Class HostnameVerifier

java.lang.Object
org.mariadb.jdbc.client.tls.HostnameVerifier

public class HostnameVerifier extends Object
SSL host verification
  • Field Details

    • logger

      private static final Logger logger
    • IP_V4

      private static final Pattern IP_V4
    • IP_V6

      private static final Pattern IP_V6
    • IP_V6_COMPRESSED

      private static final Pattern IP_V6_COMPRESSED
  • Constructor Details

    • HostnameVerifier

      public HostnameVerifier()
  • Method Details

    • matchDns

      private static boolean matchDns(String hostname, String tlsDnsPattern) throws SSLException
      DNS verification : Matching is performed using the matching rules specified by [RFC2459]. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com. f*.com matches foo.com but not bar.com.
      Parameters:
      hostname - hostname
      tlsDnsPattern - DNS pattern (may contain wildcard)
      Returns:
      true if matching
      Throws:
      SSLException
    • matchWildCards

      private static boolean matchWildCards(boolean hostIsIp, String hostnameToken, String tlsDnsToken) throws SSLException
      Throws:
      SSLException
    • extractCommonName

      private static String extractCommonName(String principal) throws SSLException
      Throws:
      SSLException
    • normaliseAddress

      private static String normaliseAddress(String hostname)
    • normalizedHostMsg

      private static String normalizedHostMsg(String normalizedHost)
    • isIPv4

      public static boolean isIPv4(String ip)
      check if ip correspond to IPV4
      Parameters:
      ip - ip value
      Returns:
      if ip is using IPV4 format
    • isIPv6

      public static boolean isIPv6(String ip)
      check if ip correspond to IPV6
      Parameters:
      ip - ip value
      Returns:
      if ip is using IPV6 format
    • getSubjectAltNames

      private static HostnameVerifier.SubjectAltNames getSubjectAltNames(X509Certificate cert) throws CertificateParsingException
      Throws:
      CertificateParsingException
    • verify

      public static void verify(String host, X509Certificate cert, long serverThreadId) throws SSLException
      Verification that throw an exception with a detailed error message in case of error.
      Parameters:
      host - hostname
      cert - certificate
      serverThreadId - server thread Identifier to identify connection in logs
      Throws:
      SSLException - exception