Package org.mariadb.jdbc.internal.protocol.tls

Class HostnameVerifierImpl

java.lang.Object
org.mariadb.jdbc.internal.protocol.tls.HostnameVerifierImpl
All Implemented Interfaces:
HostnameVerifier
public class HostnameVerifierImpl extends Object implements HostnameVerifier

  • Field Details

    • logger

      private static final Logger logger

  • Constructor Details

    • HostnameVerifierImpl

      public HostnameVerifierImpl()

  • Method Details

    • matchDns

      private static boolean matchDns(String hostname, String tlsDnsPattern) throws SSLException
      DNS verification : Matching is performed using the matching rules specified by [RFC2459]. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com. f*.com matches foo.com but not bar.com.
      Parameters:
      hostname - hostname
      tlsDnsPattern - DNS pattern (may contain wildcard)
      Returns:
      true if matching
      Throws:
      SSLException

    • matchWildCards

      private static boolean matchWildCards(boolean hostIsIp, String hostnameToken, String tlsDnsToken) throws SSLException
      Throws:
      SSLException

    • extractCommonName

      private static String extractCommonName(String principal) throws SSLException
      Throws:
      SSLException

    • normaliseAddress

      private static String normaliseAddress(String hostname)

    • normalizedHostMsg

      private static String normalizedHostMsg(String normalizedHost)

    • getSubjectAltNames

      private HostnameVerifierImpl.SubjectAltNames getSubjectAltNames(X509Certificate cert) throws CertificateParsingException
      Throws:
      CertificateParsingException

    • verify

      public boolean verify(String host, SSLSession session)
      Specified by:
      verify in interface HostnameVerifier

    • verify

      public boolean verify(String host, SSLSession session, long serverThreadId)
      Verification, like HostnameVerifier.verify() with an additional server thread id to identify connection in logs.
      Parameters:
      host - host to connect (DNS/IP)
      session - SSL session
      serverThreadId - connection id to identify connection in logs
      Returns:
      true if valid

    • verify

      public void verify(String host, X509Certificate cert, long serverThreadId) throws SSLException
      Verification that throw an exception with a detailed error message in case of error.
      Parameters:
      host - hostname
      cert - certificate
      serverThreadId - server thread Identifier to identify connection in logs
      Throws:
      SSLException - exception