added options to disable ssl verification

2025-11-10 07:25:44 +01:00 · 2012-06-04 13:59:52 +02:00
parent d9cedfd8b1
commit 12e56b46d8
4 changed files with 247 additions and 2 deletions
--- a/scm-webapp/src/main/java/sonia/scm/net/URLHttpClient.java
+++ b/scm-webapp/src/main/java/sonia/scm/net/URLHttpClient.java
@@ -64,6 +64,10 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;

+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+
 /**
 *
 * @author Sebastian Sdorra
@@ -383,6 +387,39 @@ public class URLHttpClient implements HttpClient
    }
  }

+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param connection
+   */
+  private void applySSLSettings(HttpRequest request,
+                                HttpsURLConnection connection)
+  {
+    if (request.isDisableCertificateValidation())
+    {
+      try
+      {
+        TrustManager[] trustAllCerts = new TrustManager[] {
+                                         new TrustAllTrustManager() };
+        SSLContext sc = SSLContext.getInstance("SSL");
+
+        sc.init(null, trustAllCerts, new java.security.SecureRandom());
+        connection.setSSLSocketFactory(sc.getSocketFactory());
+      }
+      catch (Exception ex)
+      {
+        logger.error("could not disable certificate validation", ex);
+      }
+    }
+
+    if (request.isDisableHostnameValidation())
+    {
+      connection.setHostnameVerifier(new TrustAllHostnameVerifier());
+    }
+  }
+
  /**
   * Method description
   *
@@ -514,6 +551,11 @@ public class URLHttpClient implements HttpClient
      connection = (HttpURLConnection) url.openConnection();
    }

+    if (connection instanceof HttpsURLConnection)
+    {
+      applySSLSettings(request, (HttpsURLConnection) connection);
+    }
+
    connection.setReadTimeout(TIMEOUT_RAED);
    connection.setConnectTimeout(TIMEOUT_CONNECTION);