12d11 < import java.util.Properties; 14d12 < import java.net.Socket; 15a14,19 > import java.lang.reflect.InvocationTargetException; > import java.util.Properties; > > import javax.net.ssl.HostnameVerifier; > import javax.net.ssl.SSLPeerUnverifiedException; > import javax.net.ssl.SSLSocket; 18d21 < import org.postgresql.core.PGStream; 19a23 > import org.postgresql.core.PGStream; 21d24 < import org.postgresql.util.PSQLState; 22a26 > import org.postgresql.util.PSQLState; 24a29,64 > > public static Object instantiate(String classname, Properties info, boolean tryString, String stringarg) > throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, > InstantiationException, IllegalAccessException, InvocationTargetException > { > Object[] args = {info}; > Constructor ctor = null; > Class cls; > cls = Class.forName(classname); > try > { > ctor = cls.getConstructor(new Class[]{Properties.class}); > } > catch (NoSuchMethodException nsme) > { > if (tryString) > { > try > { > ctor = cls.getConstructor(new Class[]{String.class}); > args = new String[]{stringarg}; > } > catch (NoSuchMethodException nsme2) > { > tryString = false; > } > } > if (!tryString) > { > ctor = cls.getConstructor((Class[])null); > args = null; > } > } > return ctor.newInstance(args); > } > 29a70 > String sslmode = info.getProperty("sslmode"); 31c72 < // --- > // unless sslmode is set 34a76,82 > //If sslmode is set, use the libpg compatible factory > if (sslmode!=null) > { > factory = new LibPQFactory(info); > } > else > { 35a84 > } 39,42d87 < Object[] args = {info.getProperty("sslfactoryarg")}; < Constructor ctor; < Class factoryClass; < 45,55c90 < factoryClass = Class.forName(classname); < try < { < ctor = factoryClass.getConstructor(new Class[]{String.class}); < } < catch (NoSuchMethodException nsme) < { < ctor = factoryClass.getConstructor((Class[])null); < args = null; < } < factory = (SSLSocketFactory)ctor.newInstance(args); --- > factory = (SSLSocketFactory)instantiate(classname, info, true, info.getProperty("sslfactoryarg")); 63c98,130 < Socket newConnection = factory.createSocket(stream.getSocket(), stream.getHost(), stream.getPort(), true); --- > SSLSocket newConnection = (SSLSocket)factory.createSocket(stream.getSocket(), stream.getHost(), stream.getPort(), true); > if (!newConnection.getSession().isValid()) > { //The connection is not valid, throw any KeyManager exception. > if (factory instanceof LibPQFactory) > { > ((LibPQFactory)factory).throwKeyManagerException(); > } > } > > String sslhostnameverifier = info.getProperty("sslhostnameverifier"); > if (sslhostnameverifier!=null) > { > HostnameVerifier hvn; > try > { > hvn = (HostnameVerifier)instantiate(sslhostnameverifier, info, false, null); > } > catch (Exception e) > { > throw new PSQLException(GT.tr("The HostnameVerifier class provided {0} could not be instantiated.", sslhostnameverifier), PSQLState.CONNECTION_FAILURE, e); > } > if (!hvn.verify(stream.getHost(), newConnection.getSession())) > { > throw new PSQLException(GT.tr("The hostname {0} could not be verified by hostnameverifier {1}.", new Object[]{stream.getHost(), sslhostnameverifier}), PSQLState.CONNECTION_FAILURE); > } > } > else if ("verify-full".equals(sslmode)) > { > if (!((LibPQFactory)factory).verify(stream.getHost(), newConnection.getSession())) > { > throw new PSQLException(GT.tr("The hostname {0} could not be verified.", stream.getHost()), PSQLState.CONNECTION_FAILURE); > } > }