You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ol...@apache.org on 2008/12/02 22:43:56 UTC
svn commit: r722624 - in
/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder:
AbstractContinuumProjectBuilder.java EasySSLSocketFactory.java
EasyX509TrustManager.java
Author: olamy
Date: Tue Dec 2 13:43:56 2008
New Revision: 722624
URL: http://svn.apache.org/viewvc?rev=722624&view=rev
Log:
[CONTINUUM-1978] regression from 1.1 to 1.2.2: Add Maven 2.0+ Project using https POM Url where the source server has self signed certificate
Added:
continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java (with props)
continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java (with props)
Modified:
continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java
Modified: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java
URL: http://svn.apache.org/viewvc/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java?rev=722624&r1=722623&r2=722624&view=diff
==============================================================================
--- continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java (original)
+++ continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/AbstractContinuumProjectBuilder.java Tue Dec 2 13:43:56 2008
@@ -27,11 +27,13 @@
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ClientConnectionManager;
+import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.params.ConnManagerPNames;
import org.apache.http.conn.params.ConnPerRouteBean;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
+import org.apache.http.conn.scheme.SocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
@@ -51,7 +53,9 @@
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
+import java.net.InetAddress;
import java.net.MalformedURLException;
+import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
@@ -79,11 +83,7 @@
// http scheme
schemeRegistry.register( new Scheme( "http", PlainSocketFactory.getSocketFactory(), 80 ) );
// https scheme
- SSLSocketFactory sslSocketFactory = SSLSocketFactory.getSocketFactory();
-
- // ignore cert
- sslSocketFactory.setHostnameVerifier( SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER );
- schemeRegistry.register( new Scheme( "https", sslSocketFactory, 443 ) );
+ schemeRegistry.register( new Scheme( "https", new EasySSLSocketFactory(), 443 ) );
HttpParams params = new BasicHttpParams();
// TODO put this values to a configuration way ???
Added: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java
URL: http://svn.apache.org/viewvc/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java?rev=722624&view=auto
==============================================================================
--- continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java (added)
+++ continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java Tue Dec 2 13:43:56 2008
@@ -0,0 +1,161 @@
+package org.apache.maven.continuum.project.builder;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.TrustManager;
+
+import org.apache.http.conn.ConnectTimeoutException;
+import org.apache.http.conn.scheme.LayeredSocketFactory;
+import org.apache.http.conn.scheme.SocketFactory;
+import org.apache.http.params.HttpConnectionParams;
+import org.apache.http.params.HttpParams;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This socket factory will create ssl socket that accepts self signed certificate
+ * @author olamy
+ * @since 1.2.3
+ * @version $Id$
+ */
+public class EasySSLSocketFactory
+ implements SocketFactory, LayeredSocketFactory
+{
+
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ private SSLContext sslcontext = null;
+
+ private static SSLContext createEasySSLContext() throws IOException
+ {
+ try
+ {
+ SSLContext context = SSLContext.getInstance( "SSL" );
+ context.init( null, new TrustManager[] { new EasyX509TrustManager( null ) }, null );
+ return context;
+ }
+ catch ( Exception e )
+ {
+ LoggerFactory.getLogger( EasySSLSocketFactory.class ).error( e.getMessage(), e );
+ throw new IOException( e.getMessage() );
+ }
+ }
+
+ private SSLContext getSSLContext() throws IOException
+ {
+ if ( this.sslcontext == null )
+ {
+ this.sslcontext = createEasySSLContext();
+ }
+ return this.sslcontext;
+ }
+
+ /**
+ * @see org.apache.http.conn.scheme.SocketFactory#connectSocket(java.net.Socket, java.lang.String, int, java.net.InetAddress, int, org.apache.http.params.HttpParams)
+ */
+ public Socket connectSocket( Socket sock, String host, int port, InetAddress localAddress, int localPort, HttpParams params )
+ throws IOException, UnknownHostException, ConnectTimeoutException
+ {
+ int connTimeout = HttpConnectionParams.getConnectionTimeout( params );
+ int soTimeout = HttpConnectionParams.getSoTimeout( params );
+
+ InetSocketAddress remoteAddress = new InetSocketAddress( host, port );
+ SSLSocket sslsock = (SSLSocket) ( ( sock != null ) ? sock : createSocket() );
+
+ if ( ( localAddress != null ) || ( localPort > 0 ) )
+ {
+ // we need to bind explicitly
+ if ( localPort < 0 )
+ {
+ localPort = 0; // indicates "any"
+ }
+ InetSocketAddress isa = new InetSocketAddress( localAddress, localPort );
+ sslsock.bind( isa );
+ }
+
+ sslsock.connect( remoteAddress, connTimeout );
+ sslsock.setSoTimeout( soTimeout );
+ return sslsock;
+
+ }
+
+ /**
+ * @see org.apache.http.conn.scheme.SocketFactory#createSocket()
+ */
+ public Socket createSocket()
+ throws IOException
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug( "create socket" );
+ }
+ return getSSLContext().getSocketFactory().createSocket();
+ }
+
+ /**
+ * @see org.apache.http.conn.scheme.SocketFactory#isSecure(java.net.Socket)
+ */
+ public boolean isSecure( Socket socket )
+ throws IllegalArgumentException
+ {
+ return true;
+ }
+
+ /**
+ * @see org.apache.http.conn.scheme.LayeredSocketFactory#createSocket(java.net.Socket, java.lang.String, int, boolean)
+ */
+ public Socket createSocket( Socket socket, String host, int port, boolean autoClose )
+ throws IOException, UnknownHostException
+ {
+ if (log.isDebugEnabled())
+ {
+ log.debug( "create socket host " + host + ", port " + port );
+ }
+ return getSSLContext().getSocketFactory().createSocket();
+ }
+
+ // -------------------------------------------------------------------
+ // javadoc in org.apache.http.conn.scheme.SocketFactory says :
+ // Both Object.equals() and Object.hashCode() must be overridden
+ // for the correct operation of some connection managers
+ // -------------------------------------------------------------------
+
+ public boolean equals( Object obj )
+ {
+ return ( ( obj != null ) && obj.getClass().equals( EasySSLSocketFactory.class ) );
+ }
+
+ public int hashCode()
+ {
+ return EasySSLSocketFactory.class.hashCode();
+ }
+
+
+
+
+}
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java
------------------------------------------------------------------------------
svn:executable = *
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasySSLSocketFactory.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java
URL: http://svn.apache.org/viewvc/continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java?rev=722624&view=auto
==============================================================================
--- continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java (added)
+++ continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java Tue Dec 2 13:43:56 2008
@@ -0,0 +1,104 @@
+package org.apache.maven.continuum.project.builder;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509TrustManager;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * @author olamy
+ * @since 1.2.3
+ * @version $Id$
+ */
+public class EasyX509TrustManager implements X509TrustManager
+{
+ private X509TrustManager standardTrustManager = null;
+
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ /**
+ * Constructor for EasyX509TrustManager.
+ */
+ public EasyX509TrustManager( KeyStore keystore )
+ throws NoSuchAlgorithmException, KeyStoreException
+ {
+ super();
+ TrustManagerFactory factory = TrustManagerFactory.getInstance( TrustManagerFactory.getDefaultAlgorithm() );
+ factory.init( keystore );
+ TrustManager[] trustmanagers = factory.getTrustManagers();
+ if ( trustmanagers.length == 0 )
+ {
+ throw new NoSuchAlgorithmException( "no trust manager found" );
+ }
+ this.standardTrustManager = (X509TrustManager) trustmanagers[0];
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
+ */
+ public void checkClientTrusted( X509Certificate[] certificates, String authType )
+ throws CertificateException
+ {
+ standardTrustManager.checkClientTrusted( certificates, authType );
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
+ */
+ public void checkServerTrusted( X509Certificate[] certificates, String authType )
+ throws CertificateException
+ {
+ if ( ( certificates != null ) && log.isDebugEnabled() )
+ {
+ log.debug( "Server certificate chain:" );
+ for ( int i = 0; i < certificates.length; i++ )
+ {
+ log.debug( "X509Certificate[" + i + "]=" + certificates[i] );
+ }
+ }
+ if ( ( certificates != null ) && ( certificates.length == 1 ) )
+ {
+ certificates[0].checkValidity();
+ }
+ else
+ {
+ standardTrustManager.checkServerTrusted( certificates, authType );
+ }
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
+ */
+ public X509Certificate[] getAcceptedIssuers()
+ {
+ return this.standardTrustManager.getAcceptedIssuers();
+ }
+
+}
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java
------------------------------------------------------------------------------
svn:executable = *
Propchange: continuum/branches/continuum-1.2.x/continuum-core/src/main/java/org/apache/maven/continuum/project/builder/EasyX509TrustManager.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision