Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Treat System#getProperty as a privileged action

This commit is contained in:
Oleg Kalnichevski 2017-11-13 10:46:09 +01:00
parent 3db1228242
commit 703b7968c5
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
httpclient5/src/main/java/org/apache/hc/client5/http/ssl/H2TlsStrategy.java
View File

@ -28,6 +28,8 @@
package org.apache.hc.client5.http.ssl;
import java.net.SocketAddress;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@ -73,6 +75,14 @@ public class H2TlsStrategy implements TlsStrategy {
return s.split(" *, *");
}
private static String getProperty(final String key) {
return AccessController.doPrivileged(new PrivilegedAction<String>() {
@Override
public String run() {
return System.getProperty(key);
}
});
}
public static HostnameVerifier getDefaultHostnameVerifier() {
return new DefaultHostnameVerifier(PublicSuffixMatcherLoader.getDefault());
}
@ -86,8 +96,8 @@ public class H2TlsStrategy implements TlsStrategy {
public static TlsStrategy getSystemDefault() {
return new H2TlsStrategy(
SSLContexts.createSystemDefault(),
split(System.getProperty("https.protocols")),
split(System.getProperty("https.cipherSuites")),
split(getProperty("https.protocols")),
split(getProperty("https.cipherSuites")),
SSLBufferManagement.STATIC,
getDefaultHostnameVerifier());
}