下面列出了org.apache.http.conn.ConnectionKeepAliveStrategy#org.apache.http.conn.ssl.SSLSocketFactory 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
public HttpClient getHttpsClientTrustAll() {
try {
SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy(){
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
}, new AllowAllHostnameVerifier());
PlainSocketFactory psf = PlainSocketFactory.getSocketFactory();
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", 80, psf));
registry.register(new Scheme("https", 443, sf));
ClientConnectionManager ccm = new PoolingClientConnectionManager(registry);
return new DefaultHttpClient(ccm);
} catch (Exception ex) {
log.error("Failed to create TrustAll https client", ex);
return new DefaultHttpClient();
}
}
/**
* Replicates {@link ApacheHttpTransport#newDefaultHttpClient()} with one exception:
*
* 1 retry is allowed.
*
* @see DefaultHttpRequestRetryHandler
*/
DefaultHttpClient newDefaultHttpClient(
SSLSocketFactory socketFactory, HttpParams params, ProxySelector proxySelector) {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", socketFactory, 443));
ClientConnectionManager connectionManager = new ThreadSafeClientConnManager(params, registry);
DefaultHttpClient defaultHttpClient = new DefaultHttpClient(connectionManager, params);
// retry only once
defaultHttpClient.setHttpRequestRetryHandler(new DefaultHttpRequestRetryHandler(1, true));
if (proxySelector != null) {
defaultHttpClient.setRoutePlanner(new ProxySelectorRoutePlanner(registry, proxySelector));
}
defaultHttpClient.setKeepAliveStrategy((response, context) -> KEEP_ALIVE_DURATION);
return defaultHttpClient;
}
@SuppressWarnings("ConstantConditions")
protected OkHttpClient getHttpClient() {
if (httpClient == null) {
OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder().addInterceptor(getDefaultInterceptor());
if (isHttpsRequest()) {
try {
clientBuilder.sslSocketFactory(AFCertificateUtil.setCertificates(getApplicationContext(), getCertificateNames()))
.hostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
} catch (Exception e) {
e.printStackTrace();
}
}
httpClient = clientBuilder.proxy(Proxy.NO_PROXY).build();
makeGlideSupportHttps();
}
return httpClient;
}
/**
* Returns the one <code>WebServiceUtil</code> instance
* @return the one <code>WebServiceUtil</code> instance
*/
public static WebServiceUtil getInstance() {
// This needs to be here instead of in the constructor because
// it uses classes that are in the AndroidSDK and thus would
// cause Stub! errors when running the component descriptor.
synchronized(httpClientSynchronizer) {
if (httpClient == null) {
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
schemeRegistry.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
BasicHttpParams params = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(params, 20 * 1000);
HttpConnectionParams.setSoTimeout(params, 20 * 1000);
ConnManagerParams.setMaxTotalConnections(params, 20);
ThreadSafeClientConnManager manager = new ThreadSafeClientConnManager(params,
schemeRegistry);
WebServiceUtil.httpClient = new DefaultHttpClient(manager, params);
}
}
return INSTANCE;
}
private static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
private static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
/**
* Gets getUrl DefaultHttpClient which trusts getUrl set of certificates specified by the KeyStore
*
* @param keyStore custom provided KeyStore instance
* @return DefaultHttpClient
*/
public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
try {
SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
public RetrofitClientBuilder pinCertificates(InputStream resourceStream, char[] password) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableKeyException, KeyManagementException {
KeyStore keyStore = KeyStore.getInstance(HttpClientBuilder.BOUNCY_CASTLE);
keyStore.load(resourceStream, password);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
TrustManager[] trustManagers = {new CustomTrustManager(keyStore)};
kmf.init(keyStore, password);
SSLContext sslContext = SSLContext.getInstance(SSLSocketFactory.TLS);
sslContext.init(kmf.getKeyManagers(), trustManagers, null);
okHttpClient.setHostnameVerifier(SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
okHttpClient.setSslSocketFactory(sslContext.getSocketFactory());
return this;
}
/**
* Gets a DefaultHttpClient which trusts a set of certificates specified by the KeyStore
*
* @param keyStore custom provided KeyStore instance
* @return DefaultHttpClient
*/
public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
try {
SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
public EsendexService(String user, String password, String account) {
this.user = user;
this.password = password;
this.account = account;
localContext = new BasicHttpContext();
httpClient = new DefaultHttpClient();
TrustStrategy easyStrategy = new TrustStrategy() {
@Override
public boolean isTrusted(
java.security.cert.X509Certificate[] arg0, String arg1)
throws CertificateException {
return true;
}
};
SSLSocketFactory socketFactory = null;
try {
// socketFactory = new SSLSocketFactory(easyStrategy);
} catch (Exception exception){
logger.error(exception);
}
// Scheme sch = new Scheme("https", 443, socketFactory);
// httpClient.getConnectionManager().getSchemeRegistry().register(sch);
}
private static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
/**
* Gets a DefaultHttpClient which trusts a set of certificates specified by the KeyStore
*
* @param keyStore custom provided KeyStore instance
* @return DefaultHttpClient
*/
public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
try {
SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
private MySSLSocketFactory newSslSocketFactory() {
try {
KeyStore trusted = KeyStore.getInstance(HttpClientBuilder.BOUNCY_CASTLE);
try {
trusted.load(null, null);
} finally {
}
MySSLSocketFactory sslfactory = new MySSLSocketFactory(trusted);
sslfactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
return sslfactory;
} catch (Exception e) {
throw new AssertionError(e);
}
}
/**
* Gets a DefaultHttpClient which trusts a set of certificates specified by the KeyStore
*
* @param keyStore custom provided KeyStore instance
* @return DefaultHttpClient
*/
public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
try {
SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
public HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
/**
* Gets a DefaultHttpClient which trusts a set of certificates specified by the KeyStore
*
* @param keyStore custom provided KeyStore instance
* @return DefaultHttpClient
*/
public static DefaultHttpClient getNewHttpClient(KeyStore keyStore) {
try {
SSLSocketFactory sf = new MySSLSocketFactory(keyStore);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
private static HttpClient getNewHttpClient() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null, null);
SSLSocketFactory sf = new SSLSocketFactoryEx(trustStore);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, HTTP.UTF_8);
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", sf, 443));
ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
return new DefaultHttpClient(ccm, params);
} catch (Exception e) {
return new DefaultHttpClient();
}
}
public HttpClient createHttpClient(ClientConfiguration clientconfiguration)
{
BasicHttpParams basichttpparams = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(basichttpparams, clientconfiguration.getConnectionTimeout());
HttpConnectionParams.setSoTimeout(basichttpparams, clientconfiguration.getSocketTimeout());
HttpConnectionParams.setStaleCheckingEnabled(basichttpparams, true);
HttpConnectionParams.setTcpNoDelay(basichttpparams, true);
int i = clientconfiguration.getSocketBufferSizeHints()[0];
int j = clientconfiguration.getSocketBufferSizeHints()[1];
if (i > 0 || j > 0)
{
HttpConnectionParams.setSocketBufferSize(basichttpparams, Math.max(i, j));
}
SchemeRegistry schemeregistry = new SchemeRegistry();
schemeregistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
if (clientconfiguration.getProtocol() == Protocol.HTTPS)
{
schemeregistry.register(new Scheme("https", SSLSocketFactory.getSocketFactory(), 443));
}
return new DefaultHttpClient(new SingleClientConnManager(basichttpparams, schemeregistry), basichttpparams);
}
public static HttpClient generateHttpClient(final int maxTotalConnections,
final int maxTotalConnectionsPerRoute, int connTimeout) {
HttpParams params = new BasicHttpParams();
ConnManagerParams.setMaxTotalConnections(params, maxTotalConnections);
ConnManagerParams.setMaxConnectionsPerRoute(params, new ConnPerRoute() {
@Override
public int getMaxForRoute(HttpRoute route) {
return maxTotalConnectionsPerRoute;
}
});
HttpConnectionParams
.setConnectionTimeout(params, connTimeout);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(
new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
SSLSocketFactory sslSocketFactory = SSLSocketFactory.getSocketFactory();
sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
schemeRegistry.register(new Scheme("https", sslSocketFactory, 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(params, schemeRegistry);
return new DefaultHttpClient(conMgr, params);
}
private void verifyHttpsFromConfig(BrooklynProperties brooklynProperties) throws Exception {
webServer = new BrooklynWebServer(MutableMap.of(), newManagementContext(brooklynProperties));
webServer.skipSecurity();
webServer.start();
try {
KeyStore keyStore = load("client.ks", "password");
KeyStore trustStore = load("client.ts", "password");
SSLSocketFactory socketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, "password", trustStore, (SecureRandom)null, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
HttpToolResponse response = HttpTool.execAndConsume(
HttpTool.httpClientBuilder()
.port(webServer.getActualPort())
.https(true)
.socketFactory(socketFactory)
.build(),
new HttpGet(webServer.getRootUrl()));
assertEquals(response.getResponseCode(), 200);
} finally {
webServer.stop();
}
}
/**
* Returns default instance of SchemeRegistry
*
* @param fixNoHttpResponseException Whether to fix or not issue, by ommiting SSL verification
* @param httpPort HTTP port to be used, must be greater than 0
* @param httpsPort HTTPS port to be used, must be greater than 0
*/
private static SchemeRegistry getDefaultSchemeRegistry(boolean fixNoHttpResponseException, int httpPort, int httpsPort) {
if (fixNoHttpResponseException) {
Log.d(LOG_TAG, "Beware! Using the fix is insecure, as it doesn't verify SSL certificates.");
}
if (httpPort < 1) {
httpPort = 80;
Log.d(LOG_TAG, "Invalid HTTP port number specified, defaulting to 80");
}
if (httpsPort < 1) {
httpsPort = 443;
Log.d(LOG_TAG, "Invalid HTTPS port number specified, defaulting to 443");
}
// Fix to SSL flaw in API < ICS
// See https://code.google.com/p/android/issues/detail?id=13117
SSLSocketFactory sslSocketFactory;
if (fixNoHttpResponseException)
sslSocketFactory = MySSLSocketFactory.getFixedSocketFactory();
else
sslSocketFactory = SSLSocketFactory.getSocketFactory();
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), httpPort));
schemeRegistry.register(new Scheme("https", sslSocketFactory, httpsPort));
return schemeRegistry;
}
protected void initClient(DatabricksServiceFactory.Builder builder) {
try {
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, new SecureRandom());
SSLSocketFactory sf = new SSLSocketFactory(sslContext);
Scheme httpsScheme = new Scheme("https", HTTPS_PORT, sf);
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(httpsScheme);
ClientConnectionManager cm = new BasicClientConnectionManager(schemeRegistry);
HttpParams params = new BasicHttpParams();
HttpConnectionParams.setConnectionTimeout(params, builder.getConnectionTimeout());
HttpConnectionParams.setSoTimeout(params, builder.getSoTimeout());
DefaultHttpClient defaultHttpClient = new DefaultHttpClient(cm, params);
defaultHttpClient.setHttpRequestRetryHandler(retryHandler);
// set authorization header if token base
if (isNotEmpty(builder.getToken())) {
isTokenAuth = true;
authToken = builder.getToken();
} else if (isNotEmpty(builder.getUsername()) && isNotEmpty(builder.getPassword())) {
defaultHttpClient.getCredentialsProvider().setCredentials(
new AuthScope(host, HTTPS_PORT),
new UsernamePasswordCredentials(builder.getUsername(), builder.getPassword()));
}
client = new AutoRetryHttpClient(defaultHttpClient, retryStrategy);
} catch (Exception e) {
logger.error("", e);
}
url = String.format("https://%s/api/%s", host, apiVersion);
mapper = new ObjectMapper().setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
}
private HttpClient getHttpClient() {
if (this._httpClient == null) {
HttpParams params = new BasicHttpParams();
HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
HttpProtocolParams.setContentCharset(params, "UTF-8");
HttpConnectionParams.setConnectionTimeout(params, 300000);
HttpConnectionParams.setSoTimeout(params, 300000);
SchemeRegistry schReg = new SchemeRegistry();
schReg.register(new Scheme("http",
PlainSocketFactory.getSocketFactory(), 80));
schReg.register(new Scheme("https",
SSLSocketFactory.getSocketFactory(), 443));
ClientConnectionManager conMgr = new ThreadSafeClientConnManager(
params, schReg);
this._httpClient = new DefaultHttpClient(conMgr, params);
if (this._cookieStore != null) {
DefaultHttpClient dhttpclient = (DefaultHttpClient) this._httpClient;
dhttpclient.setCookieStore(this._cookieStore);
}
}
return this._httpClient;
}
static public Scheme createDoNotVerifyHttpsScheme() throws NoSuchAlgorithmException, KeyManagementException {
TrustManager sslTrustManager = new DoNotVerifySSLCertificateTrustManager();
SSLContext sslcontext = SSLContext.getInstance("TLS");
sslcontext.init(null, new TrustManager[] { sslTrustManager }, null);
SSLSocketFactory sf = new SSLSocketFactory(sslcontext);
sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
return new Scheme("https", sf, 443);
}
public DefaultHttpClient createHttpClient() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme(IDataSource.SCHEME_HTTP_TAG, PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme(IDataSource.SCHEME_HTTPS_TAG, SSLSocketFactory.getSocketFactory(), 443));
HttpParams params = createHttpParams();
return new DefaultHttpClient(new ThreadSafeClientConnManager(params, registry), params);
}
/**
* Returns getUrl SSlSocketFactory which trusts all certificates
*
* @return SSLSocketFactory
*/
public static SSLSocketFactory getFixedSocketFactory() {
SSLSocketFactory socketFactory;
try {
socketFactory = new MySSLSocketFactory(getKeystore());
socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
} catch (Throwable t) {
t.printStackTrace();
socketFactory = SSLSocketFactory.getSocketFactory();
}
return socketFactory;
}
/**
* Returns default instance of SchemeRegistry
*
* @param fixNoHttpResponseException Whether to fix issue or not, by omitting SSL verification
* @param httpPort HTTP port to be used, must be greater than 0
* @param httpsPort HTTPS port to be used, must be greater than 0
*/
private static SchemeRegistry getDefaultSchemeRegistry(boolean fixNoHttpResponseException, int httpPort, int httpsPort) {
if (fixNoHttpResponseException) {
Log.d(LOG_TAG, "Beware! Using the fix is insecure, as it doesn't verify SSL certificates.");
}
if (httpPort < 1) {
httpPort = 80;
Log.d(LOG_TAG, "Invalid HTTP port number specified, defaulting to 80");
}
if (httpsPort < 1) {
httpsPort = 443;
Log.d(LOG_TAG, "Invalid HTTPS port number specified, defaulting to 443");
}
// Fix to SSL flaw in API < ICS
// See https://code.google.com/p/android/issues/detail?id=13117
SSLSocketFactory sslSocketFactory;
if (fixNoHttpResponseException) {
sslSocketFactory = MySSLSocketFactory.getFixedSocketFactory();
} else {
sslSocketFactory = SSLSocketFactory.getSocketFactory();
}
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), httpPort));
schemeRegistry.register(new Scheme("https", sslSocketFactory, httpsPort));
return schemeRegistry;
}
public static SSLSocketFactory getFixedSocketFactory() {
SSLSocketFactory socketFactory;
try {
socketFactory = new MySSLSocketFactory(getKeystore());
socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
} catch (Throwable t) {
t.printStackTrace();
socketFactory = SSLSocketFactory.getSocketFactory();
}
return socketFactory;
}
/**
* Returns default instance of SchemeRegistry
*
* @param fixNoHttpResponseException
* Whether to fix or not issue, by ommiting SSL verification
* @param httpPort
* HTTP port to be used, must be greater than 0
* @param httpsPort
* HTTPS port to be used, must be greater than 0
*/
private static SchemeRegistry getDefaultSchemeRegistry(
boolean fixNoHttpResponseException, int httpPort, int httpsPort) {
if (fixNoHttpResponseException) {
Log.d(LOG_TAG, "Beware! Using the fix is insecure, as it doesn't verify SSL certificates.");
}
if (httpPort < 1) {
httpPort = 80;
Log.d(LOG_TAG, "Invalid HTTP port number specified, defaulting to 80");
}
if (httpsPort < 1) {
httpsPort = 443;
Log.d(LOG_TAG, "Invalid HTTPS port number specified, defaulting to 443");
}
// Fix to SSL flaw in API < ICS
// See https://code.google.com/p/android/issues/detail?id=13117
SSLSocketFactory sslSocketFactory;
if (fixNoHttpResponseException)
sslSocketFactory = MySSLSocketFactory.getFixedSocketFactory();
else
sslSocketFactory = SSLSocketFactory.getSocketFactory();
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), httpPort));
schemeRegistry.register(new Scheme("https", sslSocketFactory, httpsPort));
return schemeRegistry;
}
/**
* Returns default instance of SchemeRegistry
*
* @param fixNoHttpResponseException Whether to fix or not issue, by ommiting SSL verification
* @param httpPort HTTP port to be used, must be greater than 0
* @param httpsPort HTTPS port to be used, must be greater than 0
*/
private static SchemeRegistry getDefaultSchemeRegistry(boolean fixNoHttpResponseException, int httpPort, int httpsPort) {
if (fixNoHttpResponseException) {
Log.d(LOG_TAG, "Beware! Using the fix is insecure, as it doesn't verify SSL certificates.");
}
if (httpPort < 1) {
httpPort = 80;
Log.d(LOG_TAG, "Invalid HTTP port number specified, defaulting to 80");
}
if (httpsPort < 1) {
httpsPort = 443;
Log.d(LOG_TAG, "Invalid HTTPS port number specified, defaulting to 443");
}
// Fix to SSL flaw in API < ICS
// See https://code.google.com/p/android/issues/detail?id=13117
SSLSocketFactory sslSocketFactory;
if (fixNoHttpResponseException)
sslSocketFactory = MySSLSocketFactory.getFixedSocketFactory();
else
sslSocketFactory = SSLSocketFactory.getSocketFactory();
SchemeRegistry schemeRegistry = new SchemeRegistry();
schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), httpPort));
schemeRegistry.register(new Scheme("https", sslSocketFactory, httpsPort));
return schemeRegistry;
}