← Back to branch summary

~ubuntu-branches/ubuntu/maverick/libpgjava/maverick

« back to all changes in this revision

Viewing changes to org/postgresql/ssl/NonValidatingFactory.java

  • Committer: Bazaar Package Importer
  • Author(s): Arnaud Vandyck
  • Date: 2006-04-25 00:07:07 UTC
  • mfrom: (1.3.1 upstream) (3.1.1 dapper)
  • Revision ID: james.westby@ubuntu.com-20060425000707-6lr2s0awuz4z48hm
http://bugs.debian.org/358345
* Drop support for the old jdbc2 driver (can be reverted if wanted)
  (closes: #358345).
* New upstream (thanks to Wolfgang Baer).

Show diffs side-by-side

added added

removed removed

Lines of Context:
org/postgresql/ssl/NonValidatingFactory.java
 
1
/*-------------------------------------------------------------------------
 
2
*
 
3
* Copyright (c) 2004-2005, PostgreSQL Global Development Group
 
4
*
 
5
* IDENTIFICATION
 
6
*   $PostgreSQL: pgjdbc/org/postgresql/ssl/NonValidatingFactory.java,v 1.5 2005/01/17 09:52:13 jurka Exp $
 
7
*
 
8
*-------------------------------------------------------------------------
 
9
*/
 
10
package org.postgresql.ssl;
 
11
 
 
12
import javax.net.ssl.SSLContext;
 
13
import javax.net.ssl.SSLSocketFactory;
 
14
import javax.net.ssl.TrustManager;
 
15
import javax.net.ssl.X509TrustManager;
 
16
import java.security.cert.X509Certificate;
 
17
import java.security.GeneralSecurityException;
 
18
 
 
19
/**
 
20
 * Provide a SSLSocketFactory that allows SSL connections to be
 
21
 * made without validating the server's certificate.  This is more
 
22
 * convenient for some applications, but is less secure as it allows 
 
23
 * "man in the middle" attacks.
 
24
 */
 
25
public class NonValidatingFactory extends WrappedFactory {
 
26
 
 
27
    /**
 
28
     * We provide a constructor that takes an unused argument solely
 
29
     * because the ssl calling code will look for this constructor
 
30
     * first and then fall back to the no argument constructor, so
 
31
     * we avoid an exception and additional reflection lookups.
 
32
     */
 
33
    public NonValidatingFactory(String arg) throws GeneralSecurityException {
 
34
        SSLContext ctx = SSLContext.getInstance("TLS"); // or "SSL" ?
 
35
 
 
36
        ctx.init(null,
 
37
                 new TrustManager[] { new NonValidatingTM() },
 
38
                 null);
 
39
 
 
40
        _factory = ctx.getSocketFactory();
 
41
    }
 
42
 
 
43
    class NonValidatingTM implements X509TrustManager {
 
44
 
 
45
        public X509Certificate[] getAcceptedIssuers() {
 
46
            return new X509Certificate[0];
 
47
        }
 
48
 
 
49
        public void checkClientTrusted(X509Certificate[] certs, String authType) {
 
50
        }
 
51
 
 
52
        public void checkServerTrusted(X509Certificate[] certs, String authType) {
 
53
        }
 
54
    }
 
55
 
 
56
}
 
57