Loading core/java/android/net/SSLCertificateSocketFactory.java +22 −8 Original line number Diff line number Diff line Loading @@ -73,10 +73,14 @@ import javax.net.ssl.X509TrustManager; * Updating Your Security Provider to Protect Against SSL Exploits</a> * for further information.</p> * * <p>One way to verify the server's identity is to use * <p>The recommended way to verify the server's identity is to use * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a * {@link HostnameVerifier} to verify the certificate hostname. * * <p><b>Warning</b>: Some methods on this class return connected sockets and some return * unconnected sockets. For the methods that return connected sockets, setting * connection- or handshake-related properties on those sockets will have no effect. * * <p>On development devices, "setprop socket.relaxsslcheck yes" bypasses all * SSL certificate and hostname checks for testing purposes. This setting * requires root access. Loading Loading @@ -442,8 +446,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(Socket k, String host, int port, boolean close) throws IOException { Loading @@ -459,7 +465,7 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { } /** * Creates a new socket which is not connected to any remote host. * Creates a new socket which is <i>not connected</i> to any remote host. * You must use {@link Socket#connect} to connect the socket. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed Loading @@ -479,6 +485,8 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method returns a socket that is <i>not connected</i>. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed * with this method. You MUST verify the server's identity after connecting * the socket to avoid man-in-the-middle attacks.</p> Loading @@ -498,6 +506,8 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method returns a socket that is <i>not connected</i>. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed * with this method. You MUST verify the server's identity after connecting * the socket to avoid man-in-the-middle attacks.</p> Loading @@ -515,8 +525,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(String host, int port, InetAddress localAddr, int localPort) Loading @@ -536,8 +548,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(String host, int port) throws IOException { Loading Loading
core/java/android/net/SSLCertificateSocketFactory.java +22 −8 Original line number Diff line number Diff line Loading @@ -73,10 +73,14 @@ import javax.net.ssl.X509TrustManager; * Updating Your Security Provider to Protect Against SSL Exploits</a> * for further information.</p> * * <p>One way to verify the server's identity is to use * <p>The recommended way to verify the server's identity is to use * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a * {@link HostnameVerifier} to verify the certificate hostname. * * <p><b>Warning</b>: Some methods on this class return connected sockets and some return * unconnected sockets. For the methods that return connected sockets, setting * connection- or handshake-related properties on those sockets will have no effect. * * <p>On development devices, "setprop socket.relaxsslcheck yes" bypasses all * SSL certificate and hostname checks for testing purposes. This setting * requires root access. Loading Loading @@ -442,8 +446,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(Socket k, String host, int port, boolean close) throws IOException { Loading @@ -459,7 +465,7 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { } /** * Creates a new socket which is not connected to any remote host. * Creates a new socket which is <i>not connected</i> to any remote host. * You must use {@link Socket#connect} to connect the socket. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed Loading @@ -479,6 +485,8 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method returns a socket that is <i>not connected</i>. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed * with this method. You MUST verify the server's identity after connecting * the socket to avoid man-in-the-middle attacks.</p> Loading @@ -498,6 +506,8 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method returns a socket that is <i>not connected</i>. * * <p class="caution"><b>Warning:</b> Hostname verification is not performed * with this method. You MUST verify the server's identity after connecting * the socket to avoid man-in-the-middle attacks.</p> Loading @@ -515,8 +525,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(String host, int port, InetAddress localAddr, int localPort) Loading @@ -536,8 +548,10 @@ public class SSLCertificateSocketFactory extends SSLSocketFactory { /** * {@inheritDoc} * * <p>This method verifies the peer's certificate hostname after connecting * (unless created with {@link #getInsecure(int, SSLSessionCache)}). * <p>By default, this method returns a <i>connected</i> socket and verifies the peer's * certificate hostname after connecting; if this instance was created with * {@link #getInsecure(int, SSLSessionCache)}, it returns a socket that is <i>not connected</i> * instead. */ @Override public Socket createSocket(String host, int port) throws IOException { Loading
