mirror of https://github.com/apache/jclouds.git
Merge pull request #702 from dkoper/master
decouple use of provider's SSLContext from trustAllCerts setting
This commit is contained in:
commit
6359db8c5b
|
@ -62,7 +62,7 @@ public class SSLModule extends AbstractModule {
|
|||
* @author Adrian Cole
|
||||
*/
|
||||
@Singleton
|
||||
static class LogToMapHostnameVerifier implements HostnameVerifier {
|
||||
public static class LogToMapHostnameVerifier implements HostnameVerifier {
|
||||
@Resource
|
||||
private Logger logger = Logger.NULL;
|
||||
private final Map<String, String> sslMap = Maps.newHashMap();;
|
||||
|
@ -104,7 +104,7 @@ public class SSLModule extends AbstractModule {
|
|||
* @author Adrian Cole
|
||||
*/
|
||||
@Singleton
|
||||
static class TrustAllCerts implements X509TrustManager {
|
||||
public static class TrustAllCerts implements X509TrustManager {
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return null;
|
||||
}
|
||||
|
|
|
@ -89,7 +89,7 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
|
|||
private final HostnameVerifier verifier;
|
||||
private final Field methodField;
|
||||
@Inject(optional = true)
|
||||
Supplier<SSLContext> trustedSSLContextProvider;
|
||||
Supplier<SSLContext> sslContextSupplier;
|
||||
|
||||
@Inject
|
||||
public JavaUrlHttpCommandExecutorService(HttpUtils utils, ContentMetadataCodec contentMetadataCodec,
|
||||
|
@ -186,12 +186,12 @@ public class JavaUrlHttpCommandExecutorService extends BaseHttpCommandExecutorSe
|
|||
HttpsURLConnection sslCon = (HttpsURLConnection) connection;
|
||||
if (utils.relaxHostname())
|
||||
sslCon.setHostnameVerifier(verifier);
|
||||
if (utils.trustAllCerts()) {
|
||||
sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
|
||||
} else if (trustedSSLContextProvider != null) {
|
||||
// used for providers which use certs for authentication (like FGCP)
|
||||
if (sslContextSupplier != null) {
|
||||
// used for providers which e.g. use certs for authentication (like FGCP)
|
||||
// Provider provides SSLContext impl (which inits context with key manager)
|
||||
sslCon.setSSLSocketFactory(trustedSSLContextProvider.get().getSocketFactory());
|
||||
sslCon.setSSLSocketFactory(sslContextSupplier.get().getSocketFactory());
|
||||
} else if (utils.trustAllCerts()) {
|
||||
sslCon.setSSLSocketFactory(untrustedSSLContextProvider.get().getSocketFactory());
|
||||
}
|
||||
}
|
||||
connection.setConnectTimeout(utils.getConnectionTimeout());
|
||||
|
|
Loading…
Reference in New Issue