From 137da0326d98b8d074bad860db3c91714236757f Mon Sep 17 00:00:00 2001 From: Federico Fissore Date: Wed, 5 Jun 2013 18:09:07 +0200 Subject: [PATCH] found a bug in java6, fixed removing a https protocol from the list see http://stackoverflow.com/questions/15589880/how-to-make-java-6-which-fails-ssl-connection-with-ssl-peer-shut-down-incorrec --- .../packages/uploaders/HttpUploader.java | 28 +- .../debug/EasySSLProtocolSocketFactory.java | 265 +++++++++--------- 2 files changed, 144 insertions(+), 149 deletions(-) diff --git a/app/src/cc/arduino/packages/uploaders/HttpUploader.java b/app/src/cc/arduino/packages/uploaders/HttpUploader.java index f6ca5a8c8..cd50a08a2 100644 --- a/app/src/cc/arduino/packages/uploaders/HttpUploader.java +++ b/app/src/cc/arduino/packages/uploaders/HttpUploader.java @@ -1,41 +1,35 @@ package cc.arduino.packages.uploaders; -import static processing.app.I18n._; - -import java.io.BufferedReader; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.OutputStreamWriter; -import java.net.InetSocketAddress; -import java.net.Socket; -import java.util.regex.Matcher; - +import cc.arduino.packages.Uploader; import org.apache.commons.codec.binary.Base64; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.HttpStatus; import org.apache.commons.httpclient.NameValuePair; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.PostMethod; - +import org.apache.commons.httpclient.protocol.Protocol; import processing.app.Base; import processing.app.Constants; import processing.app.Preferences; +import processing.app.debug.EasySSLProtocolSocketFactory; import processing.app.debug.RunnerException; import processing.app.debug.TargetPlatform; import processing.app.helpers.PreferencesMap; -import cc.arduino.packages.Uploader; + +import java.io.*; +import java.net.InetSocketAddress; +import java.net.Socket; +import java.util.regex.Matcher; + +import static processing.app.I18n._; public class HttpUploader extends Uploader { - private static final String PROTOCOL = "http://"; + private static final String PROTOCOL = "https://"; - /* static { Protocol.registerProtocol("https", new Protocol("https", new EasySSLProtocolSocketFactory(), 443)); } - */ private final HttpClient client; private final String ipAddress; diff --git a/app/src/processing/app/debug/EasySSLProtocolSocketFactory.java b/app/src/processing/app/debug/EasySSLProtocolSocketFactory.java index 6723d5897..958972469 100644 --- a/app/src/processing/app/debug/EasySSLProtocolSocketFactory.java +++ b/app/src/processing/app/debug/EasySSLProtocolSocketFactory.java @@ -30,17 +30,6 @@ package processing.app.debug; -import java.io.IOException; -import java.net.InetAddress; -import java.net.InetSocketAddress; -import java.net.Socket; -import java.net.SocketAddress; -import java.net.UnknownHostException; - -import javax.net.SocketFactory; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; - import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.commons.httpclient.HttpClientError; import org.apache.commons.httpclient.params.HttpConnectionParams; @@ -48,21 +37,28 @@ import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import javax.net.SocketFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSocket; +import javax.net.ssl.TrustManager; +import java.io.IOException; +import java.net.*; + /** *

- * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s - * that accept self-signed certificates. + * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s + * that accept self-signed certificates. *

*

- * This socket factory SHOULD NOT be used for productive systems - * due to security reasons, unless it is a concious decision and - * you are perfectly aware of security implications of accepting + * This socket factory SHOULD NOT be used for productive systems + * due to security reasons, unless it is a concious decision and + * you are perfectly aware of security implications of accepting * self-signed certificates *

- * + *

*

* Example of using custom protocol socket factory for a specific host: - * 

+ * 
  *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
  *
  *     URI uri = new URI("https://localhost/", true);
@@ -76,7 +72,7 @@ import org.apache.commons.logging.LogFactory;
  * 

  * 

  * Example of using custom protocol socket factory per default instead of the standard one:
- *     
+ * 
  *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
  *     Protocol.registerProtocol("https", easyhttps);
  *
@@ -85,148 +81,153 @@ import org.apache.commons.logging.LogFactory;
  *     client.executeMethod(httpget);
  *     

  * 

- * 
+ *
  * @author Oleg Kalnichevski
- * 
- * 

- * DISCLAIMER: HttpClient developers DO NOT actively support this component.
- * The component is provided as a reference material, which may be inappropriate
- * for use without additional customization.
- * 

+ *         

+ *         

+ *         DISCLAIMER: HttpClient developers DO NOT actively support this component.
+ *         The component is provided as a reference material, which may be inappropriate
+ *         for use without additional customization.
+ *         

  */
 
 public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory {
 
-    /** Log object for this class. */
-    private static final Log LOG = LogFactory.getLog(EasySSLProtocolSocketFactory.class);
+  /**
+   * Log object for this class.
+   */
+  private static final Log LOG = LogFactory.getLog(EasySSLProtocolSocketFactory.class);
 
-    private SSLContext sslcontext = null;
+  private SSLContext sslcontext = null;
 
-    /**
-     * Constructor for EasySSLProtocolSocketFactory.
-     */
-    public EasySSLProtocolSocketFactory() {
-        super();
-    }
+  /**
+   * Constructor for EasySSLProtocolSocketFactory.
+   */
+  public EasySSLProtocolSocketFactory() {
+    super();
+  }
 
-    private static SSLContext createEasySSLContext() {
-        try {
-            SSLContext context = SSLContext.getInstance("SSL");
-            context.init(
-              null, 
-              new TrustManager[] {new EasyX509TrustManager(null)}, 
+  private static SSLContext createEasySSLContext() {
+    try {
+      SSLContext context = SSLContext.getInstance("SSL");
+      context.init(
+              null,
+              new TrustManager[]{new EasyX509TrustManager(null)},
               null);
-            return context;
-        } catch (Exception e) {
-            LOG.error(e.getMessage(), e);
-            throw new HttpClientError(e.toString());
-        }
+      return context;
+    } catch (Exception e) {
+      LOG.error(e.getMessage(), e);
+      throw new HttpClientError(e.toString());
     }
+  }
 
-    private SSLContext getSSLContext() {
-        if (this.sslcontext == null) {
-            this.sslcontext = createEasySSLContext();
-        }
-        return this.sslcontext;
+  private SSLContext getSSLContext() {
+    if (this.sslcontext == null) {
+      this.sslcontext = createEasySSLContext();
     }
+    return this.sslcontext;
+  }
 
-    /**
-     * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
-     */
-    public Socket createSocket(
-        String host,
-        int port,
-        InetAddress clientHost,
-        int clientPort)
-        throws IOException, UnknownHostException {
+  /**
+   * @see SecureProtocolSocketFactory#createSocket(java.lang.String, int, java.net.InetAddress, int)
+   */
+  public Socket createSocket(
+          String host,
+          int port,
+          InetAddress clientHost,
+          int clientPort)
+          throws IOException, UnknownHostException {
 
-        return getSSLContext().getSocketFactory().createSocket(
+    Socket socket = getSSLContext().getSocketFactory().createSocket(
             host,
             port,
             clientHost,
             clientPort
-        );
-    }
+    );
+    return socket;
+  }
 
-    /**
-     * Attempts to get a new socket connection to the given host within the given time limit.
-     * 

-     * To circumvent the limitations of older JREs that do not support connect timeout a 
-     * controller thread is executed. The controller thread attempts to create a new socket 
-     * within the given limit of time. If socket constructor does not return until the 
-     * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException}
-     * 

-     *  
-     * @param host the host name/IP
-     * @param port the port on the host
-     * @param clientHost the local host name/IP to bind the socket to
-     * @param clientPort the port on the local machine
-     * @param params {@link HttpConnectionParams Http connection parameters}
-     * 
-     * @return Socket a new socket
-     * 
-     * @throws IOException if an I/O error occurs while creating the socket
-     * @throws UnknownHostException if the IP address of the host cannot be
-     * determined
-     */
-    public Socket createSocket(
-        final String host,
-        final int port,
-        final InetAddress localAddress,
-        final int localPort,
-        final HttpConnectionParams params
-    ) throws IOException, UnknownHostException, ConnectTimeoutException {
-        if (params == null) {
-            throw new IllegalArgumentException("Parameters may not be null");
-        }
-        int timeout = params.getConnectionTimeout();
-        SocketFactory socketfactory = getSSLContext().getSocketFactory();
-        if (timeout == 0) {
-            return socketfactory.createSocket(host, port, localAddress, localPort);
-        } else {
-            Socket socket = socketfactory.createSocket();
-            SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
-            SocketAddress remoteaddr = new InetSocketAddress(host, port);
-            socket.bind(localaddr);
-            socket.connect(remoteaddr, timeout);
-            return socket;
-        }
+  /**
+   * Attempts to get a new socket connection to the given host within the given time limit.
+   * 

+   * To circumvent the limitations of older JREs that do not support connect timeout a
+   * controller thread is executed. The controller thread attempts to create a new socket
+   * within the given limit of time. If socket constructor does not return until the
+   * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException}
+   * 

+   *
+   * @param host       the host name/IP
+   * @param port       the port on the host
+   * @param clientHost the local host name/IP to bind the socket to
+   * @param clientPort the port on the local machine
+   * @param params     {@link HttpConnectionParams Http connection parameters}
+   * @return Socket a new socket
+   * @throws IOException          if an I/O error occurs while creating the socket
+   * @throws UnknownHostException if the IP address of the host cannot be
+   *                              determined
+   */
+  public Socket createSocket(
+          final String host,
+          final int port,
+          final InetAddress localAddress,
+          final int localPort,
+          final HttpConnectionParams params
+  ) throws IOException, UnknownHostException, ConnectTimeoutException {
+    if (params == null) {
+      throw new IllegalArgumentException("Parameters may not be null");
     }
+    int timeout = params.getConnectionTimeout();
+    SocketFactory socketfactory = getSSLContext().getSocketFactory();
+    Socket socket;
+    if (timeout == 0) {
+      socket = socketfactory.createSocket(host, port, localAddress, localPort);
+    } else {
+      socket = socketfactory.createSocket();
+      SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
+      SocketAddress remoteaddr = new InetSocketAddress(host, port);
+      socket.bind(localaddr);
+      socket.connect(remoteaddr, timeout);
+    }
+    SSLSocket sslSocket = (SSLSocket) socket;
+    String[] protocolsWithoutSSLv2Hello = {"SSLv3", "TLSv1"};
+    sslSocket.setEnabledProtocols(protocolsWithoutSSLv2Hello);
+    return socket;
+  }
 
-    /**
-     * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
-     */
-    public Socket createSocket(String host, int port)
-        throws IOException, UnknownHostException {
-        return getSSLContext().getSocketFactory().createSocket(
+  /**
+   * @see SecureProtocolSocketFactory#createSocket(java.lang.String, int)
+   */
+  public Socket createSocket(String host, int port)
+          throws IOException, UnknownHostException {
+    return getSSLContext().getSocketFactory().createSocket(
             host,
             port
-        );
-    }
+    );
+  }
 
-    /**
-     * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
-     */
-    public Socket createSocket(
-        Socket socket,
-        String host,
-        int port,
-        boolean autoClose)
-        throws IOException, UnknownHostException {
-        return getSSLContext().getSocketFactory().createSocket(
+  /**
+   * @see SecureProtocolSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean)
+   */
+  public Socket createSocket(
+          Socket socket,
+          String host,
+          int port,
+          boolean autoClose)
+          throws IOException, UnknownHostException {
+    return getSSLContext().getSocketFactory().createSocket(
             socket,
             host,
             port,
             autoClose
-        );
-    }
+    );
+  }
 
-    public boolean equals(Object obj) {
-        return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class));
-    }
+  public boolean equals(Object obj) {
+    return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class));
+  }
 
-    public int hashCode() {
-        return EasySSLProtocolSocketFactory.class.hashCode();
-    }
+  public int hashCode() {
+    return EasySSLProtocolSocketFactory.class.hashCode();
+  }
 
 }