diff options
Diffstat (limited to 'src/org/apache/http')
-rw-r--r-- | src/org/apache/http/conn/ssl/AbstractVerifier.java | 36 |
1 files changed, 4 insertions, 32 deletions
diff --git a/src/org/apache/http/conn/ssl/AbstractVerifier.java b/src/org/apache/http/conn/ssl/AbstractVerifier.java index 723d806..deda1d0 100644 --- a/src/org/apache/http/conn/ssl/AbstractVerifier.java +++ b/src/org/apache/http/conn/ssl/AbstractVerifier.java @@ -44,10 +44,10 @@ import java.util.Iterator; import java.util.LinkedList; import java.util.List; import java.util.Locale; -import java.util.StringTokenizer; import java.util.logging.Logger; import java.util.logging.Level; +import javax.net.ssl.DistinguishedNameParser; import javax.net.ssl.SSLException; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; @@ -202,38 +202,10 @@ public abstract class AbstractVerifier implements X509HostnameVerifier { } public static String[] getCNs(X509Certificate cert) { - LinkedList<String> cnList = new LinkedList<String>(); - /* - Sebastian Hauer's original StrictSSLProtocolSocketFactory used - getName() and had the following comment: + DistinguishedNameParser dnParser = + new DistinguishedNameParser(cert.getSubjectX500Principal()); + List<String> cnList = dnParser.getAllMostSpecificFirst("cn"); - Parses a X.500 distinguished name for the value of the - "Common Name" field. This is done a bit sloppy right - now and should probably be done a bit more according to - <code>RFC 2253</code>. - - I've noticed that toString() seems to do a better job than - getName() on these X500Principal objects, so I'm hoping that - addresses Sebastian's concern. - - For example, getName() gives me this: - 1.2.840.113549.1.9.1=#16166a756c6975736461766965734063756362632e636f6d - - whereas toString() gives me this: - EMAILADDRESS=juliusdavies@cucbc.com - - Looks like toString() even works with non-ascii domain names! - I tested it with "花子.co.jp" and it worked fine. - */ - String subjectPrincipal = cert.getSubjectX500Principal().toString(); - StringTokenizer st = new StringTokenizer(subjectPrincipal, ","); - while(st.hasMoreTokens()) { - String tok = st.nextToken(); - int x = tok.indexOf("CN="); - if(x >= 0) { - cnList.add(tok.substring(x + 3)); - } - } if(!cnList.isEmpty()) { String[] cns = new String[cnList.size()]; cnList.toArray(cns); |