Skip to content

Commit

Permalink
Realigned the behavior of TLS upgrade in the classic and async connec…
Browse files Browse the repository at this point in the history
…tion operators
  • Loading branch information
ok2c committed Jan 22, 2024
1 parent e4ac7c2 commit fd2961a
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 13 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,6 @@
import org.apache.hc.core5.annotation.ThreadingBehavior;
import org.apache.hc.core5.http.ConnectionClosedException;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.URIScheme;
import org.apache.hc.core5.http.config.Lookup;
import org.apache.hc.core5.http.io.SocketConfig;
import org.apache.hc.core5.http.protocol.HttpContext;
Expand Down Expand Up @@ -226,7 +225,7 @@ public void connect(
host.getHostName(), host.getPort(), localAddress, remoteAddress, ConnPoolSupport.getId(conn));
}
final TlsSocketStrategy tlsSocketStrategy = tlsSocketStrategyLookup != null ? tlsSocketStrategyLookup.lookup(host.getSchemeName()) : null;
if (tlsSocketStrategy != null && URIScheme.HTTPS.same(host.getSchemeName())) {
if (tlsSocketStrategy != null) {
final Socket upgradedSocket = tlsSocketStrategy.upgrade(socket, host.getHostName(), port, attachment, context);
conn.bind(upgradedSocket);
}
Expand Down Expand Up @@ -266,18 +265,18 @@ public void upgrade(
final HttpHost host,
final Object attachment,
final HttpContext context) throws IOException {
final TlsSocketStrategy tlsSocketStrategy = tlsSocketStrategyLookup != null ? tlsSocketStrategyLookup.lookup(host.getSchemeName()) : null;
if (tlsSocketStrategy == null) {
throw new UnsupportedSchemeException(host.getSchemeName() +
" protocol is not supported");
}
final Socket socket = conn.getSocket();
if (socket == null) {
throw new ConnectionClosedException("Connection is closed");
}
final int port = this.schemePortResolver.resolve(host);
final SSLSocket upgradedSocket = tlsSocketStrategy.upgrade(socket, host.getHostName(), port, attachment, context);
conn.bind(upgradedSocket);
final TlsSocketStrategy tlsSocketStrategy = tlsSocketStrategyLookup != null ? tlsSocketStrategyLookup.lookup(host.getSchemeName()) : null;
if (tlsSocketStrategy != null) {
final int port = this.schemePortResolver.resolve(host);
final SSLSocket upgradedSocket = tlsSocketStrategy.upgrade(socket, host.getHostName(), port, attachment, context);
conn.bind(upgradedSocket);
} else {
throw new UnsupportedSchemeException(host.getSchemeName() + " protocol is not supported");
}
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@

import org.apache.hc.client5.http.DnsResolver;
import org.apache.hc.client5.http.SchemePortResolver;
import org.apache.hc.client5.http.UnsupportedSchemeException;
import org.apache.hc.client5.http.config.TlsConfig;
import org.apache.hc.client5.http.impl.DefaultSchemePortResolver;
import org.apache.hc.client5.http.nio.AsyncClientConnectionOperator;
Expand All @@ -44,7 +45,6 @@
import org.apache.hc.core5.concurrent.FutureCallback;
import org.apache.hc.core5.concurrent.FutureContribution;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.URIScheme;
import org.apache.hc.core5.http.config.Lookup;
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
import org.apache.hc.core5.http.protocol.HttpContext;
Expand Down Expand Up @@ -109,7 +109,7 @@ public Future<ManagedAsyncClientConnection> connect(
public void completed(final IOSession session) {
final DefaultManagedAsyncClientConnection connection = new DefaultManagedAsyncClientConnection(session);
final TlsStrategy tlsStrategy = tlsStrategyLookup != null ? tlsStrategyLookup.lookup(host.getSchemeName()) : null;
if (tlsStrategy != null && URIScheme.HTTPS.same(host.getSchemeName())) {
if (tlsStrategy != null) {
try {
final Timeout socketTimeout = connection.getSocketTimeout();
final Timeout handshakeTimeout = tlsConfig.getHandshakeTimeout();
Expand Down Expand Up @@ -191,8 +191,9 @@ public void completed(final TransportSecurityLayer transportSecurityLayer) {
}

});
} else {
callback.failed(new UnsupportedSchemeException(host.getSchemeName() + " protocol is not supported"));
}

}

}
Original file line number Diff line number Diff line change
Expand Up @@ -262,6 +262,9 @@ public void testUpgradeUpsupportedScheme() throws Exception {
final HttpContext context = new BasicHttpContext();
final HttpHost host = new HttpHost("httpsssss", "somehost", -1);

Mockito.when(conn.isOpen()).thenReturn(true);
Mockito.when(conn.getSocket()).thenReturn(socket);

Assertions.assertThrows(UnsupportedSchemeException.class, () ->
connectionOperator.upgrade(conn, host, context));
}
Expand All @@ -271,6 +274,9 @@ public void testUpgradeNonLayeringScheme() throws Exception {
final HttpContext context = new BasicHttpContext();
final HttpHost host = new HttpHost("http", "somehost", -1);

Mockito.when(conn.isOpen()).thenReturn(true);
Mockito.when(conn.getSocket()).thenReturn(socket);

Assertions.assertThrows(UnsupportedSchemeException.class, () ->
connectionOperator.upgrade(conn, host, context));
}
Expand Down

0 comments on commit fd2961a

Please sign in to comment.