Package org.mariadb.jdbc.client.tls
Class HostnameVerifier
java.lang.Object
org.mariadb.jdbc.client.tls.HostnameVerifier
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate static enum
private static class
private static class
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprivate static String
extractCommonName
(String principal) private static HostnameVerifier.SubjectAltNames
static boolean
static boolean
private static boolean
DNS verification : Matching is performed using the matching rules specified by [RFC2459].private static boolean
matchWildCards
(boolean hostIsIp, String hostnameToken, String tlsDnsToken) private static String
normaliseAddress
(String hostname) private static String
normalizedHostMsg
(String normalizedHost) static void
verify
(String host, X509Certificate cert, long serverThreadId) Verification that throw an exception with a detailed error message in case of error.
-
Field Details
-
logger
-
IP_V4
-
IP_V6
-
IP_V6_COMPRESSED
-
-
Constructor Details
-
HostnameVerifier
public HostnameVerifier()
-
-
Method Details
-
matchDns
DNS verification : Matching is performed using the matching rules specified by [RFC2459]. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com. f*.com matches foo.com but not bar.com.- Parameters:
hostname
- hostnametlsDnsPattern
- DNS pattern (may contain wildcard)- Returns:
- true if matching
- Throws:
SSLException
-
matchWildCards
private static boolean matchWildCards(boolean hostIsIp, String hostnameToken, String tlsDnsToken) throws SSLException - Throws:
SSLException
-
extractCommonName
- Throws:
SSLException
-
normaliseAddress
-
normalizedHostMsg
-
isIPv4
-
isIPv6
-
getSubjectAltNames
private static HostnameVerifier.SubjectAltNames getSubjectAltNames(X509Certificate cert) throws CertificateParsingException - Throws:
CertificateParsingException
-
verify
public static void verify(String host, X509Certificate cert, long serverThreadId) throws SSLException Verification that throw an exception with a detailed error message in case of error.- Parameters:
host
- hostnamecert
- certificateserverThreadId
- server thread Identifier to identify connection in logs- Throws:
SSLException
- exception
-