Merge pull request #701 from dkoper/master

adding hook to allow provider specific SSLContext for HTTPS communication
2012-07-05 19:00:46 -07:00 · 2012-07-05 19:00:46 -07:00 · 270b0d92f6
parent 9f05a64c8d 4cbf02f0bc
commit 270b0d92f6
1 changed files with 10 additions and 3 deletions
--- a/core/src/main/java/org/jclouds/http/internal/JavaUrlHttpCommandExecutorService.java
+++ b/core/src/main/java/org/jclouds/http/internal/JavaUrlHttpCommandExecutorService.java
@ -44,7 +44,6 @@ import java.util.Map;
 import java.util.concurrent.ExecutorService;

 import javax.annotation.Resource;
-import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
 import javax.net.ssl.HostnameVerifier;
@ -71,6 +70,7 @@ import com.google.common.base.Supplier;
 import com.google.common.collect.ImmutableMultimap;
 import com.google.common.collect.ImmutableMultimap.Builder;
 import com.google.common.io.CountingOutputStream;
+import com.google.inject.Inject;

 /**
 * Basic implementation of a {@link HttpCommandExecutorService}.
@ -88,6 +88,8 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
   private final Supplier<SSLContext> untrustedSSLContextProvider;
   private final HostnameVerifier verifier;
   private final Field methodField;
+   @Inject(optional = true)
+   Supplier<SSLContext> trustedSSLContextProvider;

   @Inject
   public JavaUrlHttpCommandExecutorService(HttpUtils utils, ContentMetadataCodec contentMetadataCodec,
@ -184,8 +186,13 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
         HttpsURLConnection sslCon = (HttpsURLConnection) connection;
         if (utils.relaxHostname())
            sslCon.setHostnameVerifier(verifier);
-         if (utils.trustAllCerts())
+         if (utils.trustAllCerts()) {
             sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
+         } else if (trustedSSLContextProvider != null) {
+             // used for providers which use certs for authentication (like FGCP)
+             // Provider provides SSLContext impl (which inits context with key manager)
+             sslCon.setSSLSocketFactory(trustedSSLContextProvider.get().getSocketFactory());
+         }
      }
      connection.setConnectTimeout(utils.getConnectionTimeout());
      connection.setReadTimeout(utils.getSocketOpenTimeout());