JDKHttpConnectionFactory.java

  1. /*
  2.  * Copyright (C) 2013, 2020 Christian Halstrick <christian.halstrick@sap.com> and others
  3.  *
  4.  * This program and the accompanying materials are made available under the
  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at
  6.  * https://www.eclipse.org/org/documents/edl-v10.php.
  7.  *
  8.  * SPDX-License-Identifier: BSD-3-Clause
  9.  */
  10. package org.eclipse.jgit.transport.http;

  12. import java.io.IOException;
  13. import java.net.Proxy;
  14. import java.net.URL;
  15. import java.security.GeneralSecurityException;
  16. import java.text.MessageFormat;

  18. import javax.net.ssl.HttpsURLConnection;
  19. import javax.net.ssl.SSLContext;
  20. import javax.net.ssl.SSLSocket;
  21. import javax.net.ssl.SSLSocketFactory;
  22. import javax.net.ssl.TrustManager;

  24. import org.eclipse.jgit.internal.JGitText;
  25. import org.eclipse.jgit.internal.transport.http.DelegatingSSLSocketFactory;
  26. import org.eclipse.jgit.util.HttpSupport;

  28. /**
  29.  * A factory returning instances of
  30.  * {@link org.eclipse.jgit.transport.http.JDKHttpConnection}
  31.  *
  32.  * @since 3.3
  33.  */
  34. public class JDKHttpConnectionFactory implements HttpConnectionFactory2 {

  36.     @Override
  37.     public HttpConnection create(URL url) throws IOException {
  38.         return new JDKHttpConnection(url);
  39.     }

  41.     @Override
  42.     public HttpConnection create(URL url, Proxy proxy)
  43.             throws IOException {
  44.         return new JDKHttpConnection(url, proxy);
  45.     }

  47.     @Override
  48.     public GitSession newSession() {
  49.         return new JdkConnectionSession();
  50.     }

  52.     private static class JdkConnectionSession implements GitSession {

  54.         private SSLContext securityContext;

  56.         private SSLSocketFactory socketFactory;

  58.         @Override
  59.         public JDKHttpConnection configure(HttpConnection connection,
  60.                 boolean sslVerify) throws GeneralSecurityException {
  61.             if (!(connection instanceof JDKHttpConnection)) {
  62.                 throw new IllegalArgumentException(MessageFormat.format(
  63.                         JGitText.get().httpWrongConnectionType,
  64.                         JDKHttpConnection.class.getName(),
  65.                         connection.getClass().getName()));
  66.             }
  67.             JDKHttpConnection conn = (JDKHttpConnection) connection;
  68.             String scheme = conn.getURL().getProtocol();
  69.             if (!"https".equals(scheme) || sslVerify) { //$NON-NLS-1$
  70.                 // sslVerify == true: use the JDK defaults
  71.                 return conn;
  72.             }
  73.             if (securityContext == null) {
  74.                 securityContext = SSLContext.getInstance("TLS"); //$NON-NLS-1$
  75.                 TrustManager[] trustAllCerts = {
  76.                         new NoCheckX509TrustManager() };
  77.                 securityContext.init(null, trustAllCerts, null);
  78.                 socketFactory = new DelegatingSSLSocketFactory(
  79.                         securityContext.getSocketFactory()) {

  81.                     @Override
  82.                     protected void configure(SSLSocket socket) {
  83.                         HttpSupport.configureTLS(socket);
  84.                     }
  85.                 };
  86.             }
  87.             conn.setHostnameVerifier((name, session) -> true);
  88.             ((HttpsURLConnection) conn.wrappedUrlConnection)
  89.                     .setSSLSocketFactory(socketFactory);
  90.             return conn;
  91.         }

  93.         @Override
  94.         public void close() {
  95.             securityContext = null;
  96.             socketFactory = null;
  97.         }
  98.     }

  100. }
Created with JaCoCo 0.8.6.202009150832