Allow to reuse disableSslVerify method, move it to HttpSupport
The disableSslVerify method will be used in the follow up change. Change-Id: Ie00b5e14244a9a036cbdef94768007f1c25aa8d3 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This commit is contained in:
parent
3bae524f6f
commit
a0e1374e22
|
@ -67,9 +67,6 @@
|
|||
import java.net.Proxy;
|
||||
import java.net.ProxySelector;
|
||||
import java.net.URL;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.text.MessageFormat;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
|
@ -83,11 +80,6 @@
|
|||
import java.util.zip.GZIPInputStream;
|
||||
import java.util.zip.GZIPOutputStream;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
import org.eclipse.jgit.errors.NoRemoteRepositoryException;
|
||||
import org.eclipse.jgit.errors.NotSupportedException;
|
||||
import org.eclipse.jgit.errors.PackProtocolException;
|
||||
|
@ -538,7 +530,7 @@ protected HttpConnection httpOpen(String method, URL u)
|
|||
HttpConnection conn = connectionFactory.create(u, proxy);
|
||||
|
||||
if (!http.sslVerify && "https".equals(u.getProtocol())) { //$NON-NLS-1$
|
||||
disableSslVerify(conn);
|
||||
HttpSupport.disableSslVerify(conn);
|
||||
}
|
||||
|
||||
conn.setRequestMethod(method);
|
||||
|
@ -562,19 +554,6 @@ protected HttpConnection httpOpen(String method, URL u)
|
|||
return conn;
|
||||
}
|
||||
|
||||
private void disableSslVerify(HttpConnection conn)
|
||||
throws IOException {
|
||||
final TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() };
|
||||
try {
|
||||
conn.configure(null, trustAllCerts, null);
|
||||
conn.setHostnameVerifier(new DummyHostnameVerifier());
|
||||
} catch (KeyManagementException e) {
|
||||
throw new IOException(e.getMessage());
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new IOException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
final InputStream openInputStream(HttpConnection conn)
|
||||
throws IOException {
|
||||
InputStream input = conn.getInputStream();
|
||||
|
@ -1002,25 +981,4 @@ void execute() throws IOException {
|
|||
in.add(openInputStream(conn));
|
||||
}
|
||||
}
|
||||
|
||||
private static class DummyX509TrustManager implements X509TrustManager {
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
|
||||
public void checkClientTrusted(X509Certificate[] certs, String authType) {
|
||||
// no check
|
||||
}
|
||||
|
||||
public void checkServerTrusted(X509Certificate[] certs, String authType) {
|
||||
// no check
|
||||
}
|
||||
}
|
||||
|
||||
private static class DummyHostnameVerifier implements HostnameVerifier {
|
||||
public boolean verify(String hostname, SSLSession session) {
|
||||
// always accept
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -52,8 +52,16 @@
|
|||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
import java.net.URLEncoder;
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.text.MessageFormat;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
import org.eclipse.jgit.internal.JGitText;
|
||||
import org.eclipse.jgit.transport.http.HttpConnection;
|
||||
|
||||
|
@ -62,6 +70,14 @@ public class HttpSupport {
|
|||
/** The {@code GET} HTTP method. */
|
||||
public static final String METHOD_GET = "GET"; //$NON-NLS-1$
|
||||
|
||||
/** The {@code HEAD} HTTP method.
|
||||
* @since 4.3 */
|
||||
public static final String METHOD_HEAD = "HEAD"; //$NON-NLS-1$
|
||||
|
||||
/** The {@code POST} HTTP method.
|
||||
* @since 4.3 */
|
||||
public static final String METHOD_PUT = "PUT"; //$NON-NLS-1$
|
||||
|
||||
/** The {@code POST} HTTP method. */
|
||||
public static final String METHOD_POST = "POST"; //$NON-NLS-1$
|
||||
|
||||
|
@ -234,6 +250,50 @@ public static Proxy proxyFor(final ProxySelector proxySelector, final URL u)
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Disable SSL and hostname verification for given HTTP connection
|
||||
*
|
||||
* @param conn
|
||||
* @throws IOException
|
||||
* @since 4.3
|
||||
*/
|
||||
public static void disableSslVerify(HttpConnection conn)
|
||||
throws IOException {
|
||||
final TrustManager[] trustAllCerts = new TrustManager[] {
|
||||
new DummyX509TrustManager() };
|
||||
try {
|
||||
conn.configure(null, trustAllCerts, null);
|
||||
conn.setHostnameVerifier(new DummyHostnameVerifier());
|
||||
} catch (KeyManagementException e) {
|
||||
throw new IOException(e.getMessage());
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new IOException(e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
private static class DummyX509TrustManager implements X509TrustManager {
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
|
||||
public void checkClientTrusted(X509Certificate[] certs,
|
||||
String authType) {
|
||||
// no check
|
||||
}
|
||||
|
||||
public void checkServerTrusted(X509Certificate[] certs,
|
||||
String authType) {
|
||||
// no check
|
||||
}
|
||||
}
|
||||
|
||||
private static class DummyHostnameVerifier implements HostnameVerifier {
|
||||
public boolean verify(String hostname, SSLSession session) {
|
||||
// always accept
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
private HttpSupport() {
|
||||
// Utility class only.
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue