Hostname verification
chudak
meadandale at gmail.com
Wed May 18 13:44:10 EDT 2011
Has anyone implemented hostname verification when using the SslHandler?
I tried adding it in the handshake callback future but for whatever reason,
trying to invoke the manual handshake does not appear to work in android.
I have the following in my channelConnected implementation on my client. I
never get any output after "Starting handshake". It tested this in a VM and
it worked fine.
// SSL handshake
final SslHandler sslHandler =
context.getPipeline().get(SslHandler.class);
if (sslHandler != null)
{
LOG.debug("Starting handshake");
// Get notified when SSL handshake is done.
ChannelFuture handshakeFuture = sslHandler.handshake();
handshakeFuture.addListener(new ChannelFutureListener()
{
public void operationComplete(ChannelFuture future) throws
Exception
{
LOG.debug("Handshake complete");
if (future.isSuccess())
{
LOG.debug("Handshake successful, verifying
hostname");
verifyHostname(remoteHost,
sslHandler.getEngine().getSession());
LOG.debug("Hostname verification successful sending
authentication message");
// Once session is secure send auth message
future.getChannel().write(message);
}
else
{
LOG.error("Could not connect", future.getCause());
future.getChannel().close();
}
}
});
}
else
{
// Not using SSL just send auth
event.getChannel().write(message);
}
It would be nice if someone could add a plugin point in the SslHandler for
hostname verification and handled it automatically after the handshake code.
--
View this message in context: http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Hostname-verification-tp6378764p6378764.html
Sent from the Netty User Group mailing list archive at Nabble.com.
More information about the netty-users
mailing list