1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
Description: Remove the code disabling the SSL certificate validation
Author: Emmanuel Bourg <ebourg@apache.org>
Forwarded: not-needed
--- a/src/main/java/com/ning/http/util/SslUtils.java
+++ b/src/main/java/com/ning/http/util/SslUtils.java
@@ -51,11 +51,7 @@
public static SSLContext getSSLContext()
throws GeneralSecurityException, IOException {
SSLConfig config = new SSLConfig();
- if (config.keyStoreLocation == null || config.trustStoreLocation == null) {
- return getLooseSSLContext();
- } else {
- return getStrictSSLContext(config);
- }
+ return getStrictSSLContext(config);
}
static SSLContext getStrictSSLContext(SSLConfig config)
@@ -95,29 +91,6 @@
return context;
}
- static SSLContext getLooseSSLContext()
- throws GeneralSecurityException {
- SSLContext sslContext = SSLContext.getInstance("TLS");
- sslContext.init(null, new TrustManager[]{LooseTrustManager.INSTANCE}, new SecureRandom());
- return sslContext;
- }
-
- static class LooseTrustManager
- implements X509TrustManager {
-
- public static final LooseTrustManager INSTANCE = new LooseTrustManager();
-
- public java.security.cert.X509Certificate[] getAcceptedIssuers() {
- return null;
- }
-
- public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
- }
-
- public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
- }
- }
-
private final static class SSLConfig {
public String keyStoreLocation;
--- a/src/main/java/com/ning/http/client/providers/apache/ApacheAsyncHttpProvider.java
+++ b/src/main/java/com/ning/http/client/providers/apache/ApacheAsyncHttpProvider.java
@@ -130,24 +130,6 @@
private final MultiThreadedHttpConnectionManager connectionManager;
private final HttpClientParams params;
- static {
- final SocketFactory factory = new TrustingSSLSocketFactory();
- Protocol.registerProtocol("https", new Protocol("https", new ProtocolSocketFactory() {
- public Socket createSocket(String string, int i, InetAddress inetAddress, int i1) throws IOException {
- return factory.createSocket(string, i, inetAddress, i1);
- }
-
- public Socket createSocket(String string, int i, InetAddress inetAddress, int i1, HttpConnectionParams httpConnectionParams)
- throws IOException {
- return factory.createSocket(string, i, inetAddress, i1);
- }
-
- public Socket createSocket(String string, int i) throws IOException {
- return factory.createSocket(string, i);
- }
- }, 443));
- }
-
public ApacheAsyncHttpProvider(AsyncHttpClientConfig config) {
this.config = config;
connectionManager = new MultiThreadedHttpConnectionManager();
@@ -732,72 +714,6 @@
}
}
- private static class TrustingSSLSocketFactory extends SSLSocketFactory {
- private SSLSocketFactory delegate;
-
- private TrustingSSLSocketFactory() {
- try {
- SSLContext sslcontext = SSLContext.getInstance("SSL");
-
- sslcontext.init(null, new TrustManager[]{new TrustEveryoneTrustManager()}, new SecureRandom());
- delegate = sslcontext.getSocketFactory();
- } catch (KeyManagementException e) {
- throw new IllegalStateException();
- } catch (NoSuchAlgorithmException e) {
- throw new IllegalStateException();
- }
- }
-
- @Override
- public Socket createSocket(String s, int i) throws IOException, UnknownHostException {
- return delegate.createSocket(s, i);
- }
-
- @Override
- public Socket createSocket(String s, int i, InetAddress inetAddress, int i1) throws IOException, UnknownHostException {
- return delegate.createSocket(s, i, inetAddress, i1);
- }
-
- @Override
- public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
- return delegate.createSocket(inetAddress, i);
- }
-
- @Override
- public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress1, int i1) throws IOException {
- return delegate.createSocket(inetAddress, i, inetAddress1, i1);
- }
-
- @Override
- public String[] getDefaultCipherSuites() {
- return delegate.getDefaultCipherSuites();
- }
-
- @Override
- public String[] getSupportedCipherSuites() {
- return delegate.getSupportedCipherSuites();
- }
-
- @Override
- public Socket createSocket(Socket socket, String s, int i, boolean b) throws IOException {
- return delegate.createSocket(socket, s, i, b);
- }
- }
-
- private static class TrustEveryoneTrustManager implements X509TrustManager {
- public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
- // do nothing
- }
-
- public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
- // do nothing
- }
-
- public X509Certificate[] getAcceptedIssuers() {
- return new X509Certificate[0];
- }
- }
-
private final class ReaperFuture implements Future, Runnable {
private Future scheduledFuture;
private ApacheResponseFuture<?> apacheResponseFuture;
|
