Skip to content

Commit

Permalink
Introduce acceptAnyCertificate config, defaulting to false, backport d…
Browse files Browse the repository at this point in the history 
…f6ed70, close #352
  • Loading branch information
Stephane Landelle committed Jul 10, 2014
1 parent a894583 commit dfacb8e
Show file tree
Hide file tree
Showing 14 changed files with 146 additions and 277 deletions.
135 changes: 52 additions & 83 deletions src/main/java/com/ning/http/client/AsyncHttpClientConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,7 @@

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;

import java.security.GeneralSecurityException;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
Expand Down Expand Up @@ -68,7 +66,6 @@ public class AsyncHttpClientConfig {
protected ExecutorService applicationThreadPool;
protected ProxyServerSelector proxyServerSelector;
protected SSLContext sslContext;
protected SSLEngineFactory sslEngineFactory;
protected AsyncHttpProviderConfig<?, ?> providerConfig;
protected ConnectionsPool<?, ?> connectionsPool;
protected Realm realm;
Expand All @@ -86,6 +83,7 @@ public class AsyncHttpClientConfig {
protected boolean useRelativeURIsWithSSLProxies;
protected int maxConnectionLifeTimeInMs;
protected TimeConverter timeConverter;
protected boolean acceptAnyCertificate;

protected AsyncHttpClientConfig() {
}
Expand All @@ -106,7 +104,6 @@ private AsyncHttpClientConfig(int maxTotalConnections,
ExecutorService applicationThreadPool,
ProxyServerSelector proxyServerSelector,
SSLContext sslContext,
SSLEngineFactory sslEngineFactory,
AsyncHttpProviderConfig<?, ?> providerConfig,
ConnectionsPool<?, ?> connectionsPool, Realm realm,
List<RequestFilter> requestFilters,
Expand All @@ -121,7 +118,8 @@ private AsyncHttpClientConfig(int maxTotalConnections,
int ioThreadMultiplier,
boolean strict302Handling,
boolean useRelativeURIsWithSSLProxies,
TimeConverter timeConverter) {
TimeConverter timeConverter, //
boolean acceptAnyCertificate) {

this.maxTotalConnections = maxTotalConnections;
this.maxConnectionPerHost = maxConnectionPerHost;
Expand All @@ -137,7 +135,6 @@ private AsyncHttpClientConfig(int maxTotalConnections,
this.userAgent = userAgent;
this.allowPoolingConnection = keepAlive;
this.sslContext = sslContext;
this.sslEngineFactory = sslEngineFactory;
this.providerConfig = providerConfig;
this.connectionsPool = connectionsPool;
this.realm = realm;
Expand All @@ -161,6 +158,7 @@ private AsyncHttpClientConfig(int maxTotalConnections,
this.proxyServerSelector = proxyServerSelector;
this.disableUrlEncodingForBoundedRequests = disableUrlEncodingForBoundedRequests;
this.timeConverter = timeConverter;
this.acceptAnyCertificate = acceptAnyCertificate;
}

/**
Expand Down Expand Up @@ -310,28 +308,6 @@ public SSLContext getSSLContext() {
return connectionsPool;
}

/**
* Return an instance of {@link SSLEngineFactory} used for SSL connection.
*
* @return an instance of {@link SSLEngineFactory} used for SSL connection.
*/
public SSLEngineFactory getSSLEngineFactory() {
if (sslEngineFactory == null) {
return new SSLEngineFactory() {
public SSLEngine newSSLEngine() {
if (sslContext != null) {
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(true);
return sslEngine;
} else {
return null;
}
}
};
}
return sslEngineFactory;
}

/**
* Return the {@link com.ning.http.client.AsyncHttpProviderConfig}
*
Expand Down Expand Up @@ -491,12 +467,19 @@ public int getMaxConnectionLifeTimeInMs() {
}

/**
* @return 1.8.2
* since 1.8.2
*/
public TimeConverter getTimeConverter() {
return timeConverter;
}

/**
* since 1.9.0
*/
public boolean isAcceptAnyCertificate() {
return acceptAnyCertificate;
}

/**
* Builder for an {@link AsyncHttpClient}
*/
Expand Down Expand Up @@ -525,11 +508,11 @@ public static class Builder {
private boolean removeQueryParamOnRedirect = defaultRemoveQueryParamOnRedirect();
private boolean strict302Handling = defaultStrict302Handling();
private HostnameVerifier hostnameVerifier = defaultHostnameVerifier();
private boolean acceptAnyCertificate = defaultAcceptAnyCertificate();

private ExecutorService applicationThreadPool;
private ProxyServerSelector proxyServerSelector = null;
private SSLContext sslContext;
private SSLEngineFactory sslEngineFactory;
private AsyncHttpProviderConfig<?, ?> providerConfig;
private ConnectionsPool<?, ?> connectionsPool;
private Realm realm;
Expand Down Expand Up @@ -713,31 +696,13 @@ public Builder setProxyServer(ProxyServer proxyServer) {
return this;
}

/**
* Set the {@link SSLEngineFactory} for secure connection.
*
* @param sslEngineFactory the {@link SSLEngineFactory} for secure connection
* @return a {@link Builder}
*/
public Builder setSSLEngineFactory(SSLEngineFactory sslEngineFactory) {
this.sslEngineFactory = sslEngineFactory;
return this;
}

/**
* Set the {@link SSLContext} for secure connection.
*
* @param sslContext the {@link SSLContext} for secure connection
* @return a {@link Builder}
*/
public Builder setSSLContext(final SSLContext sslContext) {
this.sslEngineFactory = new SSLEngineFactory() {
public SSLEngine newSSLEngine() throws GeneralSecurityException {
SSLEngine sslEngine = sslContext.createSSLEngine();
sslEngine.setUseClientMode(true);
return sslEngine;
}
};
this.sslContext = sslContext;
return this;
}
Expand Down Expand Up @@ -998,6 +963,11 @@ public Builder setTimeConverter(TimeConverter timeConverter) {
return this;
}

public Builder setAcceptAnyCertificate(boolean acceptAnyCertificate) {
this.acceptAnyCertificate = acceptAnyCertificate;
return this;
}

/**
* Create a config builder with values taken from the given prototype configuration.
*
Expand All @@ -1018,7 +988,6 @@ public Builder(AsyncHttpClientConfig prototype) {
realm = prototype.getRealm();
requestTimeoutInMs = prototype.getRequestTimeoutInMs();
sslContext = prototype.getSSLContext();
sslEngineFactory = prototype.getSSLEngineFactory();
userAgent = prototype.getUserAgent();
followRedirect = prototype.isFollowRedirect();
compressionEnabled = prototype.isCompressionEnabled();
Expand All @@ -1041,6 +1010,7 @@ public Builder(AsyncHttpClientConfig prototype) {
hostnameVerifier = prototype.getHostnameVerifier();
strict302Handling = prototype.isStrict302Handling();
timeConverter = prototype.timeConverter;
acceptAnyCertificate = prototype.acceptAnyCertificate;
}

/**
Expand Down Expand Up @@ -1073,40 +1043,39 @@ public Thread newThread(Runnable r) {
proxyServerSelector = ProxyServerSelector.NO_PROXY_SELECTOR;
}

return new AsyncHttpClientConfig(maxTotalConnections,
maxConnectionPerHost,
connectionTimeOutInMs,
webSocketIdleTimeoutInMs,
idleConnectionInPoolTimeoutInMs,
idleConnectionTimeoutInMs,
requestTimeoutInMs,
maxConnectionLifeTimeInMs,
followRedirect,
maxDefaultRedirects,
compressionEnabled,
userAgent,
allowPoolingConnection,
applicationThreadPool,
proxyServerSelector,
sslContext,
sslEngineFactory,
providerConfig,
connectionsPool,
realm,
requestFilters,
responseFilters,
ioExceptionFilters,
requestCompressionLevel,
maxRequestRetry,
allowSslConnectionPool,
disableUrlEncodingForBoundedRequests,
removeQueryParamOnRedirect,
hostnameVerifier,
ioThreadMultiplier,
strict302Handling,
useRelativeURIsWithSSLProxies,
timeConverter);
return new AsyncHttpClientConfig(maxTotalConnections, //
maxConnectionPerHost, //
connectionTimeOutInMs, //
webSocketIdleTimeoutInMs, //
idleConnectionInPoolTimeoutInMs, //
idleConnectionTimeoutInMs, //
requestTimeoutInMs, //
maxConnectionLifeTimeInMs, //
followRedirect, //
maxDefaultRedirects, //
compressionEnabled, //
userAgent, //
allowPoolingConnection, //
applicationThreadPool, //
proxyServerSelector, //
sslContext, //
providerConfig, //
connectionsPool, //
realm, //
requestFilters, //
responseFilters, //
ioExceptionFilters, //
requestCompressionLevel, //
maxRequestRetry, //
allowSslConnectionPool, //
disableUrlEncodingForBoundedRequests, //
removeQueryParamOnRedirect, //
hostnameVerifier, //
ioThreadMultiplier, //
strict302Handling, //
useRelativeURIsWithSSLProxies, //
timeConverter, //
acceptAnyCertificate);
}
}
}

11 changes: 6 additions & 5 deletions src/main/java/com/ning/http/client/AsyncHttpClientConfigBean.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ void configureDefaults() {
removeQueryParamOnRedirect = defaultRemoveQueryParamOnRedirect();
strict302Handling = defaultStrict302Handling();
hostnameVerifier = defaultHostnameVerifier();
acceptAnyCertificate = defaultAcceptAnyCertificate();

if (defaultUseProxySelector()) {
proxyServerSelector = ProxyUtils.getJdkDefaultProxyServerSelector();
Expand Down Expand Up @@ -173,11 +174,6 @@ public AsyncHttpClientConfigBean setSslContext(SSLContext sslContext) {
return this;
}

public AsyncHttpClientConfigBean setSslEngineFactory(SSLEngineFactory sslEngineFactory) {
this.sslEngineFactory = sslEngineFactory;
return this;
}

public AsyncHttpClientConfigBean setProviderConfig(AsyncHttpProviderConfig<?, ?> providerConfig) {
this.providerConfig = providerConfig;
return this;
Expand Down Expand Up @@ -242,4 +238,9 @@ public AsyncHttpClientConfigBean setIoThreadMultiplier(int ioThreadMultiplier) {
this.ioThreadMultiplier = ioThreadMultiplier;
return this;
}

public AsyncHttpClientConfigBean setAcceptAnyCertificate(boolean acceptAnyCertificate) {
this.acceptAnyCertificate = acceptAnyCertificate;
return this;
}
}
4 changes: 4 additions & 0 deletions src/main/java/com/ning/http/client/AsyncHttpClientConfigDefaults.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,4 +121,8 @@ public static boolean defaultRemoveQueryParamOnRedirect() {
public static HostnameVerifier defaultHostnameVerifier() {
return new DefaultHostnameVerifier();
}

public static boolean defaultAcceptAnyCertificate() {
return getBoolean(ASYNC_CLIENT + "acceptAnyCertificate", false);
}
}
32 changes: 0 additions & 32 deletions src/main/java/com/ning/http/client/SSLEngineFactory.java
View file

This file was deleted.

10 changes: 5 additions & 5 deletions src/main/java/com/ning/http/client/SimpleAsyncHttpClient.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -539,11 +539,6 @@ public Builder setExecutorService(ExecutorService applicationThreadPool) {
return this;
}

public Builder setSSLEngineFactory(SSLEngineFactory sslEngineFactory) {
configBuilder.setSSLEngineFactory(sslEngineFactory);
return this;
}

public Builder setSSLContext(final SSLContext sslContext) {
configBuilder.setSSLContext(sslContext);
return this;
Expand Down Expand Up @@ -669,6 +664,11 @@ public Builder setProviderClass(String providerClass) {
return this;
}

public Builder setAcceptAnyCertificate(boolean acceptAnyCertificate) {
configBuilder.setAcceptAnyCertificate(acceptAnyCertificate);
return this;
}

public SimpleAsyncHttpClient build() {

if (realmBuilder != null) {
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/ning/http/client/providers/grizzly/GrizzlyAsyncHttpProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@ public void onTimeout(Connection connection) {
boolean defaultSecState = (context != null);
if (context == null) {
try {
context = SslUtils.getSSLContext();
context = SslUtils.getInstance().getSSLContext(clientConfig.isAcceptAnyCertificate());
} catch (Exception e) {
throw new IllegalStateException(e);
}
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/ning/http/client/providers/jdk/JDKAsyncHttpProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ private HttpURLConnection createUrlConnection(Request request) throws IOExceptio
SSLContext sslContext = config.getSSLContext();
if (sslContext == null) {
try {
sslContext = SslUtils.getSSLContext();
sslContext = SslUtils.getInstance().getSSLContext(config.isAcceptAnyCertificate());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
} catch (GeneralSecurityException e) {
Expand Down
Loading

0 comments on commit dfacb8e

Please sign in to comment.