/*
|
* Copyright 2011 gitblit.com.
|
*
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
* you may not use this file except in compliance with the License.
|
* You may obtain a copy of the License at
|
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
* Unless required by applicable law or agreed to in writing, software
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* See the License for the specific language governing permissions and
|
* limitations under the License.
|
*/
|
package com.gitblit.utils;
|
|
import java.io.IOException;
|
import java.net.InetAddress;
|
import java.net.Socket;
|
import java.net.URL;
|
import java.net.URLConnection;
|
import java.net.UnknownHostException;
|
import java.security.GeneralSecurityException;
|
import java.security.SecureRandom;
|
import java.security.cert.CertificateException;
|
import java.security.cert.X509Certificate;
|
|
import javax.net.SocketFactory;
|
import javax.net.ssl.HostnameVerifier;
|
import javax.net.ssl.HttpsURLConnection;
|
import javax.net.ssl.SSLContext;
|
import javax.net.ssl.SSLSession;
|
import javax.net.ssl.SSLSocketFactory;
|
import javax.net.ssl.TrustManager;
|
import javax.net.ssl.X509TrustManager;
|
|
|
/**
|
* Utility class for establishing HTTP/HTTPS connections.
|
*
|
* @author James Moger
|
*
|
*/
|
public class ConnectionUtils {
|
|
static final String CHARSET;
|
|
private static final SSLContext SSL_CONTEXT;
|
|
private static final DummyHostnameVerifier HOSTNAME_VERIFIER;
|
|
static {
|
SSLContext context = null;
|
try {
|
context = SSLContext.getInstance("SSL");
|
context.init(null, new TrustManager[] { new DummyTrustManager() }, new SecureRandom());
|
} catch (Throwable t) {
|
t.printStackTrace();
|
}
|
SSL_CONTEXT = context;
|
HOSTNAME_VERIFIER = new DummyHostnameVerifier();
|
CHARSET = "UTF-8";
|
}
|
|
public static void setAuthorization(URLConnection conn, String username, char[] password) {
|
if (!StringUtils.isEmpty(username) && (password != null && password.length > 0)) {
|
conn.setRequestProperty(
|
"Authorization",
|
"Basic "
|
+ Base64.encodeBytes((username + ":" + new String(password)).getBytes()));
|
}
|
}
|
|
public static URLConnection openReadConnection(String url, String username, char[] password)
|
throws IOException {
|
URLConnection conn = openConnection(url, username, password);
|
conn.setRequestProperty("Accept-Charset", ConnectionUtils.CHARSET);
|
return conn;
|
}
|
|
public static URLConnection openConnection(String url, String username, char[] password)
|
throws IOException {
|
URL urlObject = new URL(url);
|
URLConnection conn = urlObject.openConnection();
|
setAuthorization(conn, username, password);
|
conn.setUseCaches(false);
|
conn.setDoOutput(true);
|
if (conn instanceof HttpsURLConnection) {
|
HttpsURLConnection secureConn = (HttpsURLConnection) conn;
|
secureConn.setSSLSocketFactory(SSL_CONTEXT.getSocketFactory());
|
secureConn.setHostnameVerifier(HOSTNAME_VERIFIER);
|
}
|
return conn;
|
}
|
|
// Copyright (C) 2009 The Android Open Source Project
|
//
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
// you may not use this file except in compliance with the License.
|
// You may obtain a copy of the License at
|
//
|
// http://www.apache.org/licenses/LICENSE-2.0
|
//
|
// Unless required by applicable law or agreed to in writing, software
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
// See the License for the specific language governing permissions and
|
// limitations under the License.
|
public static class BlindSSLSocketFactory extends SSLSocketFactory {
|
private static final BlindSSLSocketFactory INSTANCE;
|
|
static {
|
try {
|
final SSLContext context = SSLContext.getInstance("SSL");
|
final TrustManager[] trustManagers = { new DummyTrustManager() };
|
final SecureRandom rng = new SecureRandom();
|
context.init(null, trustManagers, rng);
|
INSTANCE = new BlindSSLSocketFactory(context.getSocketFactory());
|
} catch (GeneralSecurityException e) {
|
throw new RuntimeException("Cannot create BlindSslSocketFactory", e);
|
}
|
}
|
|
public static SocketFactory getDefault() {
|
return INSTANCE;
|
}
|
|
private final SSLSocketFactory sslFactory;
|
|
private BlindSSLSocketFactory(final SSLSocketFactory sslFactory) {
|
this.sslFactory = sslFactory;
|
}
|
|
@Override
|
public Socket createSocket(Socket s, String host, int port, boolean autoClose)
|
throws IOException {
|
return sslFactory.createSocket(s, host, port, autoClose);
|
}
|
|
@Override
|
public String[] getDefaultCipherSuites() {
|
return sslFactory.getDefaultCipherSuites();
|
}
|
|
@Override
|
public String[] getSupportedCipherSuites() {
|
return sslFactory.getSupportedCipherSuites();
|
}
|
|
@Override
|
public Socket createSocket() throws IOException {
|
return sslFactory.createSocket();
|
}
|
|
@Override
|
public Socket createSocket(String host, int port) throws IOException,
|
UnknownHostException {
|
return sslFactory.createSocket(host, port);
|
}
|
|
@Override
|
public Socket createSocket(InetAddress host, int port) throws IOException {
|
return sslFactory.createSocket(host, port);
|
}
|
|
@Override
|
public Socket createSocket(String host, int port, InetAddress localHost,
|
int localPort) throws IOException, UnknownHostException {
|
return sslFactory.createSocket(host, port, localHost, localPort);
|
}
|
|
@Override
|
public Socket createSocket(InetAddress address, int port,
|
InetAddress localAddress, int localPort) throws IOException {
|
return sslFactory.createSocket(address, port, localAddress, localPort);
|
}
|
}
|
|
/**
|
* DummyTrustManager trusts all certificates.
|
*
|
* @author James Moger
|
*/
|
private static class DummyTrustManager implements X509TrustManager {
|
|
@Override
|
public void checkClientTrusted(X509Certificate[] certs, String authType)
|
throws CertificateException {
|
}
|
|
@Override
|
public void checkServerTrusted(X509Certificate[] certs, String authType)
|
throws CertificateException {
|
}
|
|
@Override
|
public X509Certificate[] getAcceptedIssuers() {
|
return null;
|
}
|
}
|
|
/**
|
* Trusts all hostnames from a certificate, including self-signed certs.
|
*
|
* @author James Moger
|
*/
|
private static class DummyHostnameVerifier implements HostnameVerifier {
|
@Override
|
public boolean verify(String hostname, SSLSession session) {
|
return true;
|
}
|
}
|
}
|
