[MJAVADOC-565] Make proxy configuration properly work for both HTTP a…

…nd HTTPS Javadoc uses URLConnection to retrieve external resources, thus one has to configure proxies for HTTP *and* for HTTPS. Apply the following logic to set proxies properly: * Iterate over all proxies and collect active (first) ones for HTTP and HTTPS * If HTTPS is availabe, use it for HTTPS as well as for non proxy hosts, but if and only if proxy for HTTP is not available * Else use HTTP proxy for both HTTP and HTTPS if HTTPS hasn't been set Additionally, *.proxyUser and *.proxyPassword have been removed. These properties aren't read by Java's URLConnection. This feature exists in Apache HttpClient only. This closes #17
apache · Feb 28, 2019 · 0799b53 · 0799b53
1 parent fd0c42a
commit 0799b53
Show file tree

Hide file tree

Showing 4 changed files with 1,404 additions and 1,469 deletions.
diff --git a/src/main/java/org/apache/maven/plugins/javadoc/AbstractJavadocMojo.java b/src/main/java/org/apache/maven/plugins/javadoc/AbstractJavadocMojo.java
@@ -3647,40 +3647,67 @@ private void addMemoryArg( Commandline cmd, String arg, String memory )
      */
     private void addProxyArg( Commandline cmd )
     {
-        if ( settings == null || settings.getActiveProxy() == null )
+        if ( settings == null || settings.getProxies().isEmpty() )
         {
             return;
         }
 
-        Proxy activeProxy = settings.getActiveProxy();
-        String protocol = StringUtils.isNotEmpty( activeProxy.getProtocol() ) ? activeProxy.getProtocol() + "." : "";
+        Map<String, Proxy> activeProxies = new HashMap<>();
 
-        if ( StringUtils.isNotEmpty( activeProxy.getHost() ) )
+        for ( Proxy proxy : settings.getProxies() )
         {
-            cmd.createArg().setValue( "-J-D" + protocol + "proxySet=true" );
-            cmd.createArg().setValue( "-J-D" + protocol + "proxyHost=" + activeProxy.getHost() );
+            if ( proxy.isActive() )
+            {
+                String protocol = proxy.getProtocol();
 
-            if ( activeProxy.getPort() > 0 )
+                if ( !activeProxies.containsKey( protocol ) )
             {
-                cmd.createArg().setValue( "-J-D" + protocol + "proxyPort=" + activeProxy.getPort() );
+                    activeProxies.put( protocol, proxy );
+                }
+            }
             }
 
-            if ( StringUtils.isNotEmpty( activeProxy.getNonProxyHosts() ) )
+        if ( activeProxies.containsKey( "https" ) )
+        {
+            Proxy httpsProxy = activeProxies.get( "https" );
+            if ( StringUtils.isNotEmpty( httpsProxy.getHost() ) )
             {
-                cmd.createArg().setValue(
-                    "-J-D" + protocol + "nonProxyHosts=\"" + activeProxy.getNonProxyHosts() + "\"" );
+                cmd.createArg().setValue( "-J-Dhttps.proxyHost=" + httpsProxy.getHost() );
+                cmd.createArg().setValue( "-J-Dhttps.proxyPort=" + httpsProxy.getPort() );
+
+                if ( StringUtils.isNotEmpty( httpsProxy.getNonProxyHosts() )
+                     && ( !activeProxies.containsKey( "http" )
+                          || StringUtils.isEmpty( activeProxies.get( "http" ).getNonProxyHosts() ) ) )
+                {
+                    cmd.createArg().setValue( "-J-Dhttp.nonProxyHosts=\""
+                                              + httpsProxy.getNonProxyHosts().replace( "|", "^|" ) + "\"" );
+                }
             }
+        }
+
+        if ( activeProxies.containsKey( "http" ) )
+        {
+            Proxy httpProxy = activeProxies.get( "http" );
+            if ( StringUtils.isNotEmpty( httpProxy.getHost() ) )
+            {
+                cmd.createArg().setValue( "-J-Dhttp.proxyHost=" + httpProxy.getHost() );
+                cmd.createArg().setValue( "-J-Dhttp.proxyPort=" + httpProxy.getPort() );
 
-            if ( StringUtils.isNotEmpty( activeProxy.getUsername() ) )
+                if ( !activeProxies.containsKey( "https" ) )
             {
-                cmd.createArg().setValue( "-J-Dhttp.proxyUser=\"" + activeProxy.getUsername() + "\"" );
+                    cmd.createArg().setValue( "-J-Dhttps.proxyHost=" + httpProxy.getHost() );
+                    cmd.createArg().setValue( "-J-Dhttps.proxyPort=" + httpProxy.getPort() );
+                }
 
-                if ( StringUtils.isNotEmpty( activeProxy.getPassword() ) )
+                if ( StringUtils.isNotEmpty( httpProxy.getNonProxyHosts() ) )
                 {
-                    cmd.createArg().setValue( "-J-Dhttp.proxyPassword=\"" + activeProxy.getPassword() + "\"" );
+                    cmd.createArg().setValue( "-J-Dhttp.nonProxyHosts=\""
+                                              + httpProxy.getNonProxyHosts().replace( "|", "^|" ) + "\"" );
                 }
             }
         }
+
+        // We bravely ignore FTP because no one (probably) uses FTP for Javadoc
     }
 
     /**
@@ -5684,7 +5711,6 @@ private void executeJavadocCommandLine( Commandline cmd, File javadocOutputDirec
         if ( debug )
         {
             cmdLine = CommandLineUtils.toString( cmd.getCommandline() ).replaceAll( "'", "" );
-            cmdLine = JavadocUtil.hideProxyPassword( cmdLine, settings );
 
             writeDebugJavadocScript( cmdLine, javadocOutputDirectory );
         }
@@ -5702,7 +5728,6 @@ private void executeJavadocCommandLine( Commandline cmd, File javadocOutputDirec
                 if ( cmdLine == null )
                 {
                     cmdLine = CommandLineUtils.toString( cmd.getCommandline() ).replaceAll( "'", "" );
-                    cmdLine = JavadocUtil.hideProxyPassword( cmdLine, settings );
                 }
                 writeDebugJavadocScript( cmdLine, javadocOutputDirectory );
 

diff --git a/src/main/java/org/apache/maven/plugins/javadoc/JavadocUtil.java b/src/main/java/org/apache/maven/plugins/javadoc/JavadocUtil.java
@@ -684,41 +684,6 @@ protected static boolean validateEncoding( String charsetName )
         }
     }
 
-    /**
-     * For security reasons, if an active proxy is defined and needs an authentication by username/password, hide the
-     * proxy password in the command line.
-     *
-     * @param cmdLine a command line, not null
-     * @param settings the user settings
-     * @return the cmdline with '*' for the http.proxyPassword JVM property
-     */
-    protected static String hideProxyPassword( String cmdLine, Settings settings )
-    {
-        if ( cmdLine == null )
-        {
-            throw new IllegalArgumentException( "cmdLine could not be null" );
-        }
-
-        if ( settings == null )
-        {
-            return cmdLine;
-        }
-
-        Proxy activeProxy = settings.getActiveProxy();
-        if ( activeProxy != null && StringUtils.isNotEmpty( activeProxy.getHost() )
-            && StringUtils.isNotEmpty( activeProxy.getUsername() )
-            && StringUtils.isNotEmpty( activeProxy.getPassword() ) )
-        {
-            String pass = "-J-Dhttp.proxyPassword=\"" + activeProxy.getPassword() + "\"";
-            String hidepass =
-                "-J-Dhttp.proxyPassword=\"" + StringUtils.repeat( "*", activeProxy.getPassword().length() ) + "\"";
-
-            return StringUtils.replace( cmdLine, pass, hidepass );
-        }
-
-        return cmdLine;
-    }
-
     /**
      * Auto-detect the class names of the implementation of <code>com.sun.tools.doclets.Taglet</code> class from a given
      * jar file. <br>