I don't really understand where is your problem.
In the AuthSSLProtocolSocketFactory you have (for one of the createSocket
methods):
public Socket createSocket(String host, int port) throws IOException,
UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(
host,
port
);
}
change it like this:
public Socket createSocket(String host, int port) throws IOException,
UnknownHostException {
SSLSocket sslSocket = (SSLSocket) getSSLContext().getSocketFactory()
.createSocket(host, port);
verifyHostname(sslSocket);
return sslSocket;
}
do that for each createSocket methods and use the verifyHostname(..) and
getCN(..) methods provided in the StrictSSLProtocolSocketFactory (and do what's
needed to set the class member verifyHostname used in verifyHostname)
christophe
> -----Message d'origine-----
> De : Massimiliano Masi [mailto:[EMAIL PROTECTED]
> Envoyé : vendredi 14 décembre 2007 11:55
> À : [email protected]
> Objet : RE: Hostname verification
>
> Hi,
>
> Quoting Furmaniak Christophe <[EMAIL PROTECTED]>:
>
> >
> > You can easily mix both.
>
> Yes, this is my problem :-)
>
> I don't know how to mix them. According to the "strict", I need these:
>
> SSLSession session = socket.getSession();
> String hostname = session.getPeerHost();
>
> but in the authsslprotocolsocketfactory I have a plain socket.
> I tried to get the session from the getSSLContext
>
> getSSLContext().getServerSessionContext().getIds()
>
> and then looping to the ids, but I did not get any Ids...
>
> Thank you,
>
> Massimiliano
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
