@InterfaceAudience.Private final class HBaseHostnameVerifier extends Object implements HostnameVerifier
X509Util
, handles verifying that the hostname of a peer matches the
certificate it presents.
This file has been copied from the Apache ZooKeeper project.Modifier and Type | Class and Description |
---|---|
private static class |
HBaseHostnameVerifier.SubjectName
Note: copied from Apache httpclient with some minor modifications.
|
Modifier and Type | Field and Description |
---|---|
private static org.slf4j.Logger |
LOG |
Constructor and Description |
---|
HBaseHostnameVerifier() |
private static final org.slf4j.Logger LOG
HBaseHostnameVerifier()
public boolean verify(String host, SSLSession session)
verify
in interface HostnameVerifier
void verify(String host, X509Certificate cert) throws SSLException
SSLException
private static void matchIPAddress(String host, InetAddress inetAddress, List<HBaseHostnameVerifier.SubjectName> subjectAlts) throws SSLException
SSLException
private static void matchDNSName(String host, List<HBaseHostnameVerifier.SubjectName> subjectAlts) throws SSLException
SSLException
private static void matchCN(String host, String cn) throws SSLException
SSLException
private static boolean matchIdentity(String host, String identity, boolean strict)
private static boolean matchIdentityStrict(String host, String identity)
private static String extractCN(String subjectPrincipal) throws SSLException
SSLException
private static Optional<InetAddress> parseIpAddress(String host)
private static Optional<InetAddress> parseIpAddressUriString(String host)
private static Optional<InetAddress> parseIpAddressString(String host)
private static List<HBaseHostnameVerifier.SubjectName> getSubjectAltNames(X509Certificate cert)
Copyright © 2007–2020 The Apache Software Foundation. All rights reserved.