getPeerCertificates() 可以无限期或长时间阻塞吗?
Can getPeerCertificates() block indefinitely or for a long time?
考虑以下函数:
public Certificate[] getCertificates(String ip) throws Exception {
try (SSLSocket sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket()) {
SocketAddress socketAddress = new InetSocketAddress(ip, port);
sslSocket.connect(socketAddress, 10000);
Certificate[] certificates = sslSocket.getSession().getPeerCertificates();
return certificates;
}
}
此代码可以在哪些条件下挂起?基本上,我已经为连接阶段设置了 10 秒的超时,但是代码是否有可能在 getSession().getPeerCertificates() 部分阻塞很长时间?
请考虑 ip 和端口 可以是任意的 (甚至不是 SSL 或有时甚至不可路由)
此外,这就是我启动 sslContext
的方式
private SSLContext getSslContext() throws Exception {
SSLContext sslCtx;
sslCtx = SSLContext.getInstance("TLSv1.2");
sslCtx.init(null, new TrustManager[]{new X509TrustManager() {
private X509Certificate[] accepted;
@Override
public void checkClientTrusted(X509Certificate[] xcs, String string) {
}
@Override
public void checkServerTrusted(X509Certificate[] xcs, String string) {
accepted = xcs;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return accepted;
}
}}, null);
return sslCtx;
}
but is it possible that the code will block for a long time on the getSession().getPeerCertificates()
没有。 getPeerCertificates() 调用 SSLSession returns 对等方在 SSL 握手中提供的证书副本。通过上一行returns调用connect的调用,握手完成
考虑以下函数:
public Certificate[] getCertificates(String ip) throws Exception {
try (SSLSocket sslSocket = (SSLSocket) sslContext.getSocketFactory().createSocket()) {
SocketAddress socketAddress = new InetSocketAddress(ip, port);
sslSocket.connect(socketAddress, 10000);
Certificate[] certificates = sslSocket.getSession().getPeerCertificates();
return certificates;
}
}
此代码可以在哪些条件下挂起?基本上,我已经为连接阶段设置了 10 秒的超时,但是代码是否有可能在 getSession().getPeerCertificates() 部分阻塞很长时间?
请考虑 ip 和端口 可以是任意的 (甚至不是 SSL 或有时甚至不可路由)
此外,这就是我启动 sslContext
private SSLContext getSslContext() throws Exception {
SSLContext sslCtx;
sslCtx = SSLContext.getInstance("TLSv1.2");
sslCtx.init(null, new TrustManager[]{new X509TrustManager() {
private X509Certificate[] accepted;
@Override
public void checkClientTrusted(X509Certificate[] xcs, String string) {
}
@Override
public void checkServerTrusted(X509Certificate[] xcs, String string) {
accepted = xcs;
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return accepted;
}
}}, null);
return sslCtx;
}
but is it possible that the code will block for a long time on the
getSession().getPeerCertificates()
没有。 getPeerCertificates() 调用 SSLSession returns 对等方在 SSL 握手中提供的证书副本。通过上一行returns调用connect的调用,握手完成