You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2011/07/29 22:57:05 UTC

svn commit: r1152372 - in /httpcomponents/httpclient/branches/4.1.x: RELEASE_NOTES.txt httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java

Author: olegk
Date: Fri Jul 29 20:57:04 2011
New Revision: 1152372

URL: http://svn.apache.org/viewvc?rev=1152372&view=rev
Log:
Work-around for HTTPCLIENT-1051

Modified:
    httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt
    httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java

Modified: httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt?rev=1152372&r1=1152371&r2=1152372&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt (original)
+++ httpcomponents/httpclient/branches/4.1.x/RELEASE_NOTES.txt Fri Jul 29 20:57:04 2011
@@ -33,6 +33,8 @@ since release 4.1.1.
   do not correctly handle content streaming.
   Contributed by James Abley <james.abley at gmail.com> 
 
+* [HTTPCLIENT-1051] Avoid reverse DNS lookups when opening SSL connections by IP address.
+  Contributed by Oleg Kalnichevski <olegk at apache.org>
 
 Release 4.1.1
 -------------------

Modified: httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java?rev=1152372&r1=1152371&r2=1152372&view=diff
==============================================================================
--- httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java (original)
+++ httpcomponents/httpclient/branches/4.1.x/httpclient/src/main/java/org/apache/http/conn/ssl/SSLSocketFactory.java Fri Jul 29 20:57:04 2011
@@ -376,17 +376,25 @@ public class SSLSocketFactory implements
         } catch (SocketTimeoutException ex) {
             throw new ConnectTimeoutException("Connect to " + remoteAddress + " timed out");
         }
+
+        // HttpInetSocketAddress#toString() returns original hostname value of the remote address
+        String hostname = remoteAddress.toString();
+        int port = remoteAddress.getPort();
+        String s = ":" + port;
+        if (hostname.endsWith(s)) {
+            hostname = hostname.substring(0, hostname.length() - s.length());
+        }
+
         SSLSocket sslsock;
         // Setup SSL layering if necessary
         if (sock instanceof SSLSocket) {
             sslsock = (SSLSocket) sock;
         } else {
-            sslsock = (SSLSocket) this.socketfactory.createSocket(
-                    sock, remoteAddress.getHostName(), remoteAddress.getPort(), true);
+            sslsock = (SSLSocket) this.socketfactory.createSocket(sock, hostname, port, true);
         }
         if (this.hostnameVerifier != null) {
             try {
-                this.hostnameVerifier.verify(remoteAddress.getHostName(), sslsock);
+                this.hostnameVerifier.verify(hostname, sslsock);
                 // verifyHostName() didn't blowup - good!
             } catch (IOException iox) {
                 // close the socket before re-throwing the exception