org.postgresql.ssl.jdbc4
Class LibPQFactory
java.lang.Object
javax.net.SocketFactory
javax.net.ssl.SSLSocketFactory
org.postgresql.ssl.WrappedFactory
org.postgresql.ssl.jdbc4.LibPQFactory
- All Implemented Interfaces:
- HostnameVerifier
public class LibPQFactory
- extends WrappedFactory
- implements HostnameVerifier
Provide an SSLSocketFactory that is compatible with the libpq behaviour.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
LibPQFactory
public LibPQFactory(Properties info)
throws PSQLException
- Parameters:
info - the connection parameters The following parameters are used:
sslmode,sslcert,sslkey,sslrootcert,sslhostnameverifier,sslpasswordcallback,sslpassword
- Throws:
PSQLException - if security error appears when initializing factory
throwKeyManagerException
public void throwKeyManagerException()
throws PSQLException
- Propagates any exception from
LazyKeyManager
- Throws:
PSQLException - if there is an exception to propagate
verify
public boolean verify(String hostname,
SSLSession session)
- Verifies the server certificate according to the libpq rules. The cn attribute of the
certificate is matched against the hostname. If the cn attribute starts with an asterisk (*),
it will be treated as a wildcard, and will match all characters except a dot (.). This means
the certificate will not match subdomains. If the connection is made using an IP address
instead of a hostname, the IP address will be matched (without doing any DNS lookups).
- Specified by:
verify in interface HostnameVerifier
- Parameters:
hostname - Hostname or IP address of the server.session - The SSL session.
- Returns:
- true if the certificate belongs to the server, false otherwise.
Copyright © 2017 PostgreSQL Global Development Group. All rights reserved.