Commit 26a53d96 by adia

bugfix: got SSLPeerUnverifiedException

parent 6842d65e
group 'com.ipgallery.common'
version '1.3.4'
version '1.3.5'
apply plugin: 'java'
apply plugin: 'maven-publish'
......@@ -15,7 +15,7 @@ repositories {
//or to be able to use one
//mavenLocal()
maven { url "http://mandubian-mvn.googlecode.com/svn/trunk/mandubian-mvn/repository" }
maven { url "http://mandubian-mvn.googlecode.com/svn/trunk/mandubian-mvn/repository" }
maven { url "http://mandubian-mvn.googlecTrusode.com/svn/trunk/mandubian-mvn/repository" }
maven { url "https://municipalitybank.com:8081/repository/internal" }
}
......
......@@ -15,12 +15,13 @@ import org.apache.http.config.RegistryBuilder;
import org.apache.http.config.SocketConfig;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.*;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.*;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.*;
import java.io.*;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
......@@ -32,7 +33,6 @@ import java.util.Map;
//import javax.ws.rs.core.MediaType;
//import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.SSLContextBuilder;
......@@ -82,37 +82,44 @@ public class SimpleHttpClient {
requestTimeout = Integer.valueOf(System.getProperty("SimpleHttpClient." + this.instanceName + ".maxRequestTimeout", DEF_SOCKET_TIMEOUT));
this.requestTimeout = requestTimeout;
// create an SSL context which trusts any certificate !
// org.apache.http.ssl.SSLContextBuilder sslContextBuilder = SSLContextBuilder.create();
// sslContextBuilder.loadTrustMaterial(new org.apache.http.conn.ssl.TrustSelfSignedStrategy());
// SSLContext sslContext = sslContextBuilder.build();
// org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory =
// new SSLConnectionSocketFactory(sslContext, new org.apache.http.conn.ssl.DefaultHostnameVerifier());
org.apache.http.ssl.SSLContextBuilder sslContextBuilder = SSLContextBuilder.create();
sslContextBuilder.loadTrustMaterial(new org.apache.http.conn.ssl.TrustSelfSignedStrategy());
//SSLContext sslContext = sslContextBuilder.build();
SSLContext sslContext = SSLContexts
.custom()
//FIXME to contain real trust store
.loadTrustMaterial(new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
return true;
}
})
.build();
org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory =
new SSLConnectionSocketFactory(sslContext, new org.apache.http.conn.ssl.DefaultHostnameVerifier());
// create SSL context with no SSL host/peer/certificate verfifications
SSLContext sslContext = SSLContext.getInstance("TLS");
X509TrustManager tm = new X509TrustManager() {
@Override
public void checkClientTrusted(
java.security.cert.X509Certificate[] chain,
String authType)
throws java.security.cert.CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(
java.security.cert.X509Certificate[] chain,
String authType)
throws java.security.cert.CertificateException {
// TODO Auto-generated method stub
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
// TODO Auto-generated method stub
return null;
}
};
sslContext.init(null, new TrustManager[] { tm }, null);
org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory =
new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
// create scheme for http & https
RegistryBuilder<ConnectionSocketFactory> schemeRegistry = RegistryBuilder.create();
schemeRegistry.register("http", PlainConnectionSocketFactory.getSocketFactory());
SSLConnectionSocketFactory sf = new SSLConnectionSocketFactory(sslContext);
schemeRegistry.register("https", sf);
schemeRegistry.register("https", /*sf*/sslSocketFactory);
// create connection pool manager
PoolingHttpClientConnectionManager pool = new PoolingHttpClientConnectionManager(schemeRegistry.build());
......@@ -122,6 +129,7 @@ public class SimpleHttpClient {
// create the http client
HttpClientBuilder httpClientBuilder = HttpClients.custom()
.setSSLHostnameVerifier(new NoopHostnameVerifier())
.setSSLSocketFactory(sslSocketFactory)
.setConnectionManager(pool);
httpClient = httpClientBuilder.build();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment