1 /* 2 * $HeadURL: http://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk/module-client/src/main/java/org/apache/http/conn/ssl/StrictHostnameVerifier.java $ 3 * $Revision: 617642 $ 4 * $Date: 2008-02-01 12:54:07 -0800 (Fri, 01 Feb 2008) $ 5 * 6 * ==================================================================== 7 * Licensed to the Apache Software Foundation (ASF) under one 8 * or more contributor license agreements. See the NOTICE file 9 * distributed with this work for additional information 10 * regarding copyright ownership. The ASF licenses this file 11 * to you under the Apache License, Version 2.0 (the 12 * "License"); you may not use this file except in compliance 13 * with the License. You may obtain a copy of the License at 14 * 15 * http://www.apache.org/licenses/LICENSE-2.0 16 * 17 * Unless required by applicable law or agreed to in writing, 18 * software distributed under the License is distributed on an 19 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 20 * KIND, either express or implied. See the License for the 21 * specific language governing permissions and limitations 22 * under the License. 23 * ==================================================================== 24 * 25 * This software consists of voluntary contributions made by many 26 * individuals on behalf of the Apache Software Foundation. For more 27 * information on the Apache Software Foundation, please see 28 * <http://www.apache.org/>. 29 * 30 */ 31 32 package org.apache.http.conn.ssl; 33 34 import javax.net.ssl.SSLException; 35 36 /** 37 * The Strict HostnameVerifier works the same way as Sun Java 1.4, Sun 38 * Java 5, Sun Java 6-rc. It's also pretty close to IE6. This 39 * implementation appears to be compliant with RFC 2818 for dealing with 40 * wildcards. 41 * <p/> 42 * The hostname must match either the first CN, or any of the subject-alts. 43 * A wildcard can occur in the CN, and in any of the subject-alts. The 44 * one divergence from IE6 is how we only check the first CN. IE6 allows 45 * a match against any of the CNs present. We decided to follow in 46 * Sun Java 1.4's footsteps and only check the first CN. (If you need 47 * to check all the CN's, feel free to write your own implementation!). 48 * <p/> 49 * A wildcard such as "*.foo.com" matches only subdomains in the same 50 * level, for example "a.foo.com". It does not match deeper subdomains 51 * such as "a.b.foo.com". 52 * 53 * @author Julius Davies 54 * 55 * @deprecated Please use {@link java.net.URL#openConnection} instead. 56 * Please visit <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html">this webpage</a> 57 * for further details. 58 */ 59 @Deprecated 60 public class StrictHostnameVerifier extends AbstractVerifier { 61 verify( final String host, final String[] cns, final String[] subjectAlts)62 public final void verify( 63 final String host, 64 final String[] cns, 65 final String[] subjectAlts) throws SSLException { 66 verify(host, cns, subjectAlts, true); 67 } 68 69 @Override toString()70 public final String toString() { 71 return "STRICT"; 72 } 73 74 } 75