You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2014/08/06 11:29:59 UTC

svn commit: r1616137 - in /httpcomponents/httpclient/trunk/httpclient/src: main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java

Author: olegk
Date: Wed Aug  6 09:29:58 2014
New Revision: 1616137

URL: http://svn.apache.org/r1616137
Log:
Replaced LdapName with custom DN parser

Modified:
    httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java
    httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java

Modified: httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java?rev=1616137&r1=1616136&r2=1616137&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractCommonHostnameVerifier.java Wed Aug  6 09:29:58 2014
@@ -38,20 +38,15 @@ import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
-import java.util.NoSuchElementException;
 
-import javax.naming.InvalidNameException;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.ldap.LdapName;
-import javax.naming.ldap.Rdn;
 import javax.net.ssl.SSLException;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.http.NameValuePair;
 import org.apache.http.annotation.Immutable;
 import org.apache.http.conn.util.InetAddressUtils;
+import org.apache.http.util.TextUtils;
 
 /**
  * Abstract base class for all standard {@link org.apache.http.conn.ssl.X509HostnameVerifier}
@@ -200,26 +195,17 @@ public abstract class AbstractCommonHost
             return null;
         }
         final List<String> cns = new ArrayList<String>();
-        try {
-            final LdapName subjectDN = new LdapName(subjectPrincipal);
-            final List<Rdn> rdns = subjectDN.getRdns();
-            for (int i = rdns.size() - 1; i >= 0; i--) {
-                final Rdn rds = rdns.get(i);
-                final Attributes attributes = rds.toAttributes();
-                final Attribute cn = attributes.get("cn");
-                if (cn != null) {
-                    try {
-                        final Object value = cn.get();
-                        if (value != null) {
-                            cns.add(value.toString());
-                        }
-                    } catch (NoSuchElementException ignore) {
-                    } catch (NamingException ignore) {
-                    }
-                }
+        final List<NameValuePair> nvps = DistinguishedNameParser.INSTANCE.parse(subjectPrincipal);
+        for (int i = 0; i < nvps.size(); i++) {
+            final NameValuePair nvp = nvps.get(i);
+            final String attribName = nvp.getName();
+            final String attribValue = nvp.getValue();
+            if (TextUtils.isBlank(attribValue)) {
+                throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
+            }
+            if (attribName.equalsIgnoreCase("cn")) {
+                cns.add(attribValue);
             }
-        } catch (InvalidNameException e) {
-            throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
         }
         return cns.isEmpty() ? null : cns.toArray(new String[ cns.size() ]);
     }

Modified: httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java?rev=1616137&r1=1616136&r2=1616137&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java (original)
+++ httpcomponents/httpclient/trunk/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java Wed Aug  6 09:29:58 2014
@@ -357,16 +357,20 @@ public class TestHostnameVerifier {
         Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=\"blah, blah\", ou=blah, o=blah"));
         Assert.assertArrayEquals(new String[] {"blah, blah"}, AbstractCommonHostnameVerifier.extractCNs("cn=blah\\, blah, ou=blah, o=blah"));
         Assert.assertArrayEquals(new String[] {"blah"}, AbstractCommonHostnameVerifier.extractCNs("c = cn=uuh, cn=blah, ou=blah, o=blah"));
-        Assert.assertArrayEquals(new String[] {""}, AbstractCommonHostnameVerifier.extractCNs("cn=   , ou=blah, o=blah"));
     }
 
     @Test(expected = SSLException.class)
-    public void testExtractCNInvalid1() throws Exception {
+    public void testExtractCNEmpty() throws Exception {
+        AbstractCommonHostnameVerifier.extractCNs("cn=   , ou=blah, o=blah");
+    }
+
+    @Test(expected = SSLException.class)
+    public void testExtractCNMissing() throws Exception {
         AbstractCommonHostnameVerifier.extractCNs("blah,blah");
     }
 
     @Test(expected = SSLException.class)
-    public void testExtractCNInvalid2() throws Exception {
+    public void testExtractCNNull() throws Exception {
         AbstractCommonHostnameVerifier.extractCNs("cn,o=blah");
     }