Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/*
* Copyright 2017-2018 Ping Identity Corporation
* All Rights Reserved.
*/
/*
* Copyright (C) 2017-2018 Ping Identity Corporation
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License (GPLv2 only)
* or the terms of the GNU Lesser General Public License (LGPLv2.1 only)
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see .
*/
package com.unboundid.util.ssl.cert;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.LinkedBlockingQueue;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509TrustManager;
import com.unboundid.asn1.ASN1StreamReader;
import com.unboundid.ldap.protocol.ExtendedRequestProtocolOp;
import com.unboundid.ldap.protocol.ExtendedResponseProtocolOp;
import com.unboundid.ldap.protocol.LDAPMessage;
import com.unboundid.ldap.sdk.Control;
import com.unboundid.ldap.sdk.ExtendedResult;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest;
import com.unboundid.ldap.sdk.unboundidds.tools.ResultUtils;
import com.unboundid.util.Debug;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.ssl.SSLUtil;
import static com.unboundid.util.ssl.cert.CertMessages.*;
/**
* This class provides a thread that can be used to establish a connection to a
* server, optionally use the LDAP StartTLS operation to initiate secure
* communication over a previously-non-secure connection, and then capture the
* certificate chain that the server presented to the client during TLS
* negotiation. That certificate chain, or any error encountered while trying
* to obtain it, will be made available to the creator of this thread through a
* queue.
*/
@ThreadSafety(level=ThreadSafetyLevel.NOT_THREADSAFE)
final class ManageCertificatesServerCertificateCollector
extends Thread
implements X509TrustManager
{
/**
* The column at which to wrap long lines of output.
*/
private static final int WRAP_COLUMN =
StaticUtils.TERMINAL_WIDTH_COLUMNS - 1;
/**
* A pre-allocated empty certificate array.
*/
private static final X509Certificate[] NO_CERTIFICATES =
new X509Certificate[0];
// Indicates whether the certificate chain has been retrieved from the server.
private volatile boolean gotCertificateChain;
// Indicates whether to use the LDAP StartTLS operation to trigger TLS
// negotiation.
private final boolean useLDAPStartTLS;
// Indicates whether to operate in verbose mode.
private final boolean verbose;
// The port of the server to which the connection will be established.
private final int port;
// The queue that will be used to transfer the server certificate chain to the
// caller.
private final LinkedBlockingQueue