@Override public Socket connectSocket( final int connectTimeout, final Socket socket, final HttpHost host, final InetSocketAddress remoteAddress, final InetSocketAddress localAddress, final HttpContext context) throws IOException { return factory.connectSocket(connectTimeout, socket, host, remoteAddress, localAddress, context); }
@Override public Socket createLayeredSocket( final Socket socket, final String target, final int port, final HttpContext context) throws IOException { return factory.createLayeredSocket(socket, target, port, context); }
@Override public Socket createSocket(final HttpContext context) throws IOException { return factory.createSocket(context); }
private SSLConnectionSocketFactory buildSSLConnectionSocketFactory() { try { return new SSLConnectionSocketFactory(createIgnoreVerifySSL(), new String[]{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}, null, new DefaultHostnameVerifier()); // 优先绕过安全证书 } catch (KeyManagementException e) { logger.error("ssl connection fail", e); } catch (NoSuchAlgorithmException e) { logger.error("ssl connection fail", e); } return SSLConnectionSocketFactory.getSocketFactory(); }
@Before public void setup() throws Exception { this.server.setHandler(new CheckRequestHandler()); this.server.afterPropertiesSet(); this.server.start(); // Set dynamically chosen port this.port = this.server.getPort(); SSLContextBuilder builder = new SSLContextBuilder(); builder.loadTrustMaterial(new TrustSelfSignedStrategy()); SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory( builder.build(), NoopHostnameVerifier.INSTANCE); CloseableHttpClient httpclient = HttpClients.custom().setSSLSocketFactory( socketFactory).build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpclient); this.restTemplate = new RestTemplate(requestFactory); }
private static SSLContext getNonValidatingSslContext() { try { return new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); } catch (KeyManagementException e) { throw new RuntimeException(e); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } catch (KeyStoreException e) { throw new RuntimeException(e); } }
public SSLConnectionSocketFactory getSocketFactory() throws SSLInitializationException { return new SSLConnectionSocketFactory(buildSslContext(), getSupportedProtocols(), getSupportedCiphers(), chooseHostnameVerifier()); }
private HostnameVerifier chooseHostnameVerifier() { if (configuration.isVerifyHostname()) { return verifier != null ? verifier : SSLConnectionSocketFactory.getDefaultHostnameVerifier(); } else { return new NoopHostnameVerifier(); } }
public HttpSSLConnectionSocketFactory(final SSLContext sslContext) { super(sslContext, new NoopHostnameVerifier()); }
public ClusterLoadBalanceAuthorizer(final ClusterCoordinator clusterCoordinator, final EventReporter eventReporter) { this.clusterCoordinator = clusterCoordinator; this.eventReporter = eventReporter; this.hostnameVerifier = new DefaultHostnameVerifier(); }
private static HttpClient createDefaultHttpClient() { Registry<ConnectionSocketFactory> schemeRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", SSLConnectionSocketFactory.getSocketFactory()) .build(); PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(schemeRegistry); connectionManager.setMaxTotal(DEFAULT_MAX_TOTAL_CONNECTIONS); connectionManager.setDefaultMaxPerRoute(DEFAULT_MAX_CONNECTIONS_PER_ROUTE); return HttpClientBuilder.create().setConnectionManager(connectionManager).build(); }
public final void verify( final String host, final String[] cns, final String[] subjectAlts) throws SSLException { verify(host, cns, subjectAlts, true); }
/** * Verifies the hostname in the certificate matches {@link #expectedCertCommonName}. * * @param cer Certificate to validate. */ private void verifyHostname(X509Certificate cer) { try { hostnameVerifier.verify(expectedCertCommonName, cer); } catch (SSLException e) { throw new SdkClientException("Certificate does not match expected common name: " + expectedCertCommonName, e); } }
public final void verify( final String host, final String[] cns, final String[] subjectAlts) throws SSLException { verify(host, cns, subjectAlts, false); }
private PoolingHttpClientConnectionManager createSystemSslCM() { ConnectionSocketFactory socketFactory = SSLConnectionSocketFactory.getSystemSocketFactory(); Registry registry = RegistryBuilder.<ConnectionSocketFactory>create() .register(PROTOCOL, socketFactory) .build(); return new PoolingHttpClientConnectionManager(registry); }
public Socket connectSocket(Socket sock, String host, int port, InetAddress localAddress, int localPort, HttpParams params) throws IOException { return mSchemeSocketFactory.connectSocket(sock, host, port, localAddress, localPort, params); }
public boolean isSecure(Socket sock) throws IllegalArgumentException { return mSchemeSocketFactory.isSecure(sock); } public Socket createSocket(
public SocksSSLConnectionSocketFactory(final SSLContext sslContext) { super(sslContext, new NoopHostnameVerifier()); }
public DefaultHttpConnector(final EndpointIterator endpointIterator, final int httpTimeoutMillis, final boolean sslHostnameVerificationEnabled) { this.endpointIterator = endpointIterator; this.httpTimeoutMillis = httpTimeoutMillis; this.hostnameVerifierProvider = new HostnameVerifierProvider(sslHostnameVerificationEnabled, new DefaultHostnameVerifier()); this.extraHttpsHandler = null; }
@Override public Socket createLayeredSocket(final Socket socket, final String target, final int port, final HttpContext context) throws IOException { Boolean enableSniValue = (Boolean) context.getAttribute(ENABLE_SNI); boolean enableSni = enableSniValue == null || enableSniValue; return super.createLayeredSocket(socket, enableSni ? target : "", port, context); } }