Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-09 23:15:43 +01:00
Code Issues Packages Projects Releases Activity

added options to disable ssl verification

Browse Source
This commit is contained in:
Sebastian Sdorra
2012-06-04 13:59:52 +02:00
parent d9cedfd8b1
commit 12e56b46d8
4 changed files with 247 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
scm-core/src/main/java/sonia/scm/net/HttpRequest.java
View File

@@ -182,6 +182,30 @@ public class HttpRequest
return decodeGZip;
}
/**
* Method description
*
*
* @return
* @since 1.17
*/
public boolean isDisableCertificateValidation()
{
return disableCertificateValidation;
}
/**
* Method description
*
*
* @return
* @since 1.17
*/
public boolean isDisableHostnameValidation()
{
return disableHostnameValidation;
}
//~--- set methods ----------------------------------------------------------
/**
@@ -214,9 +238,35 @@ public class HttpRequest
public HttpRequest setDecodeGZip(boolean decodeGZip)
{
this.decodeGZip = decodeGZip;
return this;
}
/**
* Method description
*
*
* @param disableCertificateValidation
* @since 1.17
*/
public void setDisableCertificateValidation(
boolean disableCertificateValidation)
{
this.disableCertificateValidation = disableCertificateValidation;
}
/**
* Method description
*
*
* @param disableHostnameValidation
* @since 1.17
*/
public void setDisableHostnameValidation(boolean disableHostnameValidation)
{
this.disableHostnameValidation = disableHostnameValidation;
}
/**
* Method description
*
@@ -276,6 +326,12 @@ public class HttpRequest
//~--- fields ---------------------------------------------------------------
/** Field description */
private boolean disableHostnameValidation = false;
/** Field description */
private boolean disableCertificateValidation = false;
/** Field description */
private boolean decodeGZip = false;

60
scm-webapp/src/main/java/sonia/scm/net/TrustAllHostnameVerifier.java Normal file
View File

@@ -0,0 +1,60 @@
/**
* Copyright (c) 2010, Sebastian Sdorra All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. 2. Redistributions in
* binary form must reproduce the above copyright notice, this list of
* conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution. 3. Neither the name of SCM-Manager;
* nor the names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm.net;
//~--- JDK imports ------------------------------------------------------------
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
/**
*
* @author Sebastian Sdorra
*/
public class TrustAllHostnameVerifier implements HostnameVerifier
{
/**
* Method description
*
*
* @param hostname
* @param session
*
* @return
*/
@Override
public boolean verify(String hostname, SSLSession session)
{
return true;
}
}

87
scm-webapp/src/main/java/sonia/scm/net/TrustAllTrustManager.java Normal file
View File

@@ -0,0 +1,87 @@
/**
* Copyright (c) 2010, Sebastian Sdorra All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. 2. Redistributions in
* binary form must reproduce the above copyright notice, this list of
* conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution. 3. Neither the name of SCM-Manager;
* nor the names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm.net;
//~--- JDK imports ------------------------------------------------------------
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509TrustManager;
/**
*
* @author Sebastian Sdorra
*/
public class TrustAllTrustManager implements X509TrustManager
{
/**
* Method description
*
*
* @param chain
* @param authType
*
* @throws CertificateException
*/
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
/**
* Method description
*
*
* @param chain
* @param authType
*
* @throws CertificateException
*/
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {}
//~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
@Override
public X509Certificate[] getAcceptedIssuers()
{
return null;
}
}

42
scm-webapp/src/main/java/sonia/scm/net/URLHttpClient.java
View File

@@ -64,6 +64,10 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
/**
*
* @author Sebastian Sdorra
@@ -383,6 +387,39 @@ public class URLHttpClient implements HttpClient
}
}
/**
* Method description
*
*
* @param request
* @param connection
*/
private void applySSLSettings(HttpRequest request,
HttpsURLConnection connection)
{
if (request.isDisableCertificateValidation())
{
try
{
TrustManager[] trustAllCerts = new TrustManager[] {
new TrustAllTrustManager() };
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
connection.setSSLSocketFactory(sc.getSocketFactory());
}
catch (Exception ex)
{
logger.error("could not disable certificate validation", ex);
}
}
if (request.isDisableHostnameValidation())
{
connection.setHostnameVerifier(new TrustAllHostnameVerifier());
}
}
/**
* Method description
*
@@ -514,6 +551,11 @@ public class URLHttpClient implements HttpClient
connection = (HttpURLConnection) url.openConnection();
}
if (connection instanceof HttpsURLConnection)
{
applySSLSettings(request, (HttpsURLConnection) connection);
}
connection.setReadTimeout(TIMEOUT_RAED);
connection.setConnectTimeout(TIMEOUT_CONNECTION);