*/
package org.sonarqube.ws.client;
-import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import java.net.Proxy;
import java.util.Map;
private final String proxyCredentials;
private final OkHttpClient okHttpClient;
- private HttpConnector(Builder builder, JavaVersion javaVersion) {
+ private HttpConnector(Builder builder) {
this.baseUrl = HttpUrl.parse(builder.url.endsWith("/") ? builder.url : format("%s/", builder.url));
checkArgument(this.baseUrl!=null, "Malformed URL: '%s'", builder.url);
this.userAgent = builder.userAgent;
} else {
this.proxyCredentials = Credentials.basic(builder.proxyLogin, nullToEmpty(builder.proxyPassword));
}
- this.okHttpClient = buildClient(builder, javaVersion);
+ this.okHttpClient = buildClient(builder);
}
- private static OkHttpClient buildClient(Builder builder, JavaVersion javaVersion) {
+ private static OkHttpClient buildClient(Builder builder) {
OkHttpClient.Builder okHttpClientBuilder = new OkHttpClient.Builder();
if (builder.proxy != null) {
okHttpClientBuilder.proxy(builder.proxy);
.supportsTlsExtensions(true)
.build();
okHttpClientBuilder.connectionSpecs(asList(tls, ConnectionSpec.CLEARTEXT));
- okHttpClientBuilder.sslSocketFactory(createSslSocketFactory(javaVersion));
+ okHttpClientBuilder.sslSocketFactory(createSslSocketFactory());
return okHttpClientBuilder.build();
}
- private static SSLSocketFactory createSslSocketFactory(JavaVersion javaVersion) {
+ private static SSLSocketFactory createSslSocketFactory() {
try {
- SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
- return enableTls12InJava7(sslSocketFactory, javaVersion);
+ return (SSLSocketFactory) SSLSocketFactory.getDefault();
} catch (Exception e) {
throw new IllegalStateException("Fail to init TLS context", e);
}
}
- private static SSLSocketFactory enableTls12InJava7(SSLSocketFactory sslSocketFactory, JavaVersion javaVersion) {
- if (javaVersion.isJava7()) {
- // OkHttp executes SSLContext.getInstance("TLS") by default (see
- // https://github.com/square/okhttp/blob/c358656/okhttp/src/main/java/com/squareup/okhttp/OkHttpClient.java#L616)
- // As only TLS 1.0 is enabled by default in Java 7, the SSLContextFactory must be changed
- // in order to support all versions from 1.0 to 1.2.
- // Note that this is not overridden for Java 8 as TLS 1.2 is enabled by default.
- // Keeping getInstance("TLS") allows to support potential future versions of TLS on Java 8.
- return new Tls12Java7SocketFactory(sslSocketFactory);
- }
- return sslSocketFactory;
- }
-
@Override
public String baseUrl() {
return baseUrl.url().toExternalForm();
}
public HttpConnector build() {
- return build(new JavaVersion());
- }
-
- @VisibleForTesting
- HttpConnector build(JavaVersion javaVersion) {
checkArgument(!isNullOrEmpty(url), "Server URL is not defined");
- return new HttpConnector(this, javaVersion);
+ return new HttpConnector(this);
}
}
- static class JavaVersion {
- boolean isJava7() {
- return System.getProperty("java.version").startsWith("1.7.");
- }
- }
}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonarqube.ws.client;
-
-import com.google.common.annotations.VisibleForTesting;
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-/**
- * {@link SSLSocketFactory} which enables all the versions of TLS. This is required
- * to support TLSv1.2 on Java 7. Note that Java 8 supports TLSv1.2 natively, without
- * any configuration
- */
-public class Tls12Java7SocketFactory extends SSLSocketFactory {
-
- @VisibleForTesting
- static final String[] TLS_PROTOCOLS = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"};
-
- private final SSLSocketFactory delegate;
-
- public Tls12Java7SocketFactory(SSLSocketFactory delegate) {
- this.delegate = delegate;
- }
-
- @Override
- public String[] getDefaultCipherSuites() {
- return delegate.getDefaultCipherSuites();
- }
-
- @Override
- public String[] getSupportedCipherSuites() {
- return delegate.getSupportedCipherSuites();
- }
-
- @Override
- public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
- Socket underlyingSocket = delegate.createSocket(socket, host, port, autoClose);
- return overrideProtocol(underlyingSocket);
- }
-
- @Override
- public Socket createSocket(String host, int port) throws IOException {
- Socket underlyingSocket = delegate.createSocket(host, port);
- return overrideProtocol(underlyingSocket);
- }
-
- @Override
- public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException {
- Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort);
- return overrideProtocol(underlyingSocket);
- }
-
- @Override
- public Socket createSocket(InetAddress host, int port) throws IOException {
- Socket underlyingSocket = delegate.createSocket(host, port);
- return overrideProtocol(underlyingSocket);
- }
-
- @Override
- public Socket createSocket(InetAddress host, int port, InetAddress localAddress, int localPort) throws IOException {
- Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort);
- return overrideProtocol(underlyingSocket);
- }
-
- /**
- * Enables TLS v1.0, 1.1 and 1.2 on the socket
- */
- private static Socket overrideProtocol(Socket socket) {
- if (socket instanceof SSLSocket) {
- ((SSLSocket) socket).setEnabledProtocols(TLS_PROTOCOLS);
- }
- return socket;
- }
-}
*/
package org.sonarqube.ws.client;
+import java.io.File;
+import java.util.List;
+import javax.net.ssl.SSLSocketFactory;
import okhttp3.ConnectionSpec;
import okhttp3.mockwebserver.MockResponse;
import okhttp3.mockwebserver.MockWebServer;
import okhttp3.mockwebserver.RecordedRequest;
-import java.io.File;
-import java.util.List;
-import javax.net.ssl.SSLSocketFactory;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
import static org.sonarqube.ws.client.HttpConnector.newBuilder;
public class HttpConnectorTest {
@Rule
public ExpectedException expectedException = ExpectedException.none();
- HttpConnector.JavaVersion javaVersion = mock(HttpConnector.JavaVersion.class);
MockWebServer server;
String serverUrl;
assertThat(underTest.call(request).requestUrl()).isEqualTo(serverUrl + "sonar/api/issues/search");
}
- @Test
- public void support_tls_1_2_on_java7() {
- when(javaVersion.isJava7()).thenReturn(true);
- underTest = HttpConnector.newBuilder().url(serverUrl).build(javaVersion);
-
- assertTlsAndClearTextSpecifications(underTest);
- // enable TLS 1.0, 1.1 and 1.2
- assertThat(underTest.okHttpClient().sslSocketFactory()).isNotNull().isInstanceOf(Tls12Java7SocketFactory.class);
- }
-
@Test
public void support_tls_versions_of_java8() {
- when(javaVersion.isJava7()).thenReturn(false);
- underTest = HttpConnector.newBuilder().url(serverUrl).build(javaVersion);
+ underTest = HttpConnector.newBuilder().url(serverUrl).build();
assertTlsAndClearTextSpecifications(underTest);
assertThat(underTest.okHttpClient().sslSocketFactory()).isInstanceOf(SSLSocketFactory.getDefault().getClass());
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonarqube.ws.client;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.Socket;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-import org.junit.Test;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-public class Tls12Java7SocketFactoryTest {
-
- SSLSocketFactory delegate = mock(SSLSocketFactory.class);
- Tls12Java7SocketFactory underTest = new Tls12Java7SocketFactory(delegate);
-
- @Test
- public void createSocket_1() throws IOException {
- InetAddress address = mock(InetAddress.class);
- SSLSocket socket = mock(SSLSocket.class);
- when(delegate.createSocket(address, 80)).thenReturn(socket);
- socket = (SSLSocket) underTest.createSocket(address, 80);
- verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS);
- }
-
- @Test
- public void createSocket_2() throws IOException {
- InetAddress address = mock(InetAddress.class);
- InetAddress address2 = mock(InetAddress.class);
- SSLSocket socket = mock(SSLSocket.class);
- when(delegate.createSocket(address, 80, address2, 443)).thenReturn(socket);
- socket = (SSLSocket) underTest.createSocket(address, 80, address2, 443);
- verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS);
- }
-
- @Test
- public void createSocket_3() throws IOException {
- SSLSocket socket = mock(SSLSocket.class);
- when(delegate.createSocket("", 80)).thenReturn(socket);
- socket = (SSLSocket) underTest.createSocket("", 80);
- verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS);
- }
-
- @Test
- public void support_non_ssl_sockets() throws IOException {
- Socket regularSocket = mock(Socket.class);
- when(delegate.createSocket("", 80)).thenReturn(regularSocket);
- assertThat(underTest.createSocket("", 80)).isNotInstanceOf(SSLSocket.class);
- }
-
- @Test
- public void delegate_getters() {
- String[] defaultCipherSuites = new String[0];
- String[] supportedCipherSuites = new String[0];
- when(delegate.getDefaultCipherSuites()).thenReturn(defaultCipherSuites);
- when(delegate.getSupportedCipherSuites()).thenReturn(supportedCipherSuites);
-
- assertThat(underTest.getDefaultCipherSuites()).isSameAs(defaultCipherSuites);
- assertThat(underTest.getSupportedCipherSuites()).isSameAs(supportedCipherSuites);
- }
-}
projects / sonarqube.git / commitdiff