Browse Source

Allow to reuse disableSslVerify method, move it to HttpSupport

The disableSslVerify method will be used in the follow up change.

Change-Id: Ie00b5e14244a9a036cbdef94768007f1c25aa8d3
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
stable-4.3
Saša Živkov 9 years ago
parent
commit
a0e1374e22
  1. 44
      org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java
  2. 60
      org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java

44
org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java

@ -67,9 +67,6 @@ import java.net.MalformedURLException;
import java.net.Proxy; import java.net.Proxy;
import java.net.ProxySelector; import java.net.ProxySelector;
import java.net.URL; import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat; import java.text.MessageFormat;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
@ -83,11 +80,6 @@ import java.util.TreeMap;
import java.util.zip.GZIPInputStream; import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream; import java.util.zip.GZIPOutputStream;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.eclipse.jgit.errors.NoRemoteRepositoryException; import org.eclipse.jgit.errors.NoRemoteRepositoryException;
import org.eclipse.jgit.errors.NotSupportedException; import org.eclipse.jgit.errors.NotSupportedException;
import org.eclipse.jgit.errors.PackProtocolException; import org.eclipse.jgit.errors.PackProtocolException;
@ -538,7 +530,7 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
HttpConnection conn = connectionFactory.create(u, proxy); HttpConnection conn = connectionFactory.create(u, proxy);
if (!http.sslVerify && "https".equals(u.getProtocol())) { //$NON-NLS-1$ if (!http.sslVerify && "https".equals(u.getProtocol())) { //$NON-NLS-1$
disableSslVerify(conn); HttpSupport.disableSslVerify(conn);
} }
conn.setRequestMethod(method); conn.setRequestMethod(method);
@ -562,19 +554,6 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
return conn; return conn;
} }
private void disableSslVerify(HttpConnection conn)
throws IOException {
final TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() };
try {
conn.configure(null, trustAllCerts, null);
conn.setHostnameVerifier(new DummyHostnameVerifier());
} catch (KeyManagementException e) {
throw new IOException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
}
}
final InputStream openInputStream(HttpConnection conn) final InputStream openInputStream(HttpConnection conn)
throws IOException { throws IOException {
InputStream input = conn.getInputStream(); InputStream input = conn.getInputStream();
@ -1002,25 +981,4 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
in.add(openInputStream(conn)); in.add(openInputStream(conn));
} }
} }
private static class DummyX509TrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
// no check
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
// no check
}
}
private static class DummyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
// always accept
return true;
}
}
} }

60
org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java

@ -52,8 +52,16 @@ import java.net.ProxySelector;
import java.net.URISyntaxException; import java.net.URISyntaxException;
import java.net.URL; import java.net.URL;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat; import java.text.MessageFormat;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.eclipse.jgit.internal.JGitText; import org.eclipse.jgit.internal.JGitText;
import org.eclipse.jgit.transport.http.HttpConnection; import org.eclipse.jgit.transport.http.HttpConnection;
@ -62,6 +70,14 @@ public class HttpSupport {
/** The {@code GET} HTTP method. */ /** The {@code GET} HTTP method. */
public static final String METHOD_GET = "GET"; //$NON-NLS-1$ public static final String METHOD_GET = "GET"; //$NON-NLS-1$
/** The {@code HEAD} HTTP method.
* @since 4.3 */
public static final String METHOD_HEAD = "HEAD"; //$NON-NLS-1$
/** The {@code POST} HTTP method.
* @since 4.3 */
public static final String METHOD_PUT = "PUT"; //$NON-NLS-1$
/** The {@code POST} HTTP method. */ /** The {@code POST} HTTP method. */
public static final String METHOD_POST = "POST"; //$NON-NLS-1$ public static final String METHOD_POST = "POST"; //$NON-NLS-1$
@ -234,6 +250,50 @@ public class HttpSupport {
} }
} }
/**
* Disable SSL and hostname verification for given HTTP connection
*
* @param conn
* @throws IOException
* @since 4.3
*/
public static void disableSslVerify(HttpConnection conn)
throws IOException {
final TrustManager[] trustAllCerts = new TrustManager[] {
new DummyX509TrustManager() };
try {
conn.configure(null, trustAllCerts, null);
conn.setHostnameVerifier(new DummyHostnameVerifier());
} catch (KeyManagementException e) {
throw new IOException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
}
}
private static class DummyX509TrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[] certs,
String authType) {
// no check
}
public void checkServerTrusted(X509Certificate[] certs,
String authType) {
// no check
}
}
private static class DummyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
// always accept
return true;
}
}
private HttpSupport() { private HttpSupport() {
// Utility class only. // Utility class only.
} }

Loading…
Cancel
Save