mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
Browse Source

Allow to reuse disableSslVerify method, move it to HttpSupport 

The disableSslVerify method will be used in the follow up change.

Change-Id: Ie00b5e14244a9a036cbdef94768007f1c25aa8d3
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
tags/v4.3.0.201603230630-rc1
Saša Živkov 8 years ago
parent
3bae524f6f
commit
a0e1374e22
2 changed files with 61 additions and 43 deletions
Split View Show Diff Stats
  1. 1
    43
      org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java
  2. 60
    0
      org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java

+ 1
- 43
org.eclipse.jgit/src/org/eclipse/jgit/transport/TransportHttp.java View File

@@ -67,9 +67,6 @@ import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
@@ -83,11 +80,6 @@ import java.util.TreeMap;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.eclipse.jgit.errors.NoRemoteRepositoryException;
import org.eclipse.jgit.errors.NotSupportedException;
import org.eclipse.jgit.errors.PackProtocolException;
@@ -538,7 +530,7 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
HttpConnection conn = connectionFactory.create(u, proxy);

if (!http.sslVerify && "https".equals(u.getProtocol())) { //$NON-NLS-1$
disableSslVerify(conn);
HttpSupport.disableSslVerify(conn);
}

conn.setRequestMethod(method);
@@ -562,19 +554,6 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
return conn;
}

private void disableSslVerify(HttpConnection conn)
throws IOException {
final TrustManager[] trustAllCerts = new TrustManager[] { new DummyX509TrustManager() };
try {
conn.configure(null, trustAllCerts, null);
conn.setHostnameVerifier(new DummyHostnameVerifier());
} catch (KeyManagementException e) {
throw new IOException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
}
}

final InputStream openInputStream(HttpConnection conn)
throws IOException {
InputStream input = conn.getInputStream();
@@ -1002,25 +981,4 @@ public class TransportHttp extends HttpTransport implements WalkTransport,
in.add(openInputStream(conn));
}
}

private static class DummyX509TrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(X509Certificate[] certs, String authType) {
// no check
}

public void checkServerTrusted(X509Certificate[] certs, String authType) {
// no check
}
}

private static class DummyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
// always accept
return true;
}
}
}

+ 60
- 0
org.eclipse.jgit/src/org/eclipse/jgit/util/HttpSupport.java View File

@@ -52,8 +52,16 @@ import java.net.ProxySelector;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.eclipse.jgit.internal.JGitText;
import org.eclipse.jgit.transport.http.HttpConnection;

@@ -62,6 +70,14 @@ public class HttpSupport {
/** The {@code GET} HTTP method. */
public static final String METHOD_GET = "GET"; //$NON-NLS-1$

/** The {@code HEAD} HTTP method.
* @since 4.3 */
public static final String METHOD_HEAD = "HEAD"; //$NON-NLS-1$

/** The {@code POST} HTTP method.
* @since 4.3 */
public static final String METHOD_PUT = "PUT"; //$NON-NLS-1$

/** The {@code POST} HTTP method. */
public static final String METHOD_POST = "POST"; //$NON-NLS-1$

@@ -234,6 +250,50 @@ public class HttpSupport {
}
}

/**
* Disable SSL and hostname verification for given HTTP connection
*
* @param conn
* @throws IOException
* @since 4.3
*/
public static void disableSslVerify(HttpConnection conn)
throws IOException {
final TrustManager[] trustAllCerts = new TrustManager[] {
new DummyX509TrustManager() };
try {
conn.configure(null, trustAllCerts, null);
conn.setHostnameVerifier(new DummyHostnameVerifier());
} catch (KeyManagementException e) {
throw new IOException(e.getMessage());
} catch (NoSuchAlgorithmException e) {
throw new IOException(e.getMessage());
}
}

private static class DummyX509TrustManager implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(X509Certificate[] certs,
String authType) {
// no check
}

public void checkServerTrusted(X509Certificate[] certs,
String authType) {
// no check
}
}

private static class DummyHostnameVerifier implements HostnameVerifier {
public boolean verify(String hostname, SSLSession session) {
// always accept
return true;
}
}

private HttpSupport() {
// Utility class only.
}

Write Preview
Loading…
Cancel
Save