated
public class TrustManagerFactory {
// The provider
private Provider provider;
// The provider implementation (delegate)
private TrustManagerFactorySpi factorySpi;
// The name of the trust management algorithm.
private String algorithm;
/**
* <p>The default TrustManager can be changed by setting the value of the
* {@code sun.ssl.trustmanager.type} security property to the desired name.
*
* @return the default type as specified by the
* {@code sun.ssl.trustmanager.type} security property, or an
* implementation-specific default if no such property exists.
*
* @see java.security.Security security properties
*/
public final static String getDefaultAlgorithm() {
String type;
type = AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
return Security.getProperty("sun.ssl.trustmanager.type");
}
});
if (type == null) {
type = "SunX509";
}
return type;
}
/**
* Creates a TrustManagerFactory object.
*
* @param factorySpi the delegate
* @param provider the provider
* @param algorithm the algorithm
*/
protected TrustManagerFactory(TrustManagerFactorySpi factorySpi,
Provider provider, String algorithm) {
this.factorySpi = factorySpi;
this.provider = provider;
this.algorithm = algorithm;
}
/**
* Returns the algorithm name of this <code>TrustManagerFactory</code>
* object.
*
* <p>This is the same name that was specified in one of the
* <code>getInstance</code> calls that created this
* <code>TrustManagerFactory</code> object.
*
* @return the algorithm name of this <code>TrustManagerFactory</code>
* object.
*/
public final String getAlgorithm() {
return this.algorithm;
}
/**
* Generates a <code>TrustManagerFactory</code> object that implements the
* specified trust management algorithm.
* If the default provider package provides an implementation of the
* requested trust management algorithm, an instance of
* <code>TrustManagerFactory</code> containing that implementation is
* returned. If the algorithm is not available in the default provider
* package, other provider packages are searched.
*
* @param algorithm the standard name of the requested trust management
* algorithm.
*
* @return the new <code>TrustManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available in the default provider package or any of the other provider
* packages that were searched.
*/
public static final TrustManagerFactory getInstance(String algorithm)
throws NoSuchAlgorithmException
{
try {
Object[] objs = SSLSecurity.getImpl(algorithm,
"TrustManagerFactory", (String) null);
return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
(Provider)objs[1],
algorithm);
} catch (NoSuchProviderException e) {
throw new NoSuchAlgorithmException(algorithm + " not found");
}
}
/**
* Generates a <code>TrustManagerFactory</code> object for the specified
* trust management algorithm from the specified provider.
*
* @param algorithm the standard name of the requested trust management
* algorithm.
* @param provider the name of the provider
*
* @return the new <code>TrustManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available from the specified provider.
* @exception NoSuchProviderException if the specified provider has not
* been configured.
*/
public static final TrustManagerFactory getInstance(String algorithm,
String provider)
throws NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null || provider.length() == 0)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory",
provider);
return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
(Provider)objs[1], algorithm);
}
/**
* Generates a <code>TrustManagerFactory</code> object for the specified
* trust management algorithm from the specified provider.
*
* @param algorithm the standard name of the requested trust management
* algorithm.
* @param provider an instance of the provider
*
* @return the new <code>TrustManagerFactory</code> object
*
* @exception NoSuchAlgorithmException if the specified algorithm is not
* available from the specified provider.
*/
public static final TrustManagerFactory getInstance(String algorithm,
Provider provider)
throws NoSuchAlgorithmException
{
if (provider == null)
throw new IllegalArgumentException("missing provider");
Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory",
provider);
return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
(Provider)objs[1], algorithm);
}
/**
* Returns the provider of this <code>TrustManagerFactory</code> object.
*
* @return the provider of this <code>TrustManagerFactory</code> object
*/
public final Provider getProvider() {
return this.provider;
}
/**
* Initializes this factory with a source of certificate
* authorities and related trust material. The
* provider may also include a provider-specific source
* of key material.
*
* @param ks the key store or null
*/
public void init(KeyStore ks) throws KeyStoreException {
factorySpi.engineInit(ks);
}
/**
* Returns one trust manager for each type of trust material.
* @return the trust managers
*/
public TrustManager[] getTrustManagers() {
return factorySpi.engineGetTrustManagers();
}
}

62
jdkSrc/jdk8/com/sun/net/ssl/TrustManagerFactorySpi.java Normal file
View File

@@ -0,0 +1,62 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.TrustManagerFactorySpi
*/
package com.sun.net.ssl;
import java.security.*;
/**
* This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
* for the <code>TrustManagerFactory</code> class.
*
* <p> All the abstract methods in this class must be implemented by each
* cryptographic service provider who wishes to supply the implementation
* of a particular trust manager factory.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.TrustManagerFactorySpi}.
*/
@Deprecated
public abstract class TrustManagerFactorySpi {
/**
* Initializes this factory with a source of certificate
* authorities and related trust material. The
* provider may also include a provider-specific source
* of key material.
*
* @param ks the key store or null
*/
protected abstract void engineInit(KeyStore ks) throws KeyStoreException;
/**
* Returns one trust manager for each type of trust material.
* @return the trust managers
*/
protected abstract TrustManager[] engineGetTrustManagers();
}

109
jdkSrc/jdk8/com/sun/net/ssl/X509KeyManager.java Normal file
View File

@@ -0,0 +1,109 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.X509KeyManager
*/
package com.sun.net.ssl;
import java.security.KeyManagementException;
import java.security.PrivateKey;
import java.security.Principal;
import java.security.cert.X509Certificate;
/**
* Instances of this interface manage which X509 certificate-based
* key pairs are used to authenticate the local side of a secure
* socket. The individual entries are identified by unique alias names.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.X509KeyManager}.
*/
@Deprecated
public interface X509KeyManager extends KeyManager {
/**
* Get the matching aliases for authenticating the client side of a secure
* socket given the public key type and the list of
* certificate issuer authorities recognized by the peer (if any).
*
* @param keyType the key algorithm type name
* @param issuers the list of acceptable CA issuer subject names
* @return the matching alias names
*/
public String[] getClientAliases(String keyType, Principal[] issuers);
/**
* Choose an alias to authenticate the client side of a secure
* socket given the public key type and the list of
* certificate issuer authorities recognized by the peer (if any).
*
* @param keyType the key algorithm type name
* @param issuers the list of acceptable CA issuer subject names
* @return the alias name for the desired key
*/
public String chooseClientAlias(String keyType, Principal[] issuers);
/**
* Get the matching aliases for authenticating the server side of a secure
* socket given the public key type and the list of
* certificate issuer authorities recognized by the peer (if any).
*
* @param keyType the key algorithm type name
* @param issuers the list of acceptable CA issuer subject names
* @return the matching alias names
*/
public String[] getServerAliases(String keyType, Principal[] issuers);
/**
* Choose an alias to authenticate the server side of a secure
* socket given the public key type and the list of
* certificate issuer authorities recognized by the peer (if any).
*
* @param keyType the key algorithm type name
* @param issuers the list of acceptable CA issuer subject names
* @return the alias name for the desired key
*/
public String chooseServerAlias(String keyType, Principal[] issuers);
/**
* Returns the certificate chain associated with the given alias.
*
* @param alias the alias name
*
* @return the certificate chain (ordered with the user's certificate first
* and the root certificate authority last)
*/
public X509Certificate[] getCertificateChain(String alias);
/*
* Returns the key associated with the given alias.
*
* @param alias the alias name
*
* @return the requested key
*/
public PrivateKey getPrivateKey(String alias);
}

73
jdkSrc/jdk8/com/sun/net/ssl/X509TrustManager.java Normal file
View File

@@ -0,0 +1,73 @@
/*
* Copyright (c) 2000, 2004, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: this file was copied from javax.net.ssl.X509TrustManager
*/
package com.sun.net.ssl;
import java.security.cert.X509Certificate;
/**
* Instance of this interface manage which X509 certificates
* may be used to authenticate the remote side of a secure
* socket. Decisions may be based on trusted certificate
* authorities, certificate revocation lists, online
* status checking or other means.
*
* @deprecated As of JDK 1.4, this implementation-specific class was
* replaced by {@link javax.net.ssl.X509TrustManager}.
*/
@Deprecated
public interface X509TrustManager extends TrustManager {
/**
* Given the partial or complete certificate chain
* provided by the peer, build a certificate path
* to a trusted root and return true if it can be
* validated and is trusted for client SSL authentication.
*
* @param chain the peer certificate chain
*/
public boolean isClientTrusted(X509Certificate[] chain);
/**
* Given the partial or complete certificate chain
* provided by the peer, build a certificate path
* to a trusted root and return true if it can be
* validated and is trusted for server SSL authentication.
*
* @param chain the peer certificate chain
*/
public boolean isServerTrusted(X509Certificate[] chain);
/**
* Return an array of certificate authority certificates
* which are trusted for authenticating peers.
*
* @return the acceptable CA issuer certificates
*/
public X509Certificate[] getAcceptedIssuers();
}

66
jdkSrc/jdk8/com/sun/net/ssl/internal/ssl/Provider.java Normal file
View File

@@ -0,0 +1,66 @@
/*
* Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.ssl.internal.ssl;
import sun.security.ssl.SunJSSE;
/**
* Main class for the SunJSSE provider. The actual code was moved to the
* class sun.security.ssl.SunJSSE, but for backward compatibility we
* continue to use this class as the main Provider class.
*/
public final class Provider extends SunJSSE {
private static final long serialVersionUID = 3231825739635378733L;
// standard constructor
public Provider() {
super();
}
// preferred constructor to enable FIPS mode at runtime
public Provider(java.security.Provider cryptoProvider) {
super(cryptoProvider);
}
// constructor to enable FIPS mode from java.security file
public Provider(String cryptoProvider) {
super(cryptoProvider);
}
// public for now, but we may want to change it or not document it.
public static synchronized boolean isFIPS() {
return SunJSSE.isFIPS();
}
/**
* Installs the JSSE provider.
*/
public static synchronized void install() {
/* nop. Remove this method in the future. */
}
}

122
jdkSrc/jdk8/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java Normal file
View File

@@ -0,0 +1,122 @@
/*
* Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.ssl.internal.ssl;
import javax.net.ssl.X509TrustManager;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
/**
* Instance of this class is an extension of <code>X509TrustManager</code>.
* <p>
* Note that this class is referenced by the Deploy workspace. Any updates
* must make sure that they do not cause any breakage there.
* <p>
* It takes the responsiblity of checking the peer identity with its
* principal declared in the cerificate.
* <p>
* The class provides an alternative to <code>HostnameVerifer</code>.
* If application customizes its <code>HostnameVerifer</code> for
* <code>HttpsURLConnection</code>, the peer identity will be checked
* by the customized <code>HostnameVerifer</code>; otherwise, it will
* be checked by the extended trust manager.
* <p>
* RFC2830 defines the server identification specification for "LDAP"
* algorithm. RFC2818 defines both the server identification and the
* client identification specification for "HTTPS" algorithm.
*
* @see X509TrustManager
* @see HostnameVerifier
*
* @since 1.6
* @author Xuelei Fan
*/
public abstract class X509ExtendedTrustManager implements X509TrustManager {
/**
* Constructor used by subclasses only.
*/
protected X509ExtendedTrustManager() {
}
/**
* Given the partial or complete certificate chain provided by the
* peer, check its identity and build a certificate path to a trusted
* root, return if it can be validated and is trusted for client SSL
* authentication based on the authentication type.
* <p>
* The authentication type is determined by the actual certificate
* used. For instance, if RSAPublicKey is used, the authType
* should be "RSA". Checking is case-sensitive.
* <p>
* The algorithm parameter specifies the client identification protocol
* to use. If the algorithm and the peer hostname are available, the
* peer hostname is checked against the peer's identity presented in
* the X509 certificate, in order to prevent masquerade attacks.
*
* @param chain the peer certificate chain
* @param authType the authentication type based on the client certificate
* @param hostname the peer hostname
* @param algorithm the identification algorithm
* @throws IllegalArgumentException if null or zero-length chain
* is passed in for the chain parameter or if null or zero-length
* string is passed in for the authType parameter
* @throws CertificateException if the certificate chain is not trusted
* by this TrustManager.
*/
public abstract void checkClientTrusted(X509Certificate[] chain,
String authType, String hostname, String algorithm)
throws CertificateException;
/**
* Given the partial or complete certificate chain provided by the
* peer, check its identity and build a certificate path to a trusted
* root, return if it can be validated and is trusted for server SSL
* authentication based on the authentication type.
* <p>
* The authentication type is the key exchange algorithm portion
* of the cipher suites represented as a String, such as "RSA",
* "DHE_DSS". Checking is case-sensitive.
* <p>
* The algorithm parameter specifies the server identification protocol
* to use. If the algorithm and the peer hostname are available, the
* peer hostname is checked against the peer's identity presented in
* the X509 certificate, in order to prevent masquerade attacks.
*
* @param chain the peer certificate chain
* @param authType the key exchange algorithm used
* @param hostname the peer hostname
* @param algorithm the identification algorithm
* @throws IllegalArgumentException if null or zero-length chain
* is passed in for the chain parameter or if null or zero-length
* string is passed in for the authType parameter
* @throws CertificateException if the certificate chain is not trusted
* by this TrustManager.
*/
public abstract void checkServerTrusted(X509Certificate[] chain,
String authType, String hostname, String algorithm)
throws CertificateException;
}

199
jdkSrc/jdk8/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java Normal file
View File

@@ -0,0 +1,199 @@
/*
* Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.ssl.internal.www.protocol.https;
import java.net.URL;
import java.net.Proxy;
import java.io.IOException;
import java.util.Collection;
import java.util.List;
import java.util.Iterator;
import java.security.Principal;
import java.security.cert.*;
import javax.security.auth.x500.X500Principal;
import sun.security.util.HostnameChecker;
import sun.security.util.DerValue;
import sun.security.x509.X500Name;
import sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection;
/**
* This class was introduced to provide an additional level of
* abstraction between javax.net.ssl.HttpURLConnection and
* com.sun.net.ssl.HttpURLConnection objects. <p>
*
* javax.net.ssl.HttpURLConnection is used in the new sun.net version
* of protocol implementation (this one)
* com.sun.net.ssl.HttpURLConnection is used in the com.sun version.
*
*/
public class DelegateHttpsURLConnection extends AbstractDelegateHttpsURLConnection {
// we need a reference to the HttpsURLConnection to get
// the properties set there
// we also need it to be public so that it can be referenced
// from sun.net.www.protocol.http.HttpURLConnection
// this is for ResponseCache.put(URI, URLConnection)
// second parameter needs to be cast to javax.net.ssl.HttpsURLConnection
// instead of AbstractDelegateHttpsURLConnection
public com.sun.net.ssl.HttpsURLConnection httpsURLConnection;
DelegateHttpsURLConnection(URL url,
sun.net.www.protocol.http.Handler handler,
com.sun.net.ssl.HttpsURLConnection httpsURLConnection)
throws IOException {
this(url, null, handler, httpsURLConnection);
}
DelegateHttpsURLConnection(URL url, Proxy p,
sun.net.www.protocol.http.Handler handler,
com.sun.net.ssl.HttpsURLConnection httpsURLConnection)
throws IOException {
super(url, p, handler);
this.httpsURLConnection = httpsURLConnection;
}
protected javax.net.ssl.SSLSocketFactory getSSLSocketFactory() {
return httpsURLConnection.getSSLSocketFactory();
}
protected javax.net.ssl.HostnameVerifier getHostnameVerifier() {
// note: getHostnameVerifier() never returns null
return new VerifierWrapper(httpsURLConnection.getHostnameVerifier());
}
/*
* Called by layered delegator's finalize() method to handle closing
* the underlying object.
*/
protected void dispose() throws Throwable {
super.finalize();
}
}
class VerifierWrapper implements javax.net.ssl.HostnameVerifier {
private com.sun.net.ssl.HostnameVerifier verifier;
VerifierWrapper(com.sun.net.ssl.HostnameVerifier verifier) {
this.verifier = verifier;
}
/*
* In com.sun.net.ssl.HostnameVerifier the method is defined
* as verify(String urlHostname, String certHostname).
* This means we need to extract the hostname from the X.509 certificate
* or from the Kerberos principal name, in this wrapper.
*/
public boolean verify(String hostname, javax.net.ssl.SSLSession session) {
try {
String serverName;
// Use ciphersuite to determine whether Kerberos is active.
if (session.getCipherSuite().startsWith("TLS_KRB5")) {
serverName =
HostnameChecker.getServerName(getPeerPrincipal(session));
} else { // X.509
Certificate[] serverChain = session.getPeerCertificates();
if ((serverChain == null) || (serverChain.length == 0)) {
return false;
}
if (serverChain[0] instanceof X509Certificate == false) {
return false;
}
X509Certificate serverCert = (X509Certificate)serverChain[0];
serverName = getServername(serverCert);
}
if (serverName == null) {
return false;
}
return verifier.verify(hostname, serverName);
} catch (javax.net.ssl.SSLPeerUnverifiedException e) {
return false;
}
}
/*
* Get the peer principal from the session
*/
private Principal getPeerPrincipal(javax.net.ssl.SSLSession session)
throws javax.net.ssl.SSLPeerUnverifiedException
{
Principal principal;
try {
principal = session.getPeerPrincipal();
} catch (AbstractMethodError e) {
// if the provider does not support it, return null, since
// we need it only for Kerberos.
principal = null;
}
return principal;
}
/*
* Extract the name of the SSL server from the certificate.
*
* Note this code is essentially a subset of the hostname extraction
* code in HostnameChecker.
*/
private static String getServername(X509Certificate peerCert) {
try {
// compare to subjectAltNames if dnsName is present
Collection<List<?>> subjAltNames = peerCert.getSubjectAlternativeNames();
if (subjAltNames != null) {
for (Iterator<List<?>> itr = subjAltNames.iterator(); itr.hasNext(); ) {
List<?> next = itr.next();
if (((Integer)next.get(0)).intValue() == 2) {
// compare dNSName with host in url
String dnsName = ((String)next.get(1));
return dnsName;
}
}
}
// else check against common name in the subject field
X500Name subject = HostnameChecker.getSubjectX500Name(peerCert);
DerValue derValue = subject.findMostSpecificAttribute
(X500Name.commonName_oid);
if (derValue != null) {
try {
String name = derValue.getAsString();
return name;
} catch (IOException e) {
// ignore
}
}
} catch (java.security.cert.CertificateException e) {
// ignore
}
return null;
}
}

55
jdkSrc/jdk8/com/sun/net/ssl/internal/www/protocol/https/Handler.java Normal file
View File

@@ -0,0 +1,55 @@
/*
* Copyright (c) 1996, 2003, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package com.sun.net.ssl.internal.www.protocol.https;
import java.io.IOException;
import java.net.URL;
import java.net.Proxy;
/**
* This class exists for compatibility with previous JSSE releases
* only. The HTTPS implementation can now be found in
* sun.net.www.protocol.https.
*
*/
public class Handler extends sun.net.www.protocol.https.Handler {
public Handler() {
super();
}
public Handler(String proxy, int port) {
super(proxy, port);
}
protected java.net.URLConnection openConnection(URL u) throws IOException {
return openConnection(u, (Proxy)null);
}
protected java.net.URLConnection openConnection(URL u, Proxy p) throws IOException {
return new HttpsURLConnectionOldImpl(u, p, this);
}
}

517
jdkSrc/jdk8/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java Normal file
View File

@@ -0,0 +1,517 @@
/*
* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* NOTE: This class lives in the package sun.net.www.protocol.https.
* There is a copy in com.sun.net.ssl.internal.www.protocol.https for JSSE
* 1.0.2 compatibility. It is 100% identical except the package and extends
* lines. Any changes should be made to be class in sun.net.* and then copied
* to com.sun.net.*.
*/
// For both copies of the file, uncomment one line and comment the other
// package sun.net.www.protocol.https;
package com.sun.net.ssl.internal.www.protocol.https;
import java.net.URL;
import java.net.Proxy;
import java.net.ProtocolException;
import java.net.MalformedURLException;
import java.io.*;
import javax.net.ssl.*;
import java.security.Permission;
import java.util.Map;
import java.util.List;
import sun.net.www.http.HttpClient;
/**
* A class to represent an HTTP connection to a remote object.
*
* Ideally, this class should subclass and inherit the http handler
* implementation, but it can't do so because that class have the
* wrong Java Type. Thus it uses the delegate (aka, the
* Adapter/Wrapper design pattern) to reuse code from the http
* handler.
*
* Since it would use a delegate to access
* sun.net.www.protocol.http.HttpURLConnection functionalities, it
* needs to implement all public methods in it's super class and all
* the way to Object.
*
*/
// For both copies of the file, uncomment one line and comment the other
// public class HttpsURLConnectionImpl
// extends javax.net.ssl.HttpsURLConnection {
public class HttpsURLConnectionOldImpl
extends com.sun.net.ssl.HttpsURLConnection {
private DelegateHttpsURLConnection delegate;
// For both copies of the file, uncomment one line and comment the other
// HttpsURLConnectionImpl(URL u, Handler handler) throws IOException {
HttpsURLConnectionOldImpl(URL u, Handler handler) throws IOException {
this(u, null, handler);
}
static URL checkURL(URL u) throws IOException {
if (u != null) {
if (u.toExternalForm().indexOf('\n') > -1) {
throw new MalformedURLException("Illegal character in URL");
}
}
return u;
}
// For both copies of the file, uncomment one line and comment the other
// HttpsURLConnectionImpl(URL u, Handler handler) throws IOException {
HttpsURLConnectionOldImpl(URL u, Proxy p, Handler handler) throws IOException {
super(checkURL(u));
delegate = new DelegateHttpsURLConnection(url, p, handler, this);
}
/**
* Create a new HttpClient object, bypassing the cache of
* HTTP client objects/connections.
*
* @param url the URL being accessed
*/
protected void setNewClient(URL url) throws IOException {
delegate.setNewClient(url, false);
}
/**
* Obtain a HttpClient object. Use the cached copy if specified.
*
* @param url the URL being accessed
* @param useCache whether the cached connection should be used
* if present
*/
protected void setNewClient(URL url, boolean useCache)
throws IOException {
delegate.setNewClient(url, useCache);
}
/**
* Create a new HttpClient object, set up so that it uses
* per-instance proxying to the given HTTP proxy. This
* bypasses the cache of HTTP client objects/connections.
*
* @param url the URL being accessed
* @param proxyHost the proxy host to use
* @param proxyPort the proxy port to use
*/
protected void setProxiedClient(URL url, String proxyHost, int proxyPort)
throws IOException {
delegate.setProxiedClient(url, proxyHost, proxyPort);
}
/**
* Obtain a HttpClient object, set up so that it uses per-instance
* proxying to the given HTTP proxy. Use the cached copy of HTTP
* client objects/connections if specified.
*
* @param url the URL being accessed
* @param proxyHost the proxy host to use
* @param proxyPort the proxy port to use
* @param useCache whether the cached connection should be used
* if present
*/
protected void setProxiedClient(URL url, String proxyHost, int proxyPort,
boolean useCache) throws IOException {
delegate.setProxiedClient(url, proxyHost, proxyPort, useCache);
}
/**
* Implements the HTTP protocol handler's "connect" method,
* establishing an SSL connection to the server as necessary.
*/
public void connect() throws IOException {
delegate.connect();
}
/**
* Used by subclass to access "connected" variable. Since we are
* delegating the actual implementation to "delegate", we need to
* delegate the access of "connected" as well.
*/
protected boolean isConnected() {
return delegate.isConnected();
}
/**
* Used by subclass to access "connected" variable. Since we are
* delegating the actual implementation to "delegate", we need to
* delegate the access of "connected" as well.
*/
protected void setConnected(boolean conn) {
delegate.setConnected(conn);
}
/**
* Returns the cipher suite in use on this connection.
*/
public String getCipherSuite() {
return delegate.getCipherSuite();
}
/**
* Returns the certificate chain the client sent to the
* server, or null if the client did not authenticate.
*/
public java.security.cert.Certificate []
getLocalCertificates() {
return delegate.getLocalCertificates();
}
/**
* Returns the server's certificate chain, or throws
* SSLPeerUnverified Exception if
* the server did not authenticate.
*/
public java.security.cert.Certificate []
getServerCertificates() throws SSLPeerUnverifiedException {
return delegate.getServerCertificates();
}
/**
* Returns the server's X.509 certificate chain, or null if
* the server did not authenticate.
*
* NOTE: This method is not necessary for the version of this class
* implementing javax.net.ssl.HttpsURLConnection, but provided for
* compatibility with the com.sun.net.ssl.HttpsURLConnection version.
*/
public javax.security.cert.X509Certificate[] getServerCertificateChain() {
try {
return delegate.getServerCertificateChain();
} catch (SSLPeerUnverifiedException e) {
// this method does not throw an exception as declared in
// com.sun.net.ssl.HttpsURLConnection.
// Return null for compatibility.
return null;
}
}
/*
* Allowable input/output sequences:
* [interpreted as POST/PUT]
* - get output, [write output,] get input, [read input]
* - get output, [write output]
* [interpreted as GET]
* - get input, [read input]
* Disallowed:
* - get input, [read input,] get output, [write output]
*/
public synchronized OutputStream getOutputStream() throws IOException {
return delegate.getOutputStream();
}
public synchronized InputStream getInputStream() throws IOException {
return delegate.getInputStream();
}
public InputStream getErrorStream() {
return delegate.getErrorStream();
}
/**
* Disconnect from the server.
*/
public void disconnect() {
delegate.disconnect();
}
public boolean usingProxy() {
return delegate.usingProxy();
}
/**
* Returns an unmodifiable Map of the header fields.
* The Map keys are Strings that represent the
* response-header field names. Each Map value is an
* unmodifiable List of Strings that represents
* the corresponding field values.
*
* @return a Map of header fields
* @since 1.4
*/
public Map<String,List<String>> getHeaderFields() {
return delegate.getHeaderFields();
}
/**
* Gets a header field by name. Returns null if not known.
* @param name the name of the header field
*/
public String getHeaderField(String name) {
return delegate.getHeaderField(name);
}
/**
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
public String getHeaderField(int n) {
return delegate.getHeaderField(n);
}
/**
* Gets a header field by index. Returns null if not known.
* @param n the index of the header field
*/
public String getHeaderFieldKey(int n) {
return delegate.getHeaderFieldKey(n);
}
/**
* Sets request property. If a property with the key already
* exists, overwrite its value with the new value.
* @param value the value to be set
*/
public void setRequestProperty(String key, String value) {
delegate.setRequestProperty(key, value);
}
/**
* Adds a general request property specified by a
* key-value pair. This method will not overwrite
* existing values associated with the same key.
*
* @param key the keyword by which the request is known
* (e.g., "<code>accept</code>").
* @param value the value associated with it.
* @see #getRequestProperties(java.lang.String)
* @since 1.4
*/
public void addRequestProperty(String key, String value) {
delegate.addRequestProperty(key, value);
}
/**
* Overwrite super class method
*/
public int getResponseCode() throws IOException {
return delegate.getResponseCode();
}
public String getRequestProperty(String key) {
return delegate.getRequestProperty(key);
}
/**
* Returns an unmodifiable Map of general request
* properties for this connection. The Map keys
* are Strings that represent the request-header
* field names. Each Map value is a unmodifiable List
* of Strings that represents the corresponding
* field values.
*
* @return a Map of the general request properties for this connection.
* @throws IllegalStateException if already connected
* @since 1.4
*/
public Map<String,List<String>> getRequestProperties() {
return delegate.getRequestProperties();
}
/*
* We support JDK 1.2.x so we can't count on these from JDK 1.3.
* We override and supply our own version.
*/
public void setInstanceFollowRedirects(boolean shouldFollow) {
delegate.setInstanceFollowRedirects(shouldFollow);
}
public boolean getInstanceFollowRedirects() {
return delegate.getInstanceFollowRedirects();
}
public void setRequestMethod(String method) throws ProtocolException {
delegate.setRequestMethod(method);
}
public String getRequestMethod() {
return delegate.getRequestMethod();
}
public String getResponseMessage() throws IOException {
return delegate.getResponseMessage();
}
public long getHeaderFieldDate(String name, long Default) {
return delegate.getHeaderFieldDate(name, Default);
}
public Permission getPermission() throws IOException {
return delegate.getPermission();
}
public URL getURL() {
return delegate.getURL();
}
public int getContentLength() {
return delegate.getContentLength();
}
public long getContentLengthLong() {
return delegate.getContentLengthLong();
}
public String getContentType() {
return delegate.getContentType();
}
public String getContentEncoding() {
return delegate.getContentEncoding();
}
public long getExpiration() {
return delegate.getExpiration();
}
public long getDate() {
return delegate.getDate();
}
public long getLastModified() {
return delegate.getLastModified();
}
public int getHeaderFieldInt(String name, int Default) {
return delegate.getHeaderFieldInt(name, Default);
}
public long getHeaderFieldLong(String name, long Default) {
return delegate.getHeaderFieldLong(name, Default);
}
public Object getContent() throws IOException {
return delegate.getContent();
}
@SuppressWarnings("rawtypes")
public Object getContent(Class[] classes) throws IOException {
return delegate.getContent(classes);
}
public String toString() {
return delegate.toString();
}
public void setDoInput(boolean doinput) {
delegate.setDoInput(doinput);
}
public boolean getDoInput() {
return delegate.getDoInput();
}
public void setDoOutput(boolean dooutput) {
delegate.setDoOutput(dooutput);
}
public boolean getDoOutput() {
return delegate.getDoOutput();
}
public void setAllowUserInteraction(boolean allowuserinteraction) {
delegate.setAllowUserInteraction(allowuserinteraction);
}
public boolean getAllowUserInteraction() {
return delegate.getAllowUserInteraction();
}
public void setUseCaches(boolean usecaches) {
delegate.setUseCaches(usecaches);
}
public boolean getUseCaches() {
return delegate.getUseCaches();
}
public void setIfModifiedSince(long ifmodifiedsince) {
delegate.setIfModifiedSince(ifmodifiedsince);
}
public long getIfModifiedSince() {
return delegate.getIfModifiedSince();
}
public boolean getDefaultUseCaches() {
return delegate.getDefaultUseCaches();
}
public void setDefaultUseCaches(boolean defaultusecaches) {
delegate.setDefaultUseCaches(defaultusecaches);
}
/*
* finalize (dispose) the delegated object. Otherwise
* sun.net.www.protocol.http.HttpURLConnection's finalize()
* would have to be made public.
*/
protected void finalize() throws Throwable {
delegate.dispose();
}
public boolean equals(Object obj) {
return delegate.equals(obj);
}
public int hashCode() {
return delegate.hashCode();
}
public void setConnectTimeout(int timeout) {
delegate.setConnectTimeout(timeout);
}
public int getConnectTimeout() {
return delegate.getConnectTimeout();
}
public void setReadTimeout(int timeout) {
delegate.setReadTimeout(timeout);
}
public int getReadTimeout() {
return delegate.getReadTimeout();
}
public void setFixedLengthStreamingMode (int contentLength) {
delegate.setFixedLengthStreamingMode(contentLength);
}
public void setFixedLengthStreamingMode(long contentLength) {
delegate.setFixedLengthStreamingMode(contentLength);
}
public void setChunkedStreamingMode (int chunklen) {
delegate.setChunkedStreamingMode(chunklen);
}
}