From 92b7e8cd971868505d0f22ee5cfc12a68ee91b80 Mon Sep 17 00:00:00 2001 From: Oleg Kalnichevski Date: Sat, 23 Nov 2013 11:09:04 +0000 Subject: [PATCH] HTTPCLIENT-1119: SNI support (Oracle Java 1.7+ only). Contributed by Bruno Harbulot git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1544769 13f79535-47bb-0310-9956-ffa450edef68 --- RELEASE_NOTES.txt | 3 ++ .../conn/ssl/SSLConnectionSocketFactory.java | 23 ++++++------- .../http/conn/ssl/TestSSLSocketFactory.java | 32 ++++++++----------- 3 files changed, 26 insertions(+), 32 deletions(-) diff --git a/RELEASE_NOTES.txt b/RELEASE_NOTES.txt index c08c8de41..24f1bbd8b 100644 --- a/RELEASE_NOTES.txt +++ b/RELEASE_NOTES.txt @@ -1,6 +1,9 @@ Changes since 4.3.1 ------------------- +* [HTTPCLIENT-1119] SNI support (Oracle Java 1.7+ only). + Contributed by Bruno Harbulot + * [HTTPCLIENT-1435] Fluent Executor ignores custom request properties. Contributed by Oleg Kalnichevski diff --git a/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java b/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java index a82deaf67..e2d656595 100644 --- a/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java +++ b/httpclient/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java @@ -34,6 +34,7 @@ import org.apache.http.protocol.HttpContext; import org.apache.http.util.Args; import org.apache.http.util.TextUtils; +import javax.net.SocketFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import java.io.IOException; @@ -217,20 +218,8 @@ public class SSLConnectionSocketFactory implements LayeredConnectionSocketFactor protected void prepareSocket(final SSLSocket socket) throws IOException { } - private void internalPrepareSocket(final SSLSocket socket) throws IOException { - if (supportedProtocols != null) { - socket.setEnabledProtocols(supportedProtocols); - } - if (supportedCipherSuites != null) { - socket.setEnabledCipherSuites(supportedCipherSuites); - } - prepareSocket(socket); - } - public Socket createSocket(final HttpContext context) throws IOException { - final SSLSocket sock = (SSLSocket) this.socketfactory.createSocket(); - internalPrepareSocket(sock); - return sock; + return SocketFactory.getDefault().createSocket(); } public Socket connectSocket( @@ -276,7 +265,13 @@ public class SSLConnectionSocketFactory implements LayeredConnectionSocketFactor target, port, true); - internalPrepareSocket(sslsock); + if (supportedProtocols != null) { + sslsock.setEnabledProtocols(supportedProtocols); + } + if (supportedCipherSuites != null) { + sslsock.setEnabledCipherSuites(supportedCipherSuites); + } + prepareSocket(sslsock); sslsock.startHandshake(); verifyHostname(sslsock, target); return sslsock; diff --git a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java index 7258c840c..9b2b831b4 100644 --- a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java +++ b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java @@ -126,10 +126,10 @@ public class TestSSLSocketFactory extends LocalServerTestBase { final TestX509HostnameVerifier hostVerifier = new TestX509HostnameVerifier(); final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( clientSSLContext, hostVerifier); - SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); - socket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); - final SSLSession sslsession = socket.getSession(); + final SSLSocket sslSocket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); + final SSLSession sslsession = sslSocket.getSession(); Assert.assertNotNull(sslsession); Assert.assertTrue(hostVerifier.isFired()); @@ -156,10 +156,10 @@ public class TestSSLSocketFactory extends LocalServerTestBase { final HttpContext context = new BasicHttpContext(); final TestX509HostnameVerifier hostVerifier = new TestX509HostnameVerifier(); final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(clientSSLContext, hostVerifier); - SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); - socket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); - final SSLSession sslsession = socket.getSession(); + final SSLSocket sslSocket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); + final SSLSession sslsession = sslSocket.getSession(); Assert.assertNotNull(sslsession); Assert.assertTrue(hostVerifier.isFired()); @@ -185,10 +185,10 @@ public class TestSSLSocketFactory extends LocalServerTestBase { final HttpContext context = new BasicHttpContext(); final TestX509HostnameVerifier hostVerifier = new TestX509HostnameVerifier(); final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(clientSSLContext, hostVerifier); - SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); - socket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); - final SSLSession sslsession = socket.getSession(); + final SSLSocket sslSocket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); + final SSLSession sslsession = sslSocket.getSession(); Assert.assertNotNull(sslsession); Assert.assertTrue(hostVerifier.isFired()); @@ -227,10 +227,10 @@ public class TestSSLSocketFactory extends LocalServerTestBase { final HttpContext context = new BasicHttpContext(); final TestX509HostnameVerifier hostVerifier = new TestX509HostnameVerifier(); final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(clientSSLContext, hostVerifier); - SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); - socket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); - final SSLSession sslsession = socket.getSession(); + final SSLSocket sslSocket = (SSLSocket) socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); + final SSLSession sslsession = sslSocket.getSession(); Assert.assertNotNull(sslsession); Assert.assertTrue(hostVerifier.isFired()); @@ -243,10 +243,6 @@ public class TestSSLSocketFactory extends LocalServerTestBase { .loadTrustMaterial(keystore) .loadKeyMaterial(keystore, "nopassword".toCharArray()) .build(); - final SSLContext clientSSLContext = SSLContexts.custom() - .useProtocol("TLS") - .loadTrustMaterial(keystore) - .build(); this.localServer = new LocalTestServer(serverSSLContext); this.localServer.registerDefaultHandlers(); @@ -260,7 +256,7 @@ public class TestSSLSocketFactory extends LocalServerTestBase { final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(defaultsslcontext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - final SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); } @@ -295,7 +291,7 @@ public class TestSSLSocketFactory extends LocalServerTestBase { sslcontext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - final SSLSocket socket = (SSLSocket) socketFactory.createSocket(context); + final Socket socket = socketFactory.createSocket(context); final InetSocketAddress remoteAddress = this.localServer.getServiceAddress(); socketFactory.connectSocket(0, socket, host, remoteAddress, null, context); }