From cef44fa2833f296ee283ab69d182757fb9babe40 Mon Sep 17 00:00:00 2001
From: Oleg Kalnichevski <olegk@apache.org>
Date: Fri, 9 Mar 2012 20:42:32 +0000
Subject: [PATCH] Better SSL initialization for fluent Executor

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1299041 13f79535-47bb-0310-9956-ffa450edef68
---
 .../apache/http/client/fluent/Executor.java   | 30 +++++++++++++++----
 .../http/conn/ssl/SSLSocketFactory.java       |  8 ++---
 2 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java b/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java
index de008b986..9c2cef46a 100644
--- a/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java
+++ b/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java
@@ -27,6 +27,10 @@
 package org.apache.http.client.fluent;
 
 import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;
 
 import org.apache.http.HttpHost;
 import org.apache.http.auth.AuthScope;
@@ -41,28 +45,44 @@ import org.apache.http.client.CredentialsProvider;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpRequestBase;
 import org.apache.http.client.protocol.ClientContext;
+import org.apache.http.conn.scheme.PlainSocketFactory;
 import org.apache.http.conn.scheme.Scheme;
 import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.scheme.SchemeSocketFactory;
 import org.apache.http.conn.ssl.SSLInitializationException;
+import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.impl.auth.BasicScheme;
 import org.apache.http.impl.client.BasicAuthCache;
 import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.impl.conn.PoolingClientConnectionManager;
-import org.apache.http.impl.conn.SchemeRegistryFactory;
 import org.apache.http.protocol.BasicHttpContext;
 
 public class Executor {
 
     final static PoolingClientConnectionManager CONNMGR;
     final static DefaultHttpClient CLIENT;
-    
+
     static {
-        SchemeRegistry schemeRegistry;
+        SchemeRegistry schemeRegistry = new SchemeRegistry();
+        SchemeSocketFactory plain = PlainSocketFactory.getSocketFactory();
+        schemeRegistry.register(new Scheme("http", 80, plain));
+        SchemeSocketFactory ssl = null;
         try {
-            schemeRegistry = SchemeRegistryFactory.createSystemDefault();
+            ssl = SSLSocketFactory.getSystemSocketFactory();
         } catch (SSLInitializationException ex) {
-            schemeRegistry = SchemeRegistryFactory.createDefault();
+            SSLContext sslcontext;
+            try {
+                sslcontext = SSLContext.getInstance(SSLSocketFactory.TLS);
+                sslcontext.init(null, null, null);
+                ssl = new SSLSocketFactory(sslcontext);
+            } catch (SecurityException ignore) {
+            } catch (KeyManagementException ignore) {
+            } catch (NoSuchAlgorithmException ignore) {
+            }
+        }
+        if (ssl != null) {
+            schemeRegistry.register(new Scheme("https", 443, ssl));
         }
         CONNMGR = new PoolingClientConnectionManager(schemeRegistry);
         CONNMGR.setDefaultMaxPerRoute(100);
diff --git a/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java b/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
index f2592a4cc..95036902e 100644
--- a/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
+++ b/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
@@ -171,7 +171,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
      *
      * @return the default SSL socket factory
      */
-    public static SSLSocketFactory getSocketFactory() {
+    public static SSLSocketFactory getSocketFactory() throws SSLInitializationException {
         return new SSLSocketFactory(createDefaultSSLContext());
     }
 
@@ -200,7 +200,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
      *
      * @return the system SSL socket factory
      */
-    public static SSLSocketFactory getSystemSocketFactory() {
+    public static SSLSocketFactory getSystemSocketFactory() throws SSLInitializationException {
         return new SSLSocketFactory(createSystemSSLContext());
     }
 
@@ -353,7 +353,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
         return sslcontext;
     }
 
-    private static SSLContext createDefaultSSLContext() {
+    private static SSLContext createDefaultSSLContext() throws SSLInitializationException {
         try {
             return createSSLContext(TLS, null, null, null, null, null);
         } catch (Exception ex) {
@@ -361,7 +361,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
         }
     }
 
-    private static SSLContext createSystemSSLContext() {
+    private static SSLContext createSystemSSLContext() throws SSLInitializationException {
         try {
             return createSystemSSLContext(TLS, null);
         } catch (Exception ex) {