List of usage examples for javax.net.ssl SSLSession getClass
@HotSpotIntrinsicCandidate public final native Class<?> getClass();
From source file:com.amazonaws.http.conn.ssl.privileged.PrivilegedMasterSecretValidator.java
/** * Checks the validity of an SSLSession's master secret. Should be run within a doPrivileged * block//w ww. j a va 2 s.c o m */ private boolean privilegedIsMasterSecretValid(final Socket socket) { if (socket instanceof SSLSocket) { SSLSession session = getSslSession(socket); if (session != null) { String className = session.getClass().getName(); if ("sun.security.ssl.SSLSessionImpl".equals(className)) { try { Object masterSecret = getMasterSecret(session, className); if (masterSecret == null) { session.invalidate(); if (LOG.isDebugEnabled()) { LOG.debug("Invalidated session " + session); } return false; } } catch (Exception e) { failedToVerifyMasterSecret(e); } } } } return true; }
From source file:com.amazonaws.http.conn.ssl.SdkTLSSocketFactory.java
/** * Double check the master secret of an SSL session must not be null, or * else a {@link SecurityException} will be thrown. * @param sock connected socket// w w w . ja v a 2s . c o m */ private void verifyMasterSecret(final Socket sock) { if (sock instanceof SSLSocket) { SSLSocket ssl = (SSLSocket) sock; SSLSession session = ssl.getSession(); if (session != null) { String className = session.getClass().getName(); if ("sun.security.ssl.SSLSessionImpl".equals(className)) { try { Class<?> clazz = Class.forName(className); Method method = clazz.getDeclaredMethod("getMasterSecret"); method.setAccessible(true); Object masterSecret = method.invoke(session); if (masterSecret == null) { session.invalidate(); if (log.isDebugEnabled()) { log.debug("Invalidated session " + session); } throw log(new SecurityException("Invalid SSL master secret")); } } catch (ClassNotFoundException e) { failedToVerifyMasterSecret(e); } catch (NoSuchMethodException e) { failedToVerifyMasterSecret(e); } catch (IllegalAccessException e) { failedToVerifyMasterSecret(e); } catch (InvocationTargetException e) { failedToVerifyMasterSecret(e.getCause()); } } } } return; }
From source file:org.glite.security.trustmanager.tomcat.TMSSLImplementation.java
public SSLSupport getSSLSupport(SSLSession arg0) { try {//from w ww . j av a2 s . c o m JSSEImplementation impl = new JSSEImplementation(); // hack to get past tomcat5 missing this method and tomcat6 requiring it. java.lang.reflect.Method method; try { method = impl.getClass().getMethod("getSSLSupport", arg0.getClass()); } catch (NoSuchMethodException e) { // this is tomcat5, so no action. return null; } try { return (SSLSupport) method.invoke(impl, arg0); } catch (IllegalArgumentException e) { LOGGER.fatal("Internal server error, JSSEImplementation class creation failed:", e); } catch (IllegalAccessException e) { LOGGER.fatal("Internal server error, JSSEImplementation class creation failed:", e); } catch (InvocationTargetException e) { LOGGER.fatal("Internal server error, JSSEImplementation class creation failed:", e); } return null; } catch (ClassNotFoundException e) { LOGGER.fatal("Internal server error, JSSEImplementation class creation failed:", e); return null; } }