Merge pull request #702 from dkoper/master

decouple use of provider's SSLContext from trustAllCerts setting
This commit is contained in:
Adrian Cole 2012-07-05 22:47:38 -07:00
commit 6359db8c5b
2 changed files with 8 additions and 8 deletions

View File

@ -62,7 +62,7 @@ public class SSLModule extends AbstractModule {
* @author Adrian Cole
*/
@Singleton
static class LogToMapHostnameVerifier implements HostnameVerifier {
public static class LogToMapHostnameVerifier implements HostnameVerifier {
@Resource
private Logger logger = Logger.NULL;
private final Map<String, String> sslMap = Maps.newHashMap();;
@ -104,7 +104,7 @@ public class SSLModule extends AbstractModule {
* @author Adrian Cole
*/
@Singleton
static class TrustAllCerts implements X509TrustManager {
public static class TrustAllCerts implements X509TrustManager {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

View File

@ -89,7 +89,7 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
private final HostnameVerifier verifier;
private final Field methodField;
@Inject(optional = true)
Supplier<SSLContext> trustedSSLContextProvider;
Supplier<SSLContext> sslContextSupplier;
@Inject
public JavaUrlHttpCommandExecutorService(HttpUtils utils, ContentMetadataCodec contentMetadataCodec,
@ -186,12 +186,12 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
HttpsURLConnection sslCon = (HttpsURLConnection) connection;
if (utils.relaxHostname())
sslCon.setHostnameVerifier(verifier);
if (utils.trustAllCerts()) {
sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
} else if (trustedSSLContextProvider != null) {
// used for providers which use certs for authentication (like FGCP)
if (sslContextSupplier != null) {
// used for providers which e.g. use certs for authentication (like FGCP)
// Provider provides SSLContext impl (which inits context with key manager)
sslCon.setSSLSocketFactory(trustedSSLContextProvider.get().getSocketFactory());
sslCon.setSSLSocketFactory(sslContextSupplier.get().getSocketFactory());
} else if (utils.trustAllCerts()) {
sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
}
}
connection.setConnectTimeout(utils.getConnectionTimeout());