This project has retired. For details please refer to its Attic page.
Source code 
001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *   http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.reef.runtime.hdinsight.client.sslhacks;
020
021import org.apache.http.conn.ClientConnectionManager;
022import org.apache.http.conn.scheme.Scheme;
023import org.apache.http.conn.scheme.SchemeRegistry;
024import org.apache.http.conn.ssl.SSLSocketFactory;
025import org.apache.http.impl.client.CloseableHttpClient;
026import org.apache.http.impl.client.DefaultHttpClient;
027import org.apache.http.impl.conn.BasicClientConnectionManager;
028import org.apache.reef.tang.ExternalConstructor;
029
030import javax.inject.Inject;
031import javax.net.ssl.KeyManager;
032import javax.net.ssl.SSLContext;
033import javax.net.ssl.TrustManager;
034import java.security.KeyManagementException;
035import java.security.NoSuchAlgorithmException;
036import java.security.SecureRandom;
037import java.util.logging.Level;
038import java.util.logging.Logger;
039
040/**
041 * A Client constructor that produces Clients that do not check SSL.
042 */
043public final class UnsafeClientConstructor implements ExternalConstructor<CloseableHttpClient> {
044
045  @Inject
046  UnsafeClientConstructor() {
047    Logger.getLogger(UnsafeClientConstructor.class.getName())
048        .log(Level.SEVERE, "DANGER: INSTANTIATING HTTP CLIENT WITH NO SSL CHECKS.");
049  }
050
051  @Override
052  public CloseableHttpClient newInstance() {
053    try {
054      final SSLSocketFactory socketFactory = new SSLSocketFactory(this.getSSLContext());
055      socketFactory.setHostnameVerifier(new UnsafeHostNameVerifier());
056      final SchemeRegistry schemeRegistry = new SchemeRegistry();
057      schemeRegistry.register(new Scheme("https", 443, socketFactory));
058      final ClientConnectionManager clientConnectionManager = new BasicClientConnectionManager(schemeRegistry);
059      return new DefaultHttpClient(clientConnectionManager);
060    } catch (final KeyManagementException | NoSuchAlgorithmException ex) {
061      throw new RuntimeException("Unable to instantiate HTTP Client", ex);
062    }
063  }
064
065  private SSLContext getSSLContext() throws KeyManagementException, NoSuchAlgorithmException {
066    final SSLContext sc = SSLContext.getInstance("TLS");
067    sc.init(new KeyManager[0], new TrustManager[]{new UnsafeTrustManager()}, new SecureRandom());
068    return sc;
069  }
070
071
072}