Skip to content
Permalink
Browse files
JENKINS-44727 Ignore SSL checks for Java 8
  • Loading branch information
nrayapati committed Jun 7, 2017
1 parent 3ac448d commit 6d110135d5d6a01f007af87f1f0d9fb25373f526
Showing with 49 additions and 11 deletions.
  1. +49 −11 src/main/java/jenkins/plugins/http_request/HttpRequestExecution.java
@@ -6,6 +6,7 @@
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.UnknownHostException;
@@ -17,17 +18,20 @@
import java.security.cert.X509Certificate;
import java.util.List;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;

import org.apache.http.HttpResponse;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.SSLContextBuilder;

import com.cloudbees.plugins.credentials.CredentialsMatchers;
import com.cloudbees.plugins.credentials.CredentialsProvider;
@@ -245,16 +249,11 @@ private void configureTimeoutAndSsl(HttpClientBuilder clientBuilder) throws NoSu
.build();
clientBuilder.setDefaultRequestConfig(config);
}
//ssl
//Ignore SSL errors
if (ignoreSslErrors) {
SSLContextBuilder builder = SSLContextBuilder.create();
builder.loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
});
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE);
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, new TrustManager[]{new NoopTrustManager()}, new java.security.SecureRandom());
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sc, NoopHostnameVerifier.INSTANCE);
clientBuilder.setSSLSocketFactory(sslsf);
}
}
@@ -337,4 +336,43 @@ private void processResponse(ResponseContentSupplier response) throws IOExceptio
in.close();
}
}

private static class NoopTrustManager extends X509ExtendedTrustManager {

@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {

}

@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}

@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)
throws CertificateException {
}

@Override
public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)
throws CertificateException {
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
throws CertificateException {
}
}
}

0 comments on commit 6d11013

Please sign in to comment.