You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2011/07/29 22:57:05 UTC
svn commit: r1152372 - in /httpcomponents/httpclient/branches/4.1.x:
RELEASE_NOTES.txt
httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
Author: olegk
Date: Fri Jul 29 20:57:04 2011
New Revision: 1152372
URL: http://svn.apache.org/viewvc?rev=1152372&view=rev
Log:
Work-around for HTTPCLIENT-1051
Modified:
httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt
httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
Modified: httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt?rev=1152372&r1=1152371&r2=1152372&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt Fri Jul 29 20:57:04 2011
@@ -33,6 +33,8 @@ since release 4.1.1.
do not correctly handle content streaming.
Contributed by James Abley <james.abley at gmail.com>
+* [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address.
+ Contributed by Oleg Kalnichevski <olegk at apache.org>
Release 4.1.1
-------------------
Modified: httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java?rev=1152372&r1=1152371&r2=1152372&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java (original)
+++ httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java Fri Jul 29 20:57:04 2011
@@ -376,17 +376,25 @@ public class SSLSocketFactory implements
} catch (SocketTimeoutException ex) {
throw new ConnectTimeoutException("Connect to " + remoteAddress + " timed out");
}
+
+ // HttpInetSocketAddress#toString() returns original hostname value of the remote address
+ String hostname = remoteAddress.toString();
+ int port = remoteAddress.getPort();
+ String s = ":" + port;
+ if (hostname.endsWith(s)) {
+ hostname = hostname.substring(0, hostname.length() - s.length());
+ }
+
SSLSocket sslsock;
// Setup SSL layering if necessary
if (sock instanceof SSLSocket) {
sslsock = (SSLSocket) sock;
} else {
- sslsock = (SSLSocket) this.socketfactory.createSocket(
- sock, remoteAddress.getHostName(), remoteAddress.getPort(), true);
+ sslsock = (SSLSocket) this.socketfactory.createSocket(sock, hostname, port, true);
}
if (this.hostnameVerifier != null) {
try {
- this.hostnameVerifier.verify(remoteAddress.getHostName(), sslsock);
+ this.hostnameVerifier.verify(hostname, sslsock);
// verifyHostName() didn't blowup - good!
} catch (IOException iox) {
// close the socket before re-throwing the exception