jmeter-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pmoua...@apache.org
Subject svn commit: r1854618 - in /jmeter/trunk/src: core/org/apache/jmeter/util/ protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/ protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/
Date Fri, 01 Mar 2019 21:27:31 GMT
Author: pmouawad
Date: Fri Mar  1 21:27:31 2019
New Revision: 1854618

URL: http://svn.apache.org/viewvc?rev=1854618&view=rev
Log:
Bug 63185 - Add option to implicitly trust SSL/TLS connections/Disable hostname verification

Factor use of Trust All Socket Factory
Bugzilla Id: 63185

Added:
    jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java   (with props)
Removed:
    jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/TrustAllSocketFactory.java
Modified:
    jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java
    jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java

Added: jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java?rev=1854618&view=auto
==============================================================================
--- jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java (added)
+++ jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java Fri Mar  1
21:27:31 2019
@@ -0,0 +1,171 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.jmeter.util;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509ExtendedTrustManager;
+
+/**
+ * This class can be used as a SocketFactory with SSL-connections.
+ * Its purpose is to ensure that all certificates - no matter from which CA - are accepted
to secure the SSL-connection.
+ */
+public class TrustAllSSLSocketFactory extends SSLSocketFactory  {
+
+    private final SSLSocketFactory factory;
+    
+    // Empty arrays are immutable
+    private static final X509Certificate[] EMPTY_X509Certificate = new X509Certificate[0];
+
+    /**
+     * Standard constructor
+     */
+    public TrustAllSSLSocketFactory(){
+        SSLContext sslcontext = null;
+        try {
+            sslcontext = SSLContext.getInstance("TLS"); // $NON-NLS-1$
+            sslcontext.init( null, new TrustManager[]{
+                    new X509ExtendedTrustManager() {
+                        @Override
+                        public java.security.cert.X509Certificate[] getAcceptedIssuers()
{
+                            return EMPTY_X509Certificate;
+                        }
+                        @Override
+                        public void checkClientTrusted(X509Certificate[] certs, String authType)
{
+                            // NOOP
+                        }
+                        @Override
+                        public void checkServerTrusted(X509Certificate[] certs, String authType)
{
+                            // NOOP
+                        }
+                        @Override
+                        public void checkClientTrusted(X509Certificate[] arg0, String arg1,
Socket arg2)
+                            throws CertificateException {
+                            // NOOP
+                        }
+                        @Override
+                        public void checkClientTrusted(X509Certificate[] arg0, String arg1,
SSLEngine arg2)
+                            throws CertificateException {
+                            // NOOP
+                        }
+                        @Override
+                        public void checkServerTrusted(X509Certificate[] arg0, String arg1,
Socket arg2)
+                            throws CertificateException {
+                            // NOOP
+                        }
+                        @Override
+                        public void checkServerTrusted(X509Certificate[] arg0, String arg1,
SSLEngine arg2)
+                            throws CertificateException {
+                            // NOOP
+                        }
+                    }
+                },
+                        new java.security.SecureRandom());
+        } catch (Exception e) {
+            throw new IllegalStateException("Could not create the SSL context",e);
+        }
+        factory = sslcontext.getSocketFactory();
+    }
+
+    /**
+     * Factory method
+     * @return New TrustAllSSLSocketFactory
+     */
+    public static synchronized SocketFactory getDefault() {
+        return new TrustAllSSLSocketFactory();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket( Socket socket, String s, int i, boolean
+            flag)
+            throws IOException {
+        return factory.createSocket( socket, s, i, flag);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket( InetAddress inaddr, int i,
+            InetAddress inaddr1, int j) throws IOException {
+        return factory.createSocket( inaddr, i, inaddr1, j);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket( InetAddress inaddr, int i) throws
+            IOException {
+        return factory.createSocket( inaddr, i);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket( String s, int i, InetAddress inaddr, int j)
+    throws IOException {
+        return factory.createSocket( s, i, inaddr, j);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket( String s, int i) throws IOException {
+        return factory.createSocket( s, i);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public Socket createSocket() throws IOException {
+        return factory.createSocket();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String[] getDefaultCipherSuites() {
+        return factory.getSupportedCipherSuites();
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public String[] getSupportedCipherSuites() {
+        return factory.getSupportedCipherSuites();
+    }
+}

Propchange: jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: jmeter/trunk/src/core/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java?rev=1854618&r1=1854617&r2=1854618&view=diff
==============================================================================
--- jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java
(original)
+++ jmeter/trunk/src/protocol/ldap/org/apache/jmeter/protocol/ldap/sampler/LdapExtClient.java
Fri Mar  1 21:27:31 2019
@@ -30,6 +30,7 @@ import javax.naming.directory.Modificati
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 
+import org.apache.jmeter.util.TrustAllSSLSocketFactory;
 import org.apache.jorphan.util.JOrphanUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -91,7 +92,7 @@ public class LdapExtClient {
             sb.append("ldaps://"); // $NON-NLS-1$
             if (trustAll){
                 log.debug("Using secure connection with trustAll");
-                env.put("java.naming.ldap.factory.socket", TrustAllSocketFactory.class.getName());
+                env.put("java.naming.ldap.factory.socket", TrustAllSSLSocketFactory.class.getName());
             }
         } else {
             sb.append("ldap://"); // $NON-NLS-1$

Modified: jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
URL: http://svn.apache.org/viewvc/jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java?rev=1854618&r1=1854617&r2=1854618&view=diff
==============================================================================
--- jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
(original)
+++ jmeter/trunk/src/protocol/mail/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
Fri Mar  1 21:27:31 2019
@@ -32,7 +32,9 @@ import javax.net.ssl.X509TrustManager;
 /**
  * This class can be used as a SocketFactory with SSL-connections.
  * Its purpose is to ensure that all certificates - no matter from which CA - are accepted
to secure the SSL-connection.
+ * @deprecated Will be removed in next version, use {@link org.apache.jmeter.util.TrustAllSSLSocketFactory}
  */
+@Deprecated
 public class TrustAllSSLSocketFactory extends SSLSocketFactory  {
 
     private final SSLSocketFactory factory;



Mime
View raw message