1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.jclouds.http.config;
20
21 import java.security.SecureRandom;
22 import java.security.cert.X509Certificate;
23 import java.util.Map;
24
25 import javax.annotation.Resource;
26 import javax.inject.Inject;
27 import javax.inject.Singleton;
28 import javax.net.ssl.HostnameVerifier;
29 import javax.net.ssl.SSLContext;
30 import javax.net.ssl.SSLSession;
31 import javax.net.ssl.TrustManager;
32 import javax.net.ssl.X509TrustManager;
33
34 import org.jclouds.logging.Logger;
35
36 import com.google.common.base.Supplier;
37 import com.google.common.base.Throwables;
38 import com.google.common.collect.Maps;
39 import com.google.inject.AbstractModule;
40 import com.google.inject.TypeLiteral;
41 import com.google.inject.name.Names;
42
43
44
45
46
47
48 public class SSLModule extends AbstractModule {
49
50 @Override
51 protected void configure() {
52 bind(HostnameVerifier.class).annotatedWith(Names.named("untrusted")).to(LogToMapHostnameVerifier.class);
53 bind(new TypeLiteral<Supplier<SSLContext>>() {
54 }).annotatedWith(Names.named("untrusted")).to(new TypeLiteral<UntrustedSSLContextSupplier>() {
55 });
56 }
57
58
59
60
61
62
63
64 @Singleton
65 static class LogToMapHostnameVerifier implements HostnameVerifier {
66 @Resource
67 private Logger logger = Logger.NULL;
68 private final Map<String, String> sslMap = Maps.newHashMap();;
69
70 public boolean verify(String hostname, SSLSession session) {
71 logger.warn("hostname was %s while session was %s", hostname, session.getPeerHost());
72 sslMap.put(hostname, session.getPeerHost());
73 return true;
74 }
75 }
76
77 @Singleton
78 public static class UntrustedSSLContextSupplier implements Supplier<SSLContext> {
79 private final TrustAllCerts trustAllCerts;
80
81 @Inject
82 UntrustedSSLContextSupplier(TrustAllCerts trustAllCerts) {
83 this.trustAllCerts = trustAllCerts;
84 }
85
86 @Override
87 public SSLContext get() {
88 try {
89 SSLContext sc;
90 sc = SSLContext.getInstance("SSL");
91 sc.init(null, new TrustManager[] { trustAllCerts }, new SecureRandom());
92 return sc;
93 } catch (Exception e) {
94 Throwables.propagate(e);
95 return null;
96 }
97
98 }
99 }
100
101
102
103
104
105
106
107 @Singleton
108 static class TrustAllCerts implements X509TrustManager {
109 public X509Certificate[] getAcceptedIssuers() {
110 return null;
111 }
112
113 public void checkClientTrusted(X509Certificate[] certs, String authType) {
114 return;
115 }
116
117 public void checkServerTrusted(X509Certificate[] certs, String authType) {
118 return;
119 }
120 }
121 }