• Home
• de.siegmar
• logback-gelf
• 2.1.1
• source code
• GelfTcpTlsAppender.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

de.siegmar.logbackgelf.GelfTcpTlsAppender Maven / Gradle / Ivy

/*
 * Logback GELF - zero dependencies Logback GELF appender library.
 * Copyright (C) 2016 Oliver Siegmar
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */

package de.siegmar.logbackgelf;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class GelfTcpTlsAppender extends GelfTcpAppender {

    /**
     * If {@code true}, trust all TLS certificates (even self signed certificates).
     */
    private boolean trustAllCertificates;

    public boolean isTrustAllCertificates() {
        return trustAllCertificates;
    }

    public void setTrustAllCertificates(final boolean trustAllCertificates) {
        this.trustAllCertificates = trustAllCertificates;
    }

    @Override
    protected SSLSocketFactory initSocketFactory() {
        if (trustAllCertificates) {
            addWarn("Enable trustAllCertificates - don't use this in production!");
            try {
                final SSLContext context = SSLContext.getInstance("TLS");
                context.init(null, buildNoopTrustManagers(), new SecureRandom());
                return context.getSocketFactory();
            } catch (final NoSuchAlgorithmException | KeyManagementException e) {
                throw new IllegalStateException(e);
            }
        }

        return (SSLSocketFactory) SSLSocketFactory.getDefault();
    }

    private static TrustManager[] buildNoopTrustManagers() {
        return new TrustManager[] {
            new X509TrustManager() {
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                public void checkClientTrusted(final X509Certificate[] chain,
                                               final String authType) {
                }

                public void checkServerTrusted(final X509Certificate[] chain,
                                               final String authType) {
                }
            },
        };
    }

}