use of org.apache.maven.wagon.providers.http.RelaxedTrustStrategy in project fabric8 by jboss-fuse.
the class HttpClients method createConnManager.
private static PoolingHttpClientConnectionManager createConnManager(PropertyResolver resolver, String pid) {
boolean SSL_INSECURE = getBoolean(resolver, "maven.wagon.http.ssl.insecure", !getBoolean(resolver, pid + "certificateCheck", false));
boolean IGNORE_SSL_VALIDITY_DATES = getBoolean(resolver, "maven.wagon.http.ssl.ignore.validity.dates", false);
boolean SSL_ALLOW_ALL = getBoolean(resolver, "maven.wagon.http.ssl.allowall", !getBoolean(resolver, pid + "certificateCheck", false));
boolean PERSISTENT_POOL = getBoolean(resolver, "maven.wagon.http.pool", true);
int MAX_CONN_PER_ROUTE = getInteger(resolver, "maven.wagon.httpconnectionManager.maxPerRoute", 20);
int MAX_CONN_TOTAL = getInteger(resolver, "maven.wagon.httpconnectionManager.maxTotal", 40);
String sslProtocolsStr = getProperty(resolver, "https.protocols", null);
String cipherSuitesStr = getProperty(resolver, "https.cipherSuites", null);
String[] sslProtocols = sslProtocolsStr != null ? sslProtocolsStr.split(" *, *") : null;
String[] cipherSuites = cipherSuitesStr != null ? cipherSuitesStr.split(" *, *") : null;
SSLConnectionSocketFactory sslConnectionSocketFactory;
if (SSL_INSECURE) {
try {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new RelaxedTrustStrategy(IGNORE_SSL_VALIDITY_DATES)).build();
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, sslProtocols, cipherSuites, SSL_ALLOW_ALL ? NoopHostnameVerifier.INSTANCE : new DefaultHostnameVerifier());
} catch (Exception ex) {
throw new SSLInitializationException(ex.getMessage(), ex);
}
} else {
sslConnectionSocketFactory = new SSLConnectionSocketFactory(HttpsURLConnection.getDefaultSSLSocketFactory(), sslProtocols, cipherSuites, new DefaultHostnameVerifier());
}
Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", sslConnectionSocketFactory).build();
PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(registry);
if (PERSISTENT_POOL) {
connManager.setDefaultMaxPerRoute(MAX_CONN_PER_ROUTE);
connManager.setMaxTotal(MAX_CONN_TOTAL);
} else {
connManager.setMaxTotal(1);
}
boolean soKeepAlive = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_KEEPALIVE, false);
int soLinger = getInteger(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_LINGER, -1);
boolean soReuseAddress = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_REUSEADDRESS, false);
boolean soTcpNoDelay = getBoolean(resolver, pid + ServiceConstants.PROPERTY_SOCKET_TCP_NODELAY, true);
// int soTimeout = getInteger( resolver, pid + ServiceConstants.PROPERTY_SOCKET_SO_TIMEOUT, 0 );
SocketConfig socketConfig = SocketConfig.custom().setSoKeepAlive(// default false
soKeepAlive).setSoLinger(// default -1
soLinger).setSoReuseAddress(// default false
soReuseAddress).setTcpNoDelay(// default true
soTcpNoDelay).setSoTimeout(// default 0, but set in org.apache.http.impl.conn.CPoolProxy.setSocketTimeout()
0).build();
connManager.setDefaultSocketConfig(socketConfig);
int bufferSize = getInteger(resolver, pid + ServiceConstants.PROPERTY_CONNECTION_BUFFER_SIZE, 8192);
ConnectionConfig connectionConfig = ConnectionConfig.custom().setBufferSize(// default 8192
bufferSize).setFragmentSizeHint(// default 'buffer size'
bufferSize).build();
connManager.setDefaultConnectionConfig(connectionConfig);
return connManager;
}
Aggregations