// Methods to attempt socket creation /////////////////////////////////////////////////////////////////
private Socket getSocket(String host, int port, boolean ssl, boolean negotiate) throws IOException {
- Socket ret = ssl ? new TinySSL(host, port, negotiate) : new Socket(java.net.InetAddress.getByName(host), port);
+ Socket ret = ssl ? new SSL(host, port, negotiate) : new Socket(java.net.InetAddress.getByName(host), port);
ret.setTcpNoDelay(true);
return ret;
}
String s = br.readLine();
if (s.charAt(9) != '2') throw new HTTPException("proxy refused CONNECT method: \"" + s + "\"");
while (br.readLine().length() > 0) { };
- ((TinySSL)sock).negotiate();
+ ((SSL)sock).negotiate();
}
return sock;
dis.skip(6); // ip/port
if ((int)(success & 0xff) == 90) {
- if (ssl) ((TinySSL)sock).negotiate();
+ if (ssl) ((SSL)sock).negotiate();
return sock;
}
if (Log.on) Log.log(this, "SOCKS server denied access, code " + (success & 0xff));
// the portion of clause 6a after the semicolon (aka the "obnoxious
// relink clause")
-package org.xwt;
+package org.xwt.util;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.Digest;
1.03 10-Aug-02 Fixed a vulnerability outlined at
http://online.securityfocus.com/archive/1/286290
+ 1.04 12-Dec-03 Renamed to org.xwt.SSL, fixed race condition
+
*/
-public class TinySSL extends Socket {
+public class SSL extends Socket {
// Simple Test //////////////////////////////////////////////
public static void main(String[] args) {
Log.on = true;
try {
- Socket s = new TinySSL("www.paypal.com", 443);
+ Socket s = new SSL("www.paypal.com", 443);
PrintWriter pw = new PrintWriter(s.getOutputStream());
BufferedReader br = new BufferedReader(new InputStreamReader(s.getInputStream()));
pw.println("GET / HTTP/1.0");
while(true) {
String s2 = br.readLine();
if (s2 == null) return;
- Log.log(TinySSL.class, s2);
+ Log.log(SSL.class, s2);
}
} catch (Exception e) {
public InputStream getInputStream() throws IOException { return is != null ? is : super.getInputStream(); }
public OutputStream getOutputStream() throws IOException { return os != null ? os : super.getOutputStream(); }
- public TinySSL(String host, int port) throws IOException { this(host, port, true, false); }
- public TinySSL(String host, int port, boolean negotiateImmediately) throws IOException { this(host, port, negotiateImmediately, false); }
- public TinySSL(String host, int port, boolean negotiateImmediately, boolean ignoreUntrustedCert) throws IOException {
+ public SSL(String host, int port) throws IOException { this(host, port, true, false); }
+ public SSL(String host, int port, boolean negotiateImmediately) throws IOException { this(host, port, negotiateImmediately, false); }
+ public SSL(String host, int port, boolean negotiateImmediately, boolean ignoreUntrustedCert) throws IOException {
super(host, port);
if (!initializationFinished) {
- synchronized(TinySSL.class) {
+ synchronized(SSL.class) {
while (!initializationFinished)
- try { TinySSL.class.wait(); } catch (Exception e) { }
+ try { SSL.class.wait(); } catch (Exception e) { }
}
}
hostname = host;
for(int i=0; i<pad2_sha.length; i++) pad2_sha[i] = (byte)0x5C;
try {
- if (Log.on) Log.log(TinySSL.class, "reading in trusted root public keys...");
+ if (Log.on) Log.log(SSL.class, "reading in trusted root public keys...");
trusted_CA_public_keys = new SubjectPublicKeyInfo[base64_encoded_trusted_CA_public_keys.length / 2];
trusted_CA_public_key_identifiers = new String[base64_encoded_trusted_CA_public_keys.length / 2];
for(int i=0; i<base64_encoded_trusted_CA_public_keys.length; i+=2) {
}
} catch (Exception e) {
- if (Log.on) Log.log(TinySSL.class, e);
+ if (Log.on) Log.log(SSL.class, e);
}
- if (Log.on) Log.log(TinySSL.class, "generating entropy...");
+ if (Log.on) Log.log(SSL.class, "generating entropy...");
randpool = new byte[10];
try { Thread.sleep(100); } catch (Exception e) { }
for(int i=0; i<spinners.length; i++) {
intToBytes(System.currentTimeMillis(), randpool, 0, 4); md5.update(randpool, 0, 4);
intToBytes(Runtime.getRuntime().freeMemory(), randpool, 0, 4); md5.update(randpool, 0, 4);
intToBytes(Runtime.getRuntime().totalMemory(), randpool, 0, 4); md5.update(randpool, 0, 4);
- intToBytes(System.identityHashCode(TinySSL.class), randpool, 0, 4); md5.update(randpool, 0, 4);
+ intToBytes(System.identityHashCode(SSL.class), randpool, 0, 4); md5.update(randpool, 0, 4);
Properties p = System.getProperties();
for(Enumeration e = p.propertyNames(); e.hasMoreElements();) {
String s = (String)e.nextElement();
randpool = new byte[md5.getDigestSize()];
md5.doFinal(randpool, 0);
- if (Log.on) Log.log(TinySSL.class, "TinySSL is initialized.");
+ if (Log.on) Log.log(SSL.class, "SSL is initialized.");
initializationFinished = true;
- TinySSL.class.notifyAll();
+ SSL.class.notifyAll();
}
/**
- * A PKCS1 encoder which uses TinySSL's built-in PRNG instead of java.security.SecureRandom.
+ * A PKCS1 encoder which uses SSL's built-in PRNG instead of java.security.SecureRandom.
* This code was derived from BouncyCastle's org.bouncycastle.crypto.encoding.PKCS1Encoding.
*/
private static class PKCS1 implements AsymmetricBlockCipher {