6
6
*/
7
7
package com .ning .http .util ;
8
8
9
+ import org .slf4j .Logger ;
10
+ import org .slf4j .LoggerFactory ;
11
+
9
12
import javax .net .ssl .HostnameVerifier ;
10
13
import javax .net .ssl .SSLPeerUnverifiedException ;
11
14
import javax .net .ssl .SSLSession ;
12
15
import javax .security .auth .kerberos .KerberosPrincipal ;
16
+
13
17
import java .security .Principal ;
14
18
import java .security .cert .Certificate ;
15
19
import java .security .cert .CertificateException ;
16
20
import java .security .cert .X509Certificate ;
17
- import java .util .logging .Level ;
18
- import java .util .logging .Logger ;
19
21
20
22
/**
21
23
* Uses the internal HostnameChecker to verify the server's hostname matches with the
@@ -36,7 +38,7 @@ public class DefaultHostnameVerifier implements HostnameVerifier {
36
38
private HostnameVerifier extraHostnameVerifier ;
37
39
38
40
// Logger to log exceptions.
39
- private static final Logger log = Logger .getLogger (DefaultHostnameVerifier .class .getName ());
41
+ private static final Logger log = LoggerFactory .getLogger (DefaultHostnameVerifier .class .getName ());
40
42
41
43
/**
42
44
* A hostname verifier that uses the {{sun.security.util.HostnameChecker}} under the hood.
@@ -83,42 +85,42 @@ public DefaultHostnameVerifier(HostnameChecker checker, HostnameVerifier extraHo
83
85
* @return true if the hostname matches, false otherwise.
84
86
*/
85
87
private boolean hostnameMatches (String hostname , SSLSession session ) {
86
- log .log ( Level . FINE , "hostname = {0 }, session = {1 }" , new Object [] { hostname , Base64 .encode (session .getId ()) } );
88
+ log .debug ( "hostname = {}, session = {}" ,hostname , Base64 .encode (session .getId ()));
87
89
88
90
try {
89
91
final Certificate [] peerCertificates = session .getPeerCertificates ();
90
92
if (peerCertificates .length == 0 ) {
91
- log .log ( Level . FINE , "No peer certificates" );
93
+ log .debug ( "No peer certificates" );
92
94
return false ;
93
95
}
94
96
95
97
if (peerCertificates [0 ] instanceof X509Certificate ) {
96
98
X509Certificate peerCertificate = (X509Certificate ) peerCertificates [0 ];
97
- log .log ( Level . FINE , "peerCertificate = {0}" , peerCertificate );
99
+ log .debug ( "peerCertificate = {0}" , peerCertificate );
98
100
try {
99
101
checker .match (hostname , peerCertificate );
100
102
// Certificate matches hostname if no exception is thrown.
101
103
return true ;
102
104
} catch (CertificateException ex ) {
103
- log .log ( Level . FINE , "Certificate does not match hostname" , ex );
105
+ log .debug ( "Certificate does not match hostname" , ex );
104
106
}
105
107
} else {
106
- log .log ( Level . FINE , "Peer does not have any certificates or they aren't X.509" );
108
+ log .debug ( "Peer does not have any certificates or they aren't X.509" );
107
109
}
108
110
return false ;
109
111
} catch (SSLPeerUnverifiedException ex ) {
110
- log .log ( Level . FINE , "Not using certificates for peers, try verifying the principal" );
112
+ log .debug ( "Not using certificates for peers, try verifying the principal" );
111
113
try {
112
114
Principal peerPrincipal = session .getPeerPrincipal ();
113
- log .log ( Level . FINE , "peerPrincipal = {0}" , peerPrincipal );
115
+ log .debug ( "peerPrincipal = {0}" , peerPrincipal );
114
116
if (peerPrincipal instanceof KerberosPrincipal ) {
115
117
return checker .match (hostname , (KerberosPrincipal ) peerPrincipal );
116
118
} else {
117
- log .log ( Level . FINE , "Can't verify principal, not Kerberos" );
119
+ log .debug ( "Can't verify principal, not Kerberos" );
118
120
}
119
121
} catch (SSLPeerUnverifiedException ex2 ) {
120
122
// Can't verify principal, no principal
121
- log .log ( Level . FINE , "Can't verify principal, no principal" , ex2 );
123
+ log .debug ( "Can't verify principal, no principal" , ex2 );
122
124
}
123
125
return false ;
124
126
}
0 commit comments