diff options
| author | Matthias Sohn <matthias.sohn@sap.com> | 2013-03-03 21:54:48 +0100 |
|---|---|---|
| committer | Gerrit Code Review @ Eclipse.org <gerrit@eclipse.org> | 2013-03-19 20:39:38 -0400 |
| commit | 8fcde4b31b36205ea6ef673808489943e4aca3ef (patch) | |
| tree | 2f9a50941d3835629c9b55893620c9cc48e2b9df | |
| parent | 82abba56e515ad778642f83357b70918e3cf56c1 (diff) | |
| download | jgit-8fcde4b31b36205ea6ef673808489943e4aca3ef.tar.gz jgit-8fcde4b31b36205ea6ef673808489943e4aca3ef.zip | |
Don't verify host name when sslVerify is false
Native git also doesn't verify host names when http.sslVerify=false.
See native git's commit a5ccc597.
See: http://dev.eclipse.org/mhonarc/lists/jgit-dev/msg02047.html
Change-Id: I42f509fea8e4ac89fad646aec3dfbf1753ae7e3d
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| -rw-r--r-- | org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java index 12a94fae2f..9816d97808 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java @@ -1,6 +1,7 @@ /* * Copyright (C) 2008-2010, Google Inc. * Copyright (C) 2008, Shawn O. Pearce <spearce@spearce.org> + * Copyright (C) 2013, Matthias Sohn <matthias.sohn@sap.com> * and other copyright owners as documented in the project's IP log. * * This program and the accompanying materials are made available @@ -83,8 +84,10 @@ import java.util.TreeMap; import java.util.zip.GZIPInputStream; import java.util.zip.GZIPOutputStream; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; @@ -532,6 +535,7 @@ public class TransportHttp extends HttpTransport implements WalkTransport, ctx.init(null, trustAllCerts, null); final HttpsURLConnection sslConn = (HttpsURLConnection) conn; sslConn.setSSLSocketFactory(ctx.getSocketFactory()); + sslConn.setHostnameVerifier(new DummyHostnameVerifier()); } catch (KeyManagementException e) { throw new IOException(e.getMessage()); } catch (NoSuchAlgorithmException e) { @@ -980,4 +984,11 @@ public class TransportHttp extends HttpTransport implements WalkTransport, // no check } } + + private static class DummyHostnameVerifier implements HostnameVerifier { + public boolean verify(String hostname, SSLSession session) { + // always accept + return true; + } + } } |