Better SSL initialization for fluent Executor

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1299041 13f79535-47bb-0310-9956-ffa450edef68
2012-03-09 20:42:32 +00:00 · 2012-03-09 20:42:32 +00:00 · cef44fa283
parent a5ba13fbd7
commit cef44fa283
2 changed files with 29 additions and 9 deletions
--- a/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java
+++ b/fluent-hc/src/main/java/org/apache/http/client/fluent/Executor.java
@ -27,6 +27,10 @@
 package org.apache.http.client.fluent;

 import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.SSLContext;

 import org.apache.http.HttpHost;
 import org.apache.http.auth.AuthScope;
@ -41,15 +45,17 @@ import org.apache.http.client.CredentialsProvider;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpRequestBase;
 import org.apache.http.client.protocol.ClientContext;
+import org.apache.http.conn.scheme.PlainSocketFactory;
 import org.apache.http.conn.scheme.Scheme;
 import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.scheme.SchemeSocketFactory;
 import org.apache.http.conn.ssl.SSLInitializationException;
+import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.impl.auth.BasicScheme;
 import org.apache.http.impl.client.BasicAuthCache;
 import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.http.impl.conn.PoolingClientConnectionManager;
-import org.apache.http.impl.conn.SchemeRegistryFactory;
 import org.apache.http.protocol.BasicHttpContext;

 public class Executor {
@ -58,11 +64,25 @@ public class Executor {
    final static DefaultHttpClient CLIENT;

    static {
-        SchemeRegistry schemeRegistry;
+        SchemeRegistry schemeRegistry = new SchemeRegistry();
+        SchemeSocketFactory plain = PlainSocketFactory.getSocketFactory();
+        schemeRegistry.register(new Scheme("http", 80, plain));
+        SchemeSocketFactory ssl = null;
        try {
-            schemeRegistry = SchemeRegistryFactory.createSystemDefault();
+            ssl = SSLSocketFactory.getSystemSocketFactory();
        } catch (SSLInitializationException ex) {
-            schemeRegistry = SchemeRegistryFactory.createDefault();
+            SSLContext sslcontext;
+            try {
+                sslcontext = SSLContext.getInstance(SSLSocketFactory.TLS);
+                sslcontext.init(null, null, null);
+                ssl = new SSLSocketFactory(sslcontext);
+            } catch (SecurityException ignore) {
+            } catch (KeyManagementException ignore) {
+            } catch (NoSuchAlgorithmException ignore) {
+            }
+        }
+        if (ssl != null) {
+            schemeRegistry.register(new Scheme("https", 443, ssl));
        }
        CONNMGR = new PoolingClientConnectionManager(schemeRegistry);
        CONNMGR.setDefaultMaxPerRoute(100);
--- a/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
+++ b/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
@ -171,7 +171,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
     *
     * @return the default SSL socket factory
     */
-    public static SSLSocketFactory getSocketFactory() {
+    public static SSLSocketFactory getSocketFactory() throws SSLInitializationException {
        return new SSLSocketFactory(createDefaultSSLContext());
    }

@ -200,7 +200,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
     *
     * @return the system SSL socket factory
     */
-    public static SSLSocketFactory getSystemSocketFactory() {
+    public static SSLSocketFactory getSystemSocketFactory() throws SSLInitializationException {
        return new SSLSocketFactory(createSystemSSLContext());
    }

@ -353,7 +353,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
        return sslcontext;
    }

-    private static SSLContext createDefaultSSLContext() {
+    private static SSLContext createDefaultSSLContext() throws SSLInitializationException {
        try {
            return createSSLContext(TLS, null, null, null, null, null);
        } catch (Exception ex) {
@ -361,7 +361,7 @@ public class SSLSocketFactory implements SchemeLayeredSocketFactory,
        }
    }

-    private static SSLContext createSystemSSLContext() {
+    private static SSLContext createSystemSSLContext() throws SSLInitializationException {
        try {
            return createSystemSSLContext(TLS, null);
        } catch (Exception ex) {