javax.net.ssl.SNIHostName Java Examples
The following examples show how to use
javax.net.ssl.SNIHostName.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: IllegalSNIName.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #2
| Source File: UndertowXnioSsl.java From lams with GNU General Public License v2.0 | 6 votes |
|
public void handleEvent(final StreamConnection connection) {
try {
SSLEngine sslEngine = JsseSslUtils.createSSLEngine(sslContext, optionMap, destination);
SSLParameters params = sslEngine.getSSLParameters();
params.setServerNames(Collections.singletonList(new SNIHostName(destination.getHostString())));
sslEngine.setSSLParameters(params);
final SslConnection wrappedConnection = new UndertowSslConnection(connection, sslEngine, bufferPool);
if (!futureResult.setResult(wrappedConnection)) {
IoUtils.safeClose(connection);
} else {
ChannelListeners.invokeChannelListener(wrappedConnection, openListener);
}
} catch (Throwable e) {
futureResult.setException(new IOException(e));
}
}
Example #3
| Source File: SSLEngineTestCase.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns server ssl engine.
*
* @param context - SSLContext to get SSLEngine from.
* @param useSNI - flag used to enable or disable using SNI extension.
* Needed for Kerberos.
*/
public static SSLEngine getServerSSLEngine(
SSLContext context, boolean useSNI) {
SSLEngine serverEngine = context.createSSLEngine();
serverEngine.setUseClientMode(false);
if (useSNI) {
SNIMatcher matcher = SNIHostName.createSNIMatcher(SNI_PATTERN);
List<SNIMatcher> matchers = new ArrayList<>();
matchers.add(matcher);
SSLParameters params = serverEngine.getSSLParameters();
params.setSNIMatchers(matchers);
serverEngine.setSSLParameters(params);
}
return serverEngine;
}
Example #4
| Source File: IllegalSNIName.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #5
| Source File: IllegalSNIName.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #6
| Source File: IllegalSNIName.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #7
| Source File: HostnameChecker.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name. The
* <code>template</code> parameter may contain the wildcard character '*'.
*/
private boolean isMatched(String name, String template) {
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'z' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'z'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #8
| Source File: HostnameChecker.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name.
* The <code>template</code> parameter
* may contain the wildcard character *
*/
private boolean isMatched(String name, String template) {
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'x' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'x'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #9
| Source File: IllegalSNIName.java From jdk8u60 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #10
| Source File: IllegalSNIName.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #11
| Source File: IllegalSNIName.java From hottub with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #12
| Source File: IllegalSNIName.java From openjdk-8-source with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #13
| Source File: IllegalSNIName.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #14
| Source File: HostnameChecker.java From TencentKona-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name. The
* <code>template</code> parameter may contain the wildcard character '*'.
*/
private boolean isMatched(String name, String template) {
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'z' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'z'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #15
| Source File: Java8SslUtils.java From netty-4.1.22 with Apache License 2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
static boolean checkSniHostnameMatch(Collection<?> matchers, String hostname) {
if (matchers != null && !matchers.isEmpty()) {
SNIHostName name = new SNIHostName(hostname);
Iterator<SNIMatcher> matcherIt = (Iterator<SNIMatcher>) matchers.iterator();
while (matcherIt.hasNext()) {
SNIMatcher matcher = matcherIt.next();
// type 0 is for hostname
if (matcher.getType() == 0 && matcher.matches(name)) {
return true;
}
}
return false;
}
return true;
}
Example #16
| Source File: HostnameChecker.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name. The
* <code>template</code> parameter may contain the wildcard character '*'.
*/
private boolean isMatched(String name, String template) {
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'z' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'z'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #17
| Source File: Java8SslUtils.java From netty-4.1.22 with Apache License 2.0 | 6 votes |
|
static List<String> getSniHostNames(SSLParameters sslParameters) {
List<SNIServerName> names = sslParameters.getServerNames();
if (names == null || names.isEmpty()) {
return Collections.emptyList();
}
List<String> strings = new ArrayList<String>(names.size());
for (SNIServerName serverName : names) {
if (serverName instanceof SNIHostName) {
strings.add(((SNIHostName) serverName).getAsciiName());
} else {
throw new IllegalArgumentException("Only " + SNIHostName.class.getName()
+ " instances are supported, but found: " + serverName);
}
}
return strings;
}
Example #18
| Source File: IllegalSNIName.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #19
| Source File: SSLEngineTestCase.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns client ssl engine.
*
* @param context - SSLContext to get SSLEngine from.
* @param useSNI - flag used to enable or disable using SNI extension.
* Needed for Kerberos.
*/
public static SSLEngine getClientSSLEngine(
SSLContext context, boolean useSNI) {
SSLEngine clientEngine = context.createSSLEngine(HOST, 80);
clientEngine.setUseClientMode(true);
if (useSNI) {
SNIHostName serverName = new SNIHostName(SERVER_NAME);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = clientEngine.getSSLParameters();
params.setServerNames(serverNames);
clientEngine.setSSLParameters(params);
}
return clientEngine;
}
Example #20
| Source File: IllegalSNIName.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #21
| Source File: HostnameChecker.java From dragonwell8_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name. The
* <code>template</code> parameter may contain the wildcard character '*'.
*/
private boolean isMatched(String name, String template) {
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'z' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'z'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #22
| Source File: ServerTlsChannel.java From tls-channel with MIT License | 6 votes |
|
private Optional<SNIServerName> getServerNameIndication() throws IOException, EofException {
inEncrypted.prepare();
try {
int recordHeaderSize = readRecordHeaderSize();
while (inEncrypted.buffer.position() < recordHeaderSize) {
if (!inEncrypted.buffer.hasRemaining()) {
inEncrypted.enlarge();
}
TlsChannelImpl.readFromChannel(underlying, inEncrypted.buffer); // IO block
}
inEncrypted.buffer.flip();
Map<Integer, SNIServerName> serverNames = TlsExplorer.explore(inEncrypted.buffer);
inEncrypted.buffer.compact();
SNIServerName hostName = serverNames.get(StandardConstants.SNI_HOST_NAME);
if (hostName instanceof SNIHostName) {
SNIHostName sniHostName = (SNIHostName) hostName;
return Optional.of(sniHostName);
} else {
return Optional.empty();
}
} finally {
inEncrypted.release();
}
}
Example #23
| Source File: IllegalSNIName.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #24
| Source File: IllegalSNIName.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
public static void main(String[] args) throws Exception {
String[] illegalNames = {
"example\u3002\u3002com",
"example..com",
"com\u3002",
"com.",
"."
};
for (String name : illegalNames) {
try {
SNIHostName hostname = new SNIHostName(name);
throw new Exception(
"Expected to get IllegalArgumentException for " + name);
} catch (IllegalArgumentException iae) {
// That's the right behavior.
}
}
}
Example #25
| Source File: SSLSocketTest.java From j2objc with Apache License 2.0 | 5 votes |
|
public void test_SSLSocket_SNIHostName() throws Exception {
TestSSLContext c = TestSSLContext.create();
final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket();
SSLParameters clientParams = client.getSSLParameters();
clientParams.setServerNames(Collections.singletonList(
(SNIServerName) new SNIHostName("www.example.com")));
client.setSSLParameters(clientParams);
SSLParameters serverParams = c.serverSocket.getSSLParameters();
serverParams.setSNIMatchers(Collections.singletonList(
SNIHostName.createSNIMatcher("www\\.example\\.com")));
c.serverSocket.setSSLParameters(serverParams);
client.connect(new InetSocketAddress(c.host, c.port));
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override public Void call() throws Exception {
client.startHandshake();
return null;
}
});
executor.shutdown();
server.startHandshake();
SSLSession serverSession = server.getSession();
assertTrue(serverSession instanceof ExtendedSSLSession);
ExtendedSSLSession extendedServerSession = (ExtendedSSLSession) serverSession;
List<SNIServerName> requestedNames = extendedServerSession.getRequestedServerNames();
assertNotNull(requestedNames);
assertEquals(1, requestedNames.size());
SNIServerName serverName = requestedNames.get(0);
assertEquals(StandardConstants.SNI_HOST_NAME, serverName.getType());
assertTrue(serverName instanceof SNIHostName);
SNIHostName serverHostName = (SNIHostName) serverName;
assertEquals("www.example.com", serverHostName.getAsciiName());
}
Example #26
| Source File: UnboundSSLUtils.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
Example #27
| Source File: HostnameChecker.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
/**
* Returns true if name matches against template.<p>
*
* The matching is performed as per RFC 2818 rules for TLS and
* RFC 2830 rules for LDAP.<p>
*
* The <code>name</code> parameter should represent a DNS name.
* The <code>template</code> parameter
* may contain the wildcard character *
*/
private boolean isMatched(String name, String template,
boolean chainsToPublicCA) {
if (hasIllegalWildcard(name, template, chainsToPublicCA)) {
return false;
}
// check the validity of the domain name template.
try {
// Replacing wildcard character '*' with 'x' so as to check
// the domain name template validity.
//
// Using the checking implemented in SNIHostName
SNIHostName sni = new SNIHostName(template.replace('*', 'x'));
} catch (IllegalArgumentException iae) {
// It would be nice to add debug log if not matching.
return false;
}
if (checkType == TYPE_TLS) {
return matchAllWildcards(name, template);
} else if (checkType == TYPE_LDAP) {
return matchLeftmostWildcard(name, template);
} else {
return false;
}
}
Example #28
| Source File: UnboundSSLUtils.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
static SSLEchoServer init(String cipherSuiteFilter,
String sniPattern) throws NoSuchAlgorithmException, IOException {
SSLContext context = SSLContext.getDefault();
SSLServerSocketFactory ssf =
(SSLServerSocketFactory) context.getServerSocketFactory();
SSLServerSocket ssocket =
(SSLServerSocket) ssf.createServerSocket(0);
// specify enabled cipher suites
if (cipherSuiteFilter != null) {
String[] ciphersuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Server: enabled cipher suites: "
+ Arrays.toString(ciphersuites));
ssocket.setEnabledCipherSuites(ciphersuites);
}
// specify SNI matcher pattern
if (sniPattern != null) {
System.out.println("Server: set SNI matcher: " + sniPattern);
SNIMatcher matcher = SNIHostName.createSNIMatcher(sniPattern);
List<SNIMatcher> matchers = new ArrayList<>();
matchers.add(matcher);
SSLParameters params = ssocket.getSSLParameters();
params.setSNIMatchers(matchers);
ssocket.setSSLParameters(params);
}
return new SSLEchoServer(ssocket);
}
Example #29
| Source File: UnboundSSLUtils.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
static SSLClient init(String host, int port, String cipherSuiteFilter,
String sniHostName) throws NoSuchAlgorithmException, IOException {
SSLContext sslContext = SSLContext.getDefault();
SSLSocketFactory ssf = (SSLSocketFactory) sslContext.getSocketFactory();
SSLSocket socket = (SSLSocket) ssf.createSocket(host, port);
SSLParameters params = new SSLParameters();
if (cipherSuiteFilter != null) {
String[] cipherSuites = UnboundSSLUtils.filterStringArray(
ssf.getSupportedCipherSuites(), cipherSuiteFilter);
System.out.println("Client: enabled cipher suites: "
+ Arrays.toString(cipherSuites));
params.setCipherSuites(cipherSuites);
}
if (sniHostName != null) {
System.out.println("Client: set SNI hostname: " + sniHostName);
SNIHostName serverName = new SNIHostName(sniHostName);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
params.setServerNames(serverNames);
}
socket.setSSLParameters(params);
return new SSLClient(socket);
}
Example #30
| Source File: Https.java From PacketProxy with Apache License 2.0 | 5 votes |
|
public static SSLSocket createClientSSLSocket(InetSocketAddress addr, String SNIServerName, String alpn) throws Exception {
/* SNI */
SNIHostName serverName = new SNIHostName(SNIServerName);
/* Fetch Client Certificate from ClientKeyManager */
Server server = Servers.getInstance().queryByAddress(addr);
clientKeyManagers = ClientKeyManager.getKeyManagers(server);
SSLSocketFactory ssf = createSSLSocketFactory();
SSLSocket sock = (SSLSocket) ssf.createSocket(addr.getAddress(), addr.getPort());
SSLParameters sslp = sock.getSSLParameters();
String[] clientAPs;
if (alpn != null && alpn.length() > 0) {
clientAPs = new String[]{ alpn };
} else {
clientAPs = new String[]{ "h2", "http/1.1", "http/1.0" };
}
sslp.setApplicationProtocols(clientAPs);
sock.setSSLParameters(sslp);
List<SNIServerName> serverNames = new ArrayList<>();
serverNames.add(serverName);
SSLParameters params = sock.getSSLParameters();
params.setServerNames(serverNames);
sock.setSSLParameters(params);
sock.startHandshake();
return sock;
}
