| author | Steffen Pingel | 2012-01-26 18:13:35 (EST) |
|---|---|---|
| committer | Steffen Pingel | 2012-01-26 18:13:35 (EST) |
| commit | 3ac6a7b67ebb30ab0a9445f4a3a20e2a58dc613d (patch) (side-by-side diff) | |
| tree | 50b2f376c827dee0be7aff826199e647ee1345e6 | |
| parent | 1dd26ba24948eb518706d195cb76dd1514224f1d (diff) | |
| download | org.eclipse.mylyn.commons-3ac6a7b67ebb30ab0a9445f4a3a20e2a58dc613d.zip org.eclipse.mylyn.commons-3ac6a7b67ebb30ab0a9445f4a3a20e2a58dc613d.tar.gz org.eclipse.mylyn.commons-3ac6a7b67ebb30ab0a9445f4a3a20e2a58dc613d.tar.bz2 | |
NEW - bug 369805: certificate authentication with custom keystore fails
behind proxy
https://bugs.eclipse.org/bugs/show_bug.cgi?id=369805
Change-Id: I58b0c0a0bba0f9b577816b2c07297c683eb636e9
6 files changed, 86 insertions, 52 deletions
diff --git a/org.eclipse.mylyn.commons.repositories.http.core/META-INF/MANIFEST.MF b/org.eclipse.mylyn.commons.repositories.http.core/META-INF/MANIFEST.MF index 1c91a6b..09badac 100644 --- a/org.eclipse.mylyn.commons.repositories.http.core/META-INF/MANIFEST.MF +++ b/org.eclipse.mylyn.commons.repositories.http.core/META-INF/MANIFEST.MF @@ -11,7 +11,8 @@ Require-Bundle: org.eclipse.core.runtime, org.eclipse.mylyn.commons.core, org.eclipse.mylyn.commons.repositories.core Bundle-ClassPath: . -Export-Package: org.eclipse.mylyn.commons.repositories.http.core;x-internal:=true +Export-Package: org.eclipse.mylyn.commons.repositories.http.core;x-internal:=true, + org.eclipse.mylyn.internal.commons.repositories.http.core;x-internal:=true Bundle-Localization: plugin Import-Package: org.apache.commons.logging;version="[1.0.4,2.0.0)", org.apache.http;version="4.1.0", diff --git a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/HttpUtil.java b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/HttpUtil.java index 82ff5aa..6aa9f8a 100644 --- a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/HttpUtil.java +++ b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/HttpUtil.java @@ -60,6 +60,8 @@ import org.eclipse.mylyn.commons.core.operations.OperationUtil; import org.eclipse.mylyn.commons.repositories.core.RepositoryLocation; import org.eclipse.mylyn.commons.repositories.core.auth.AuthenticationType; import org.eclipse.mylyn.commons.repositories.core.auth.UserCredentials; +import org.eclipse.mylyn.internal.commons.repositories.http.core.PollingProtocolSocketFactory; +import org.eclipse.mylyn.internal.commons.repositories.http.core.PollingSslProtocolSocketFactory; /** * @author Steffen Pingel diff --git a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/PollingProtocolSocketFactory.java b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/internal/commons/repositories/http/core/PollingProtocolSocketFactory.java index 32087f2..804d21e 100644 --- a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/PollingProtocolSocketFactory.java +++ b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/internal/commons/repositories/http/core/PollingProtocolSocketFactory.java @@ -9,7 +9,7 @@ * Tasktop Technologies - initial API and implementation *******************************************************************************/ -package org.eclipse.mylyn.commons.repositories.http.core; +package org.eclipse.mylyn.internal.commons.repositories.http.core; import java.io.IOException; import java.net.InetSocketAddress; @@ -28,7 +28,7 @@ import org.eclipse.mylyn.commons.core.operations.MonitoredOperation; /** * @author Steffen Pingel */ -class PollingProtocolSocketFactory implements SchemeSocketFactory { +public class PollingProtocolSocketFactory implements SchemeSocketFactory { private final static SocketFactory factory = SocketFactory.getDefault(); diff --git a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/PollingSslProtocolSocketFactory.java b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/internal/commons/repositories/http/core/PollingSslProtocolSocketFactory.java index b83a091..f17d816 100644 --- a/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/commons/repositories/http/core/PollingSslProtocolSocketFactory.java +++ b/org.eclipse.mylyn.commons.repositories.http.core/src/org/eclipse/mylyn/internal/commons/repositories/http/core/PollingSslProtocolSocketFactory.java @@ -9,7 +9,7 @@ * Tasktop Technologies - initial API and implementation *******************************************************************************/ -package org.eclipse.mylyn.commons.repositories.http.core; +package org.eclipse.mylyn.internal.commons.repositories.http.core; import java.io.IOException; import java.net.InetSocketAddress; @@ -35,7 +35,7 @@ import org.eclipse.mylyn.commons.core.operations.MonitoredOperation; * * @author Steffen Pingel */ -class PollingSslProtocolSocketFactory implements LayeredSchemeSocketFactory { +public class PollingSslProtocolSocketFactory implements LayeredSchemeSocketFactory { private final SslSupport defaultSslSupport; diff --git a/org.eclipse.mylyn.commons.repositories.http.tests/src/org/eclipse/mylyn/commons/repositories/http/tests/CommonHttpClientTest.java b/org.eclipse.mylyn.commons.repositories.http.tests/src/org/eclipse/mylyn/commons/repositories/http/tests/CommonHttpClientTest.java index 8ca5d95..52e0c41 100644 --- a/org.eclipse.mylyn.commons.repositories.http.tests/src/org/eclipse/mylyn/commons/repositories/http/tests/CommonHttpClientTest.java +++ b/org.eclipse.mylyn.commons.repositories.http.tests/src/org/eclipse/mylyn/commons/repositories/http/tests/CommonHttpClientTest.java @@ -16,6 +16,7 @@ import static org.junit.Assert.assertEquals; import java.io.IOException; import javax.net.ssl.SSLException; +import javax.net.ssl.TrustManager; import org.apache.http.HttpResponse; import org.apache.http.HttpStatus; @@ -23,7 +24,10 @@ import org.apache.http.auth.AuthScope; import org.apache.http.auth.Credentials; import org.apache.http.auth.UsernamePasswordCredentials; import org.apache.http.client.methods.HttpGet; +import org.apache.http.conn.scheme.Scheme; import org.apache.http.util.EntityUtils; +import org.eclipse.mylyn.commons.core.net.SslSupport; +import org.eclipse.mylyn.commons.core.net.TrustAllTrustManager; import org.eclipse.mylyn.commons.core.operations.IOperationMonitor; import org.eclipse.mylyn.commons.repositories.core.RepositoryLocation; import org.eclipse.mylyn.commons.repositories.core.auth.AuthenticationType; @@ -33,6 +37,7 @@ import org.eclipse.mylyn.commons.repositories.http.core.CommonHttpResponse; import org.eclipse.mylyn.commons.repositories.http.core.HttpRequestProcessor; import org.eclipse.mylyn.commons.repositories.http.core.HttpUtil; import org.eclipse.mylyn.commons.sdk.util.CommonTestUtil; +import org.eclipse.mylyn.internal.commons.repositories.http.core.PollingSslProtocolSocketFactory; import org.junit.Test; /** @@ -41,6 +46,68 @@ import org.junit.Test; public class CommonHttpClientTest { @Test + public void testCertificateAuthenticationCertificate() throws Exception { + RepositoryLocation location = new RepositoryLocation(); + location.setUrl("https://mylyn.org/secure/index.txt"); + location.setCredentials(AuthenticationType.CERTIFICATE, CommonTestUtil.getCertificateCredentials()); + + HttpGet request = new HttpGet(location.getUrl()); + CommonHttpClient client = new CommonHttpClient(location); + HttpResponse response = client.execute(request, null); + try { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + assertEquals("secret\n", EntityUtils.toString(response.getEntity())); + } finally { + HttpUtil.release(request, response, null); + } + } + + @Test(expected = SSLException.class) + public void testCertificateAuthenticationCertificateReset() throws Exception { + RepositoryLocation location = new RepositoryLocation(); + location.setUrl("https://mylyn.org/secure/index.txt"); + location.setCredentials(AuthenticationType.CERTIFICATE, CommonTestUtil.getCertificateCredentials()); + + HttpGet request = new HttpGet(location.getUrl()); + CommonHttpClient client = new CommonHttpClient(location); + // work-around for bug 369805 + Scheme oldScheme = setUpDefaultFactory(client); + try { + HttpResponse response = client.execute(request, null); + try { + assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); + } finally { + HttpUtil.release(request, response, null); + } + + location.setCredentials(AuthenticationType.CERTIFICATE, null); + // the request should now fail + request = new HttpGet(location.getUrl()); + response = client.execute(request, null); + HttpUtil.release(request, response, null); + } finally { + tearDownDefaultFactory(client, oldScheme); + } + } + + @Test(expected = SSLException.class) + public void testCertificateAuthenticationNoCertificate() throws Exception { + RepositoryLocation location = new RepositoryLocation(); + location.setUrl("https://mylyn.org/secure/index.txt"); + + HttpGet request = new HttpGet(location.getUrl()); + CommonHttpClient client = new CommonHttpClient(location); + // work-around for bug 369805 + Scheme oldScheme = setUpDefaultFactory(client); + try { + HttpResponse response = client.execute(request, null); + HttpUtil.release(request, response, null); + } finally { + tearDownDefaultFactory(client, oldScheme); + } + } + + @Test public void testExecuteGet() throws IOException { RepositoryLocation location = new RepositoryLocation("http://mylyn.org"); CommonHttpClient client = new CommonHttpClient(location); @@ -116,54 +183,18 @@ public class CommonHttpClientTest { } } - @Test(expected = SSLException.class) - public void testCertificateAuthenticationNoCertificate() throws Exception { - RepositoryLocation location = new RepositoryLocation(); - location.setUrl("https://mylyn.org/secure/index.txt"); - - HttpGet request = new HttpGet(location.getUrl()); - CommonHttpClient client = new CommonHttpClient(location); - HttpResponse response = client.execute(request, null); - HttpUtil.release(request, response, null); + private Scheme setUpDefaultFactory(CommonHttpClient client) { + PollingSslProtocolSocketFactory factory = new PollingSslProtocolSocketFactory(new SslSupport( + new TrustManager[] { new TrustAllTrustManager() }, null, null, null)); + Scheme oldScheme = client.getHttpClient() + .getConnectionManager() + .getSchemeRegistry() + .register(new Scheme("https", 443, factory)); //$NON-NLS-1$ + return oldScheme; } - @Test - public void testCertificateAuthenticationCertificate() throws Exception { - RepositoryLocation location = new RepositoryLocation(); - location.setUrl("https://mylyn.org/secure/index.txt"); - location.setCredentials(AuthenticationType.CERTIFICATE, CommonTestUtil.getCertificateCredentials()); - - HttpGet request = new HttpGet(location.getUrl()); - CommonHttpClient client = new CommonHttpClient(location); - HttpResponse response = client.execute(request, null); - try { - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); - assertEquals("secret\n", EntityUtils.toString(response.getEntity())); - } finally { - HttpUtil.release(request, response, null); - } - } - - @Test(expected = SSLException.class) - public void testCertificateAuthenticationCertificateReset() throws Exception { - RepositoryLocation location = new RepositoryLocation(); - location.setUrl("https://mylyn.org/secure/index.txt"); - location.setCredentials(AuthenticationType.CERTIFICATE, CommonTestUtil.getCertificateCredentials()); - - HttpGet request = new HttpGet(location.getUrl()); - CommonHttpClient client = new CommonHttpClient(location); - HttpResponse response = client.execute(request, null); - try { - assertEquals(HttpStatus.SC_OK, response.getStatusLine().getStatusCode()); - } finally { - HttpUtil.release(request, response, null); - } - - location.setCredentials(AuthenticationType.CERTIFICATE, null); - // the request should now fail - request = new HttpGet(location.getUrl()); - response = client.execute(request, null); - HttpUtil.release(request, response, null); + private void tearDownDefaultFactory(CommonHttpClient client, Scheme oldScheme) { + client.getHttpClient().getConnectionManager().getSchemeRegistry().register(oldScheme); } } diff --git a/org.eclipse.mylyn.commons.tests/src/org/eclipse/mylyn/commons/tests/net/WebUtilTest.java b/org.eclipse.mylyn.commons.tests/src/org/eclipse/mylyn/commons/tests/net/WebUtilTest.java index 1242952..f330d15 100644 --- a/org.eclipse.mylyn.commons.tests/src/org/eclipse/mylyn/commons/tests/net/WebUtilTest.java +++ b/org.eclipse.mylyn.commons.tests/src/org/eclipse/mylyn/commons/tests/net/WebUtilTest.java @@ -517,7 +517,7 @@ public class WebUtilTest extends TestCase { } public void testLocationConnectSslClientCert() throws Exception { - String url = "https://mylyn.eclipse.org/secure/"; + String url = "https://mylyn.org/secure/"; AbstractWebLocation location = new WebLocation(url, null, null, null); HostConfiguration hostConfiguration = WebUtil.createHostConfiguration(client, location, null); |