- From: Thomas Gambet via cvs-syncmail <cvsmail@w3.org>
- Date: Sun, 21 Mar 2010 22:52:52 +0000
- To: www-validator-cvs@w3.org
Update of /sources/public/2006/unicorn/src/org/w3c/unicorn/input In directory hutz:/tmp/cvs-serv6203/src/org/w3c/unicorn/input Modified Files: URIInputParameter.java Log Message: deactivates SSL security checks if a resource has an invalid SSL certificate and adds a warning to the user Index: URIInputParameter.java =================================================================== RCS file: /sources/public/2006/unicorn/src/org/w3c/unicorn/input/URIInputParameter.java,v retrieving revision 1.15 retrieving revision 1.16 diff -u -d -r1.15 -r1.16 --- URIInputParameter.java 9 Oct 2009 14:59:38 -0000 1.15 +++ URIInputParameter.java 21 Mar 2010 22:52:50 -0000 1.16 @@ -7,14 +7,21 @@ import java.net.SocketTimeoutException; import java.net.URL; import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; import java.util.regex.Pattern; import javax.activation.MimeType; import javax.activation.MimeTypeParseException; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLException; +import javax.net.ssl.TrustManager; import org.w3c.unicorn.contract.EnumInputMethod; import org.w3c.unicorn.exceptions.UnicornException; +import org.w3c.unicorn.request.TrustAllManager; import org.w3c.unicorn.util.Message; import org.w3c.unicorn.util.Property; @@ -24,6 +31,22 @@ private int connectTimeOut; + private static SSLContext sc; + + static { + try { + sc = SSLContext.getInstance("SSL"); + sc.init(null, new TrustManager[]{new TrustAllManager()}, new java.security.SecureRandom()); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyManagementException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + public URIInputParameter(String uri) { this.uri = uri; if (Property.get("DOCUMENT_CONNECT_TIMEOUT") != null) @@ -33,7 +56,7 @@ } @Override - public void check() throws UnicornException { + public void check(ArrayList<Message> messages) throws UnicornException { URL docUrl = null; try { if (uri == null || uri.equals("")) @@ -52,9 +75,18 @@ docUrl = new URL(uri); if (!docUrl.getProtocol().equals("http") && !docUrl.getProtocol().equals("https")) throw new UnicornException(Message.ERROR, "$message_unsupported_protocol", null, docUrl.getProtocol()); - HttpURLConnection con = (HttpURLConnection) docUrl.openConnection(); + + HttpsURLConnection con = (HttpsURLConnection) docUrl.openConnection(); con.setConnectTimeout(connectTimeOut); - con.connect(); + try { + con.connect(); + } catch (SSLException e) { + con.setSSLSocketFactory(sc.getSocketFactory()); + con.connect(); + Message message = new Message(Message.WARNING, "$message_ssl_warning", e.getClass() + "\n" + e.getMessage()); + message.setEvaluateContent(false); + messages.add(message); + } int responseCode = con.getResponseCode(); switch (responseCode) { case HttpURLConnection.HTTP_UNAUTHORIZED: @@ -72,8 +104,6 @@ throw new UnicornException(Message.ERROR, "$message_invalid_mime_type"); } catch (UnknownHostException e) { throw new UnicornException(Message.ERROR, "$message_unknown_host" , null, docUrl.getHost()); - } catch (SSLException e) { - throw new UnicornException(Message.ERROR, "$message_ssl_exception"); } catch (ConnectException e) { throw new UnicornException(Message.ERROR, "$message_connect_exception"); } catch (SocketTimeoutException e) {
Received on Sunday, 21 March 2010 22:52:54 UTC