Respect property https.protocols

API's are disabling TLS v1 in favor of the more secure protocols TLS 1.1 or TLS 1.2. Java has a system property for setting this, https.protocols, that this library completely ignores. Updating the library so that this property is used to set the transport protocols. Upgrading http-client version to 4.5.2 for the SSLConnectionSocketFactory builder Fixing testRedirect() - google redirects http - https now Fixes issue jgritman#56
kairas · Jun 30, 2016 · 902a79b · 902a79b
1 parent 72fb50a
commit 902a79b
Show file tree

Hide file tree

Showing 4 changed files with 56 additions and 33 deletions.
diff --git a/pom.xml b/pom.xml
@@ -27,7 +27,7 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpclient</artifactId>
-            <version>4.2.1</version>
+            <version>4.5.2</version>
         </dependency>
 		<dependency>
             <!-- Only needed for JSON parsing -->

diff --git a/src/main/java/groovyx/net/http/HTTPBuilder.java b/src/main/java/groovyx/net/http/HTTPBuilder.java
@@ -21,37 +21,14 @@
  */
 package groovyx.net.http;
 
-import static groovyx.net.http.URIBuilder.convertToURI;
+import com.google.appengine.repackaged.com.google.common.base.StringUtil;
 import groovy.lang.Closure;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.Closeable;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.Reader;
-import java.io.StringReader;
-import java.io.StringWriter;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Map;
-
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.apache.http.Header;
-import org.apache.http.HttpEntity;
-import org.apache.http.HttpEntityEnclosingRequest;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpResponse;
+import org.apache.http.*;
 import org.apache.http.client.ClientProtocolException;
+import org.apache.http.client.HttpClient;
 import org.apache.http.client.ResponseHandler;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
@@ -60,18 +37,37 @@
 import org.apache.http.conn.ClientConnectionManager;
 import org.apache.http.conn.params.ConnRoutePNames;
 import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.conn.ssl.SSLSocketFactory;
 import org.apache.http.conn.ssl.TrustStrategy;
 import org.apache.http.cookie.params.CookieSpecPNames;
-import org.apache.http.client.HttpClient;
 import org.apache.http.impl.client.AbstractHttpClient;
 import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.impl.client.HttpClients;
 import org.apache.http.params.BasicHttpParams;
 import org.apache.http.params.HttpParams;
 import org.apache.http.protocol.HttpContext;
+import org.apache.http.ssl.SSLContexts;
 import org.codehaus.groovy.runtime.DefaultGroovyMethods;
 import org.codehaus.groovy.runtime.MethodClosure;
 
+import javax.net.ssl.SSLContext;
+import java.io.*;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Map;
+
+import static groovyx.net.http.URIBuilder.convertToURI;
+
 /** <p>
  * Groovy DSL for easily making HTTP requests, and handling request and response
  * data.  This class adds a number of convenience mechanisms built on top of
@@ -855,7 +851,18 @@ public void setClient(HttpClient client) {
      * @return
      */
     protected HttpClient createClient( HttpParams params ) {
-        return new DefaultHttpClient(params);
+        String protocols = System.getProperty("https.protocols");
+        if(StringUtils.isNotBlank(protocols)) {
+            String[] protocolArray = protocols.split(",");
+            SSLContext sslContext = SSLContexts.createDefault();
+            SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext,
+                    protocolArray,
+                    null,
+                    new NoopHostnameVerifier());
+            return HttpClients.custom().setSSLSocketFactory(sslsf).build();
+        } else {
+            return new DefaultHttpClient(params);
+        }
     }
 
     /**

diff --git a/src/main/java/groovyx/net/http/thirdparty/GAEClientConnection.java b/src/main/java/groovyx/net/http/thirdparty/GAEClientConnection.java
@@ -23,6 +23,7 @@ of the License, or (at your option) any later version.
 
 import java.io.*;
 import java.net.*;
+import java.util.UUID;
 import java.util.concurrent.TimeUnit;
 import org.apache.http.*;
 import org.apache.http.conn.*;
@@ -34,14 +35,16 @@ of the License, or (at your option) any later version.
 
 import com.google.appengine.api.urlfetch.*;
 
-class GAEClientConnection
-  implements ManagedClientConnection {
+class GAEClientConnection implements ManagedClientConnection {
+
+  final String id;
 
   public GAEClientConnection(ClientConnectionManager cm, HttpRoute route, Object state) {
     this.connManager = cm;
     this.route = route;
     this.state = state;
     this.closed = true;
+    id = UUID.randomUUID().toString();
   }
 
   // From interface ManagedClientConnection
@@ -281,6 +284,19 @@ public void abortConnection()
   private HTTPRequest request;
   private HTTPResponse response;
   private boolean closed;
+  private Socket socket;
 
   private static URLFetchService urlFS = URLFetchServiceFactory.getURLFetchService();
+
+  public String getId() {
+    return id;
+  }
+
+  public void bind(Socket socket) throws IOException {
+     this.socket = socket;
+  }
+
+  public Socket getSocket() {
+    return socket;
+  }
 }
diff --git a/src/test/groovy/groovyx/net/http/HttpURLClientTest.groovy b/src/test/groovy/groovyx/net/http/HttpURLClientTest.groovy
@@ -36,7 +36,7 @@ class HttpURLClientTest {
     @Test public void testRedirect() {
         def http = new HttpURLClient(followRedirects:false)
 
-        def params = [ url:'http://www.google.com/search',
+        def params = [ url:'https://www.google.com/search',
                         query:[q:'HTTPBuilder', btnI:"I'm Feeling Lucky"],
                         headers:['User-Agent':'Firefox'] ]
         def resp = http.request( params )