Source code

001package org.apache.maven.wagon.shared.http;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 *   http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.http.conn.ssl.TrustStrategy;
023
024import java.security.cert.CertificateException;
025import java.security.cert.CertificateExpiredException;
026import java.security.cert.CertificateNotYetValidException;
027import java.security.cert.X509Certificate;
028
029/**
030 * Relaxed X509 certificate trust manager: can ignore invalid certificate date.
031 *
032 * @author Olivier Lamy
033 * @since 2.0
034 */
035public class RelaxedTrustStrategy
036    implements TrustStrategy
037{
038    private final boolean ignoreSSLValidityDates;
039
040    public RelaxedTrustStrategy( boolean ignoreSSLValidityDates )
041    {
042        this.ignoreSSLValidityDates = ignoreSSLValidityDates;
043    }
044
045    public boolean isTrusted( X509Certificate[] certificates, String authType )
046        throws CertificateException
047    {
048        if ( ( certificates != null ) && ( certificates.length > 0 ) )
049        {
050            for ( X509Certificate currentCertificate : certificates )
051            {
052                try
053                {
054                    currentCertificate.checkValidity();
055                }
056                catch ( CertificateExpiredException e )
057                {
058                    if ( !ignoreSSLValidityDates )
059                    {
060                        throw e;
061                    }
062                }
063                catch ( CertificateNotYetValidException e )
064                {
065                    if ( !ignoreSSLValidityDates )
066                    {
067                        throw e;
068                    }
069                }
070            }
071            return true;
072        }
073        else
074        {
075            return false;
076        }
077    }
078
079}