You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2014/08/07 11:34:51 UTC
svn commit: r1616449 - in
/httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http:
conn/ssl/SSLConnectionSocketFactory.java impl/client/HttpClientBuilder.java
Author: olegk
Date: Thu Aug 7 09:34:50 2014
New Revision: 1616449
URL: http://svn.apache.org/r1616449
Log:
Use Android SSLCertificateSocketFactory by default; enable Android specific SNI
Modified:
httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/impl/client/HttpClientBuilder.java
Modified: httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java?rev=1616449&r1=1616448&r2=1616449&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/conn/ssl/SSLConnectionSocketFactory.java Thu Aug 7 09:34:50 2014
@@ -27,6 +27,11 @@
package org.apache.http.conn.ssl;
+import android.annotation.TargetApi;
+import android.net.SSLCertificateSocketFactory;
+import android.os.Build;
+import android.util.Log;
+
import org.apache.http.HttpHost;
import org.apache.http.annotation.ThreadSafe;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
@@ -117,6 +122,8 @@ import java.net.Socket;
@ThreadSafe
public class SSLConnectionSocketFactory implements LayeredConnectionSocketFactory {
+ private final static String TAG = "HttpClient";
+
public static final String TLS = "TLS";
public static final String SSL = "SSL";
public static final String SSLV2 = "SSLv2";
@@ -139,7 +146,7 @@ public class SSLConnectionSocketFactory
*/
public static SSLConnectionSocketFactory getSocketFactory() throws SSLInitializationException {
return new SSLConnectionSocketFactory(
- SSLContexts.createDefault(),
+ (javax.net.ssl.SSLSocketFactory) SSLCertificateSocketFactory.getDefault(0),
BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
}
@@ -161,7 +168,7 @@ public class SSLConnectionSocketFactory
*/
public static SSLConnectionSocketFactory getSystemSocketFactory() throws SSLInitializationException {
return new SSLConnectionSocketFactory(
- (javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault(),
+ (javax.net.ssl.SSLSocketFactory) SSLCertificateSocketFactory.getDefault(0),
split(System.getProperty("https.protocols")),
split(System.getProperty("https.cipherSuites")),
BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
@@ -255,6 +262,7 @@ public class SSLConnectionSocketFactory
}
}
+ @TargetApi(17)
public Socket createLayeredSocket(
final Socket socket,
final String target,
@@ -272,6 +280,18 @@ public class SSLConnectionSocketFactory
sslsock.setEnabledCipherSuites(supportedCipherSuites);
}
prepareSocket(sslsock);
+
+ // Android specific code to enable SNI
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1) {
+ if (this.socketfactory instanceof SSLCertificateSocketFactory) {
+ if (Log.isLoggable(TAG, Log.DEBUG)) {
+ Log.d(TAG, "Enabling SNI for " + target);
+ }
+ ((SSLCertificateSocketFactory) this.socketfactory).setHostname(sslsock, target);
+ }
+ }
+ // End of Android specific code
+
sslsock.startHandshake();
verifyHostname(sslsock, target);
return sslsock;
Modified: httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/impl/client/HttpClientBuilder.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/impl/client/HttpClientBuilder.java?rev=1616449&r1=1616448&r2=1616449&view=diff
==============================================================================
--- httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/impl/client/HttpClientBuilder.java (original)
+++ httpcomponents/httpclient-android/branches/4.3.5-android/src/main/java/org/apache/http/impl/client/HttpClientBuilder.java Thu Aug 7 09:34:50 2014
@@ -27,6 +27,8 @@
package org.apache.http.impl.client;
+import android.net.SSLCertificateSocketFactory;
+
import java.io.Closeable;
import java.net.ProxySelector;
import java.util.ArrayList;
@@ -76,7 +78,6 @@ import org.apache.http.conn.socket.Conne
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.cookie.CookieSpecProvider;
import org.apache.http.impl.DefaultConnectionReuseStrategyHC4;
@@ -710,13 +711,15 @@ public class HttpClientBuilder {
sslcontext, supportedProtocols, supportedCipherSuites, hostnameVerifier);
} else {
if (systemProperties) {
- sslSocketFactory = new SSLConnectionSocketFactory(
- (SSLSocketFactory) SSLSocketFactory.getDefault(),
- supportedProtocols, supportedCipherSuites, hostnameVerifier);
- } else {
- sslSocketFactory = new SSLConnectionSocketFactory(
- SSLContexts.createDefault(),
- hostnameVerifier);
+ if (systemProperties) {
+ sslSocketFactory = new SSLConnectionSocketFactory(
+ (SSLSocketFactory) SSLCertificateSocketFactory.getDefault(0),
+ supportedProtocols, supportedCipherSuites, hostnameVerifier);
+ } else {
+ sslSocketFactory = new SSLConnectionSocketFactory(
+ (SSLSocketFactory) SSLCertificateSocketFactory.getDefault(0),
+ hostnameVerifier);
+ }
}
}
}