src/share/classes/com/sun/jndi/ldap/ext/StartTlsResponseImpl.java
Print this page
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -25,33 +25,23 @@
package com.sun.jndi.ldap.ext;
import java.io.InputStream;
import java.io.OutputStream;
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
import java.io.IOException;
-import java.net.Socket;
-
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLContext;
import javax.net.ssl.HostnameVerifier;
import sun.security.util.HostnameChecker;
-import javax.naming.*;
import javax.naming.ldap.*;
import com.sun.jndi.ldap.Connection;
/**
* This class implements the LDAPv3 Extended Response for StartTLS as
@@ -413,11 +403,11 @@
HostnameChecker checker = HostnameChecker.getInstance(
HostnameChecker.TYPE_LDAP);
// Use ciphersuite to determine whether Kerberos is active.
if (session.getCipherSuite().startsWith("TLS_KRB5")) {
Principal principal = getPeerPrincipal(session);
- if (!checker.match(hostname, principal)) {
+ if (!HostnameChecker.match(hostname, principal)) {
throw new SSLPeerUnverifiedException(
"hostname of the kerberos principal:" + principal +
" does not match the hostname:" + hostname);
}
} else { // X.509