update no SSL validation mechanism

76785094 · Adi Amir · 66d4ed7b · 76785094 · 76785094
Commit 76785094 authored Jan 06, 2020 by Adi Amir
Showing with 25 additions and 2 deletions
build.gradle
src/main/java/http/simpleHttpClient/SimpleHttpClient.java
--- a/build.gradle
+++ b/build.gradle
 group 'com.ipgallery.common'
-version '1.3.1'
+version '1.3.2'

 apply plugin: 'java'
 apply plugin: 'maven-publish'

--- a/src/main/java/http/simpleHttpClient/SimpleHttpClient.java
+++ b/src/main/java/http/simpleHttpClient/SimpleHttpClient.java
@@ -15,12 +15,15 @@ import org.apache.http.config.RegistryBuilder;
 import org.apache.http.config.SocketConfig;
 import org.apache.http.conn.socket.ConnectionSocketFactory;
 import org.apache.http.conn.socket.PlainConnectionSocketFactory;
+import org.apache.http.conn.ssl.TrustStrategy;
 import org.apache.http.cookie.Cookie;
 import org.apache.http.impl.client.*;
 import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;

 import javax.net.ssl.SSLContext;
 import java.io.*;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -33,6 +36,7 @@ import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.protocol.BasicHttpContext;
 import org.apache.http.protocol.HttpContext;
 import org.apache.http.ssl.SSLContextBuilder;
+import org.apache.http.ssl.SSLContexts;

 public class SimpleHttpClient {

@@ -79,12 +83,31 @@ public class SimpleHttpClient {
 			this.requestTimeout = requestTimeout;

 			// create an SSL context which trusts any certificate !
+//			org.apache.http.ssl.SSLContextBuilder sslContextBuilder = SSLContextBuilder.create();
+//			sslContextBuilder.loadTrustMaterial(new org.apache.http.conn.ssl.TrustSelfSignedStrategy());
+//			SSLContext sslContext = sslContextBuilder.build();
+//			org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory =
+//					new SSLConnectionSocketFactory(sslContext, new org.apache.http.conn.ssl.DefaultHostnameVerifier());
+
 			org.apache.http.ssl.SSLContextBuilder sslContextBuilder = SSLContextBuilder.create();
 			sslContextBuilder.loadTrustMaterial(new org.apache.http.conn.ssl.TrustSelfSignedStrategy());
-			SSLContext sslContext = sslContextBuilder.build();
+			//SSLContext sslContext = sslContextBuilder.build();
+			SSLContext sslContext = SSLContexts
+					.custom()
+					//FIXME to contain real trust store
+					.loadTrustMaterial(new TrustStrategy() {
+						@Override
+						public boolean isTrusted(X509Certificate[] chain,
+												 String authType) throws CertificateException {
+							return true;
+						}
+					})
+					.build();
 			org.apache.http.conn.ssl.SSLConnectionSocketFactory sslSocketFactory =
 					new SSLConnectionSocketFactory(sslContext, new org.apache.http.conn.ssl.DefaultHostnameVerifier());

+
+
 			// create scheme for http & https
 			RegistryBuilder<ConnectionSocketFactory> schemeRegistry = RegistryBuilder.create();
 			schemeRegistry.register("http", PlainConnectionSocketFactory.getSocketFactory());