Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

HTTPCLIENT-1346: Ensure propagation of SSL handshake exceptions 

Contributed by Pasi Eronen <pe at iki.fi>

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1471292 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Oleg Kalnichevski 2013-04-24 08:42:29 +00:00
parent 228e85deb7
commit 53e3c07805
3 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
RELEASE_NOTES.txt
View File

@ -1,6 +1,9 @@
Changes since release 4.3 BETA1 Changes since release 4.3 BETA1
------------------- -------------------
* [HTTPCLIENT-1346] Ensure propagation of SSL handshake exceptions.
Contributed by Pasi Eronen <pe at iki.fi>
* [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher * [HTTPCLIENT-1343] SSLSocketFactory optional parameters for supported SSL protocols and cipher
suites. suites.
Contributed by Oleg Kalnichevski <olegk at apache.org> Contributed by Oleg Kalnichevski <olegk at apache.org>

13
httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
View File

@ -562,7 +562,9 @@ public class SSLSocketFactory implements LayeredConnectionSocketFactory, SchemeL
} }
// Setup SSL layering if necessary // Setup SSL layering if necessary
if (sock instanceof SSLSocket) { if (sock instanceof SSLSocket) {
verifyHostname((SSLSocket) sock, host.getHostName()); final SSLSocket sslsock = (SSLSocket) sock;
sslsock.startHandshake();
verifyHostname(sslsock, host.getHostName());
} else { } else {
sock = createLayeredSocket(sock, host.getHostName(), remoteAddress.getPort(), context); sock = createLayeredSocket(sock, host.getHostName(), remoteAddress.getPort(), context);
} }
@ -574,14 +576,15 @@ public class SSLSocketFactory implements LayeredConnectionSocketFactory, SchemeL
final String target, final String target,
final int port, final int port,
final HttpContext context) throws IOException, UnknownHostException { final HttpContext context) throws IOException, UnknownHostException {
final SSLSocket sslSocket = (SSLSocket) this.socketfactory.createSocket( final SSLSocket sslsock = (SSLSocket) this.socketfactory.createSocket(
socket, socket,
target, target,
port, port,
true); true);
internalPrepareSocket(sslSocket); internalPrepareSocket(sslsock);
verifyHostname(sslSocket, target); sslsock.startHandshake();
return sslSocket; verifyHostname(sslsock, target);
return sslsock;
} }
private void verifyHostname(final SSLSocket sslsock, final String hostname) throws IOException { private void verifyHostname(final SSLSocket sslsock, final String hostname) throws IOException {

3
httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
View File

@ -39,6 +39,7 @@ import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext; import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException; import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket; import javax.net.ssl.SSLSocket;
@ -156,7 +157,7 @@ public class TestSSLSocketFactory extends LocalServerTestBase {
Assert.assertTrue(hostVerifier.isFired()); Assert.assertTrue(hostVerifier.isFired());
} }
@Test(expected=SSLPeerUnverifiedException.class) @Test(expected=SSLHandshakeException.class)
public void testSSLTrustVerification() throws Exception { public void testSSLTrustVerification() throws Exception {
final HttpHost host = new HttpHost("localhost", 443, "https"); final HttpHost host = new HttpHost("localhost", 443, "https");
final HttpContext context = new BasicHttpContext(); final HttpContext context = new BasicHttpContext();