From: Sébastien Lesaint Date: Mon, 11 Jul 2016 09:58:14 +0000 (+0200) Subject: SONAR-7741 remove support for Java 7 in HttpConnector X-Git-Tag: 6.0-RC1~105 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=e21f7808ca3f2d1a0958a8bb2a4492cc0106680e;p=sonarqube.git SONAR-7741 remove support for Java 7 in HttpConnector --- diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/HttpConnector.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/HttpConnector.java index 0e4af282deb..e25eb69059f 100644 --- a/sonar-ws/src/main/java/org/sonarqube/ws/client/HttpConnector.java +++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/HttpConnector.java @@ -19,7 +19,6 @@ */ package org.sonarqube.ws.client; -import com.google.common.annotations.VisibleForTesting; import java.io.IOException; import java.net.Proxy; import java.util.Map; @@ -65,7 +64,7 @@ public class HttpConnector implements WsConnector { private final String proxyCredentials; private final OkHttpClient okHttpClient; - private HttpConnector(Builder builder, JavaVersion javaVersion) { + private HttpConnector(Builder builder) { this.baseUrl = HttpUrl.parse(builder.url.endsWith("/") ? builder.url : format("%s/", builder.url)); checkArgument(this.baseUrl!=null, "Malformed URL: '%s'", builder.url); this.userAgent = builder.userAgent; @@ -84,10 +83,10 @@ public class HttpConnector implements WsConnector { } else { this.proxyCredentials = Credentials.basic(builder.proxyLogin, nullToEmpty(builder.proxyPassword)); } - this.okHttpClient = buildClient(builder, javaVersion); + this.okHttpClient = buildClient(builder); } - private static OkHttpClient buildClient(Builder builder, JavaVersion javaVersion) { + private static OkHttpClient buildClient(Builder builder) { OkHttpClient.Builder okHttpClientBuilder = new OkHttpClient.Builder(); if (builder.proxy != null) { okHttpClientBuilder.proxy(builder.proxy); @@ -102,33 +101,19 @@ public class HttpConnector implements WsConnector { .supportsTlsExtensions(true) .build(); okHttpClientBuilder.connectionSpecs(asList(tls, ConnectionSpec.CLEARTEXT)); - okHttpClientBuilder.sslSocketFactory(createSslSocketFactory(javaVersion)); + okHttpClientBuilder.sslSocketFactory(createSslSocketFactory()); return okHttpClientBuilder.build(); } - private static SSLSocketFactory createSslSocketFactory(JavaVersion javaVersion) { + private static SSLSocketFactory createSslSocketFactory() { try { - SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); - return enableTls12InJava7(sslSocketFactory, javaVersion); + return (SSLSocketFactory) SSLSocketFactory.getDefault(); } catch (Exception e) { throw new IllegalStateException("Fail to init TLS context", e); } } - private static SSLSocketFactory enableTls12InJava7(SSLSocketFactory sslSocketFactory, JavaVersion javaVersion) { - if (javaVersion.isJava7()) { - // OkHttp executes SSLContext.getInstance("TLS") by default (see - // https://github.com/square/okhttp/blob/c358656/okhttp/src/main/java/com/squareup/okhttp/OkHttpClient.java#L616) - // As only TLS 1.0 is enabled by default in Java 7, the SSLContextFactory must be changed - // in order to support all versions from 1.0 to 1.2. - // Note that this is not overridden for Java 8 as TLS 1.2 is enabled by default. - // Keeping getInstance("TLS") allows to support potential future versions of TLS on Java 8. - return new Tls12Java7SocketFactory(sslSocketFactory); - } - return sslSocketFactory; - } - @Override public String baseUrl() { return baseUrl.url().toExternalForm(); @@ -309,19 +294,9 @@ public class HttpConnector implements WsConnector { } public HttpConnector build() { - return build(new JavaVersion()); - } - - @VisibleForTesting - HttpConnector build(JavaVersion javaVersion) { checkArgument(!isNullOrEmpty(url), "Server URL is not defined"); - return new HttpConnector(this, javaVersion); + return new HttpConnector(this); } } - static class JavaVersion { - boolean isJava7() { - return System.getProperty("java.version").startsWith("1.7."); - } - } } diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/Tls12Java7SocketFactory.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/Tls12Java7SocketFactory.java deleted file mode 100644 index f9f472dae06..00000000000 --- a/sonar-ws/src/main/java/org/sonarqube/ws/client/Tls12Java7SocketFactory.java +++ /dev/null @@ -1,94 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2016 SonarSource SA - * mailto:contact AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonarqube.ws.client; - -import com.google.common.annotations.VisibleForTesting; -import java.io.IOException; -import java.net.InetAddress; -import java.net.Socket; -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; - -/** - * {@link SSLSocketFactory} which enables all the versions of TLS. This is required - * to support TLSv1.2 on Java 7. Note that Java 8 supports TLSv1.2 natively, without - * any configuration - */ -public class Tls12Java7SocketFactory extends SSLSocketFactory { - - @VisibleForTesting - static final String[] TLS_PROTOCOLS = new String[] {"TLSv1", "TLSv1.1", "TLSv1.2"}; - - private final SSLSocketFactory delegate; - - public Tls12Java7SocketFactory(SSLSocketFactory delegate) { - this.delegate = delegate; - } - - @Override - public String[] getDefaultCipherSuites() { - return delegate.getDefaultCipherSuites(); - } - - @Override - public String[] getSupportedCipherSuites() { - return delegate.getSupportedCipherSuites(); - } - - @Override - public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException { - Socket underlyingSocket = delegate.createSocket(socket, host, port, autoClose); - return overrideProtocol(underlyingSocket); - } - - @Override - public Socket createSocket(String host, int port) throws IOException { - Socket underlyingSocket = delegate.createSocket(host, port); - return overrideProtocol(underlyingSocket); - } - - @Override - public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException { - Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort); - return overrideProtocol(underlyingSocket); - } - - @Override - public Socket createSocket(InetAddress host, int port) throws IOException { - Socket underlyingSocket = delegate.createSocket(host, port); - return overrideProtocol(underlyingSocket); - } - - @Override - public Socket createSocket(InetAddress host, int port, InetAddress localAddress, int localPort) throws IOException { - Socket underlyingSocket = delegate.createSocket(host, port, localAddress, localPort); - return overrideProtocol(underlyingSocket); - } - - /** - * Enables TLS v1.0, 1.1 and 1.2 on the socket - */ - private static Socket overrideProtocol(Socket socket) { - if (socket instanceof SSLSocket) { - ((SSLSocket) socket).setEnabledProtocols(TLS_PROTOCOLS); - } - return socket; - } -} diff --git a/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java b/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java index 96925c0d709..527fcc5bf27 100644 --- a/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java +++ b/sonar-ws/src/test/java/org/sonarqube/ws/client/HttpConnectorTest.java @@ -19,13 +19,13 @@ */ package org.sonarqube.ws.client; +import java.io.File; +import java.util.List; +import javax.net.ssl.SSLSocketFactory; import okhttp3.ConnectionSpec; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; import okhttp3.mockwebserver.RecordedRequest; -import java.io.File; -import java.util.List; -import javax.net.ssl.SSLSocketFactory; import org.apache.commons.io.FileUtils; import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringUtils; @@ -40,7 +40,6 @@ import static okhttp3.Credentials.basic; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.fail; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.when; import static org.sonarqube.ws.client.HttpConnector.newBuilder; public class HttpConnectorTest { @@ -50,7 +49,6 @@ public class HttpConnectorTest { @Rule public ExpectedException expectedException = ExpectedException.none(); - HttpConnector.JavaVersion javaVersion = mock(HttpConnector.JavaVersion.class); MockWebServer server; String serverUrl; @@ -280,20 +278,9 @@ public class HttpConnectorTest { assertThat(underTest.call(request).requestUrl()).isEqualTo(serverUrl + "sonar/api/issues/search"); } - @Test - public void support_tls_1_2_on_java7() { - when(javaVersion.isJava7()).thenReturn(true); - underTest = HttpConnector.newBuilder().url(serverUrl).build(javaVersion); - - assertTlsAndClearTextSpecifications(underTest); - // enable TLS 1.0, 1.1 and 1.2 - assertThat(underTest.okHttpClient().sslSocketFactory()).isNotNull().isInstanceOf(Tls12Java7SocketFactory.class); - } - @Test public void support_tls_versions_of_java8() { - when(javaVersion.isJava7()).thenReturn(false); - underTest = HttpConnector.newBuilder().url(serverUrl).build(javaVersion); + underTest = HttpConnector.newBuilder().url(serverUrl).build(); assertTlsAndClearTextSpecifications(underTest); assertThat(underTest.okHttpClient().sslSocketFactory()).isInstanceOf(SSLSocketFactory.getDefault().getClass()); diff --git a/sonar-ws/src/test/java/org/sonarqube/ws/client/Tls12Java7SocketFactoryTest.java b/sonar-ws/src/test/java/org/sonarqube/ws/client/Tls12Java7SocketFactoryTest.java deleted file mode 100644 index 183e2114211..00000000000 --- a/sonar-ws/src/test/java/org/sonarqube/ws/client/Tls12Java7SocketFactoryTest.java +++ /dev/null @@ -1,83 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2016 SonarSource SA - * mailto:contact AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonarqube.ws.client; - -import java.io.IOException; -import java.net.InetAddress; -import java.net.Socket; -import javax.net.ssl.SSLSocket; -import javax.net.ssl.SSLSocketFactory; -import org.junit.Test; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - -public class Tls12Java7SocketFactoryTest { - - SSLSocketFactory delegate = mock(SSLSocketFactory.class); - Tls12Java7SocketFactory underTest = new Tls12Java7SocketFactory(delegate); - - @Test - public void createSocket_1() throws IOException { - InetAddress address = mock(InetAddress.class); - SSLSocket socket = mock(SSLSocket.class); - when(delegate.createSocket(address, 80)).thenReturn(socket); - socket = (SSLSocket) underTest.createSocket(address, 80); - verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS); - } - - @Test - public void createSocket_2() throws IOException { - InetAddress address = mock(InetAddress.class); - InetAddress address2 = mock(InetAddress.class); - SSLSocket socket = mock(SSLSocket.class); - when(delegate.createSocket(address, 80, address2, 443)).thenReturn(socket); - socket = (SSLSocket) underTest.createSocket(address, 80, address2, 443); - verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS); - } - - @Test - public void createSocket_3() throws IOException { - SSLSocket socket = mock(SSLSocket.class); - when(delegate.createSocket("", 80)).thenReturn(socket); - socket = (SSLSocket) underTest.createSocket("", 80); - verify(socket).setEnabledProtocols(Tls12Java7SocketFactory.TLS_PROTOCOLS); - } - - @Test - public void support_non_ssl_sockets() throws IOException { - Socket regularSocket = mock(Socket.class); - when(delegate.createSocket("", 80)).thenReturn(regularSocket); - assertThat(underTest.createSocket("", 80)).isNotInstanceOf(SSLSocket.class); - } - - @Test - public void delegate_getters() { - String[] defaultCipherSuites = new String[0]; - String[] supportedCipherSuites = new String[0]; - when(delegate.getDefaultCipherSuites()).thenReturn(defaultCipherSuites); - when(delegate.getSupportedCipherSuites()).thenReturn(supportedCipherSuites); - - assertThat(underTest.getDefaultCipherSuites()).isSameAs(defaultCipherSuites); - assertThat(underTest.getSupportedCipherSuites()).isSameAs(supportedCipherSuites); - } -}