Warning: session_start(): open(/var/lib/php/sessions/sess_b1carue2t3102ig6k0k5hemgfr, O_RDWR) failed: No space left on device (28) in /var/www/tb-usercake/models/config.php on line 51
Warning: session_start(): Failed to read session data: files (path: /var/lib/php/sessions) in /var/www/tb-usercake/models/config.php on line 51
import javax.net.ssl.*;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
// from https://github.com/grahamedgecombe/netty-sni-example/blob/master/src/main/java/SniKeyManager.java
sclass SNIKeyManager extends X509ExtendedKeyManager {
X509ExtendedKeyManager keyManager;
S defaultAlias = "test1.example.com";
*(X509ExtendedKeyManager *keyManager) {}
@Override
public String[] getClientAliases(String keyType, Principal[] issuers) {
throw new UnsupportedOperationException(); // we don't use client mode
}
@Override
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
throw new UnsupportedOperationException(); // as above
}
@Override
public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine) {
throw new UnsupportedOperationException(); // as above
}
@Override
public String[] getServerAliases(String keyType, Principal[] issuers) {
return keyManager.getServerAliases(keyType, issuers);
}
@Override
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
throw new UnsupportedOperationException(); // Netty does not use SSLSocket
}
@Override
public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
ExtendedSSLSession session = (ExtendedSSLSession) engine.getHandshakeSession();
// Pick first SNIHostName in the list of SNI names.
String hostname = null;
for (SNIServerName name : session.getRequestedServerNames()) {
if (name.getType() == StandardConstants.SNI_HOST_NAME) {
hostname = ((SNIHostName) name).getAsciiName();
break;
}
}
// If we got given a hostname over SNI, check if we have a cert and key for that hostname. If so, we use it.
// Otherwise, we fall back to the default certificate.
if (hostname != null && (getCertificateChain(hostname) != null && getPrivateKey(hostname) != null))
return hostname;
else
return defaultAlias;
}
@Override
public X509Certificate[] getCertificateChain(String alias) {
return keyManager.getCertificateChain(alias);
}
@Override
public PrivateKey getPrivateKey(String alias) {
return keyManager.getPrivateKey(alias);
}
}