From: Saša Živkov Date: Tue, 19 Jan 2016 16:52:19 +0000 (+0100) Subject: Allow to reuse disableSslVerify method, move it to HttpSupport X-Git-Tag: v4.3.0.201603230630-rc1~31 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=a0e1374e2259e4e2bd5da1a76bc716c134728e95;p=jgit.git Allow to reuse disableSslVerify method, move it to HttpSupport The disableSslVerify method will be used in the follow up change. Change-Id: Ie00b5e14244a9a036cbdef94768007f1c25aa8d3 Signed-off-by: Matthias Sohn --- diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java index 594827886b..414e8790ca 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java @@ -67,9 +67,6 @@ import java.net.MalformedURLException; import java.net.Proxy; import java.net.ProxySelector; import java.net.URL; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.cert.X509Certificate; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Arrays; @@ -83,11 +80,6 @@ import java.util.TreeMap; import java.util.zip.GZIPInputStream; import java.util.zip.GZIPOutputStream; -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - import org.eclipse.jgit.errors.NoRemoteRepositoryException; import org.eclipse.jgit.errors.NotSupportedException; import org.eclipse.jgit.errors.PackProtocolException; @@ -538,7 +530,7 @@ public class TransportHttp extends HttpTransport implements WalkTransport, HttpConnection conn = connectionFactory.create(u, proxy); if (!http.sslVerify && "https".equals(u.getProtocol())) { //$NON-NLS-1$ - disableSslVerify(conn); + HttpSupport.disableSslVerify(conn); } conn.setRequestMethod(method); @@ -562,19 +554,6 @@ public class TransportHttp extends HttpTransport implements WalkTransport, return conn; } - private void disableSslVerify(HttpConnection conn) - throws IOException { - final TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() }; - try { - conn.configure(null, trustAllCerts, null); - conn.setHostnameVerifier(new DummyHostnameVerifier()); - } catch (KeyManagementException e) { - throw new IOException(e.getMessage()); - } catch (NoSuchAlgorithmException e) { - throw new IOException(e.getMessage()); - } - } - final InputStream openInputStream(HttpConnection conn) throws IOException { InputStream input = conn.getInputStream(); @@ -1002,25 +981,4 @@ public class TransportHttp extends HttpTransport implements WalkTransport, in.add(openInputStream(conn)); } } - - private static class DummyX509TrustManager implements X509TrustManager { - public X509Certificate[] getAcceptedIssuers() { - return null; - } - - public void checkClientTrusted(X509Certificate[] certs, String authType) { - // no check - } - - public void checkServerTrusted(X509Certificate[] certs, String authType) { - // no check - } - } - - private static class DummyHostnameVerifier implements HostnameVerifier { - public boolean verify(String hostname, SSLSession session) { - // always accept - return true; - } - } } diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java index 8b4ad0aa29..6a43c0f963 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java @@ -52,8 +52,16 @@ import java.net.ProxySelector; import java.net.URISyntaxException; import java.net.URL; import java.net.URLEncoder; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; import java.text.MessageFormat; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; + import org.eclipse.jgit.internal.JGitText; import org.eclipse.jgit.transport.http.HttpConnection; @@ -62,6 +70,14 @@ public class HttpSupport { /** The {@code GET} HTTP method. */ public static final String METHOD_GET = "GET"; //$NON-NLS-1$ + /** The {@code HEAD} HTTP method. + * @since 4.3 */ + public static final String METHOD_HEAD = "HEAD"; //$NON-NLS-1$ + + /** The {@code POST} HTTP method. + * @since 4.3 */ + public static final String METHOD_PUT = "PUT"; //$NON-NLS-1$ + /** The {@code POST} HTTP method. */ public static final String METHOD_POST = "POST"; //$NON-NLS-1$ @@ -234,6 +250,50 @@ public class HttpSupport { } } + /** + * Disable SSL and hostname verification for given HTTP connection + * + * @param conn + * @throws IOException + * @since 4.3 + */ + public static void disableSslVerify(HttpConnection conn) + throws IOException { + final TrustManager[] trustAllCerts = new TrustManager[] { + new DummyX509TrustManager() }; + try { + conn.configure(null, trustAllCerts, null); + conn.setHostnameVerifier(new DummyHostnameVerifier()); + } catch (KeyManagementException e) { + throw new IOException(e.getMessage()); + } catch (NoSuchAlgorithmException e) { + throw new IOException(e.getMessage()); + } + } + + private static class DummyX509TrustManager implements X509TrustManager { + public X509Certificate[] getAcceptedIssuers() { + return null; + } + + public void checkClientTrusted(X509Certificate[] certs, + String authType) { + // no check + } + + public void checkServerTrusted(X509Certificate[] certs, + String authType) { + // no check + } + } + + private static class DummyHostnameVerifier implements HostnameVerifier { + public boolean verify(String hostname, SSLSession session) { + // always accept + return true; + } + } + private HttpSupport() { // Utility class only. }