hazendaz / httpunit / 636

Committed 05 Dec 2025 03:27AM UTC coverage: 80.509%. Remained the same

Build # 636

Build Type

push

github

Committed by

hazendaz

Commit Message

Cleanup more old since tags

you guessed it, at this point going to jautodoc the rest so the warnings on builds go away ;)

Run Details

3213 of 4105 branches covered (78.27%)

Branch coverage included in aggregate %.

8249 of 10132 relevant lines covered (81.42%)

0.81 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

71.76

/src/main/java/com/meterware/httpunit/HttpsProtocolSupport.java

/*
 * MIT License
 *
 * Copyright 2011-2025 Russell Gold
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
 * documentation files (the "Software"), to deal in the Software without restriction, including without limitation
 * the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and
 * to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all copies or substantial portions
 * of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
 * THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
 * CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 * DEALINGS IN THE SOFTWARE.
 */
package com.meterware.httpunit;

import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;

/**
 * Encapsulates support for the HTTPS protocol.
 **/
public abstract class HttpsProtocolSupport {

    /** The name of the system parameter used by java.net to locate protocol handlers. **/
    private static final String PROTOCOL_HANDLER_PKGS = "java.protocol.handler.pkgs";

    // Sun Microsystems:
    public static final String SunJSSE_PROVIDER_CLASS = "com.sun.net.ssl.internal.ssl.Provider";
    // 741145: "sun.net.www.protocol.https";
    public static final String SunJSSE_PROVIDER_CLASS2 = "sun.net.www.protocol.https";
    public static final String SunSSL_PROTOCOL_HANDLER = "com.sun.net.ssl.internal.www.protocol";

    // IBM WebSphere
    // both ibm packages are inside ibmjsseprovider.jar that comes with WebSphere
    public static final String IBMJSSE_PROVIDER_CLASS = "com.ibm.jsse.IBMJSSEProvider";
    public static final String IBMSSL_PROTOCOL_HANDLER = "com.ibm.net.ssl.www.protocol";

    /** The name of the JSSE class which provides support for SSL. **/
    private static String JSSE_PROVIDER_CLASS = SunJSSE_PROVIDER_CLASS;
    /** The name of the JSSE class which supports the https protocol. **/
    private static String SSL_PROTOCOL_HANDLER = SunSSL_PROTOCOL_HANDLER;

    private static Class _httpsProviderClass;

    private static boolean _httpsSupportVerified;

    private static boolean _httpsProtocolSupportEnabled;

    /**
     * use the given SSL providers - reset the one used so far
     *
     * @param className
     * @param handlerName
     */
    public static void useProvider(String className, String handlerName) {
        _httpsProviderClass = null;
        JSSE_PROVIDER_CLASS = className;
        SSL_PROTOCOL_HANDLER = handlerName;
    }

    /**
     * use the IBM WebShpere handlers
     */
    public static void useIBM() {
        useProvider(IBMJSSE_PROVIDER_CLASS, IBMSSL_PROTOCOL_HANDLER);
    }

    /**
     * Returns true if the JSSE extension is installed.
     */
    static boolean hasHttpsSupport() {
        if (!_httpsSupportVerified) {
            try {
                getHttpsProviderClass();
            } catch (ClassNotFoundException e) {
            }
            _httpsSupportVerified = true;
        }
        return _httpsProviderClass != null;
    }

    /**
     * Attempts to register the JSSE extension if it is not already registered. Will throw an exception if unable to
     * register the extension.
     */
    static void verifyProtocolSupport(String protocol) {
        if (protocol.equalsIgnoreCase("http")) {
        }
        if (protocol.equalsIgnoreCase("https")) {
            validateHttpsProtocolSupport();
        }
    }

    private static void validateHttpsProtocolSupport() {
        if (!_httpsProtocolSupportEnabled) {
            verifyHttpsSupport();
            _httpsProtocolSupportEnabled = true;
        }
    }

    private static void verifyHttpsSupport() {
        try {
            Class providerClass = getHttpsProviderClass();
            if (!hasProvider(providerClass)) {
                Security.addProvider((Provider) providerClass.getDeclaredConstructor().newInstance());
            }
            registerSSLProtocolHandler();
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(
                    "https support requires the Java Secure Sockets Extension. See http://java.sun.com/products/jsse");
        } catch (Throwable e) {
            throw new RuntimeException("Unable to enable https support. Make sure that you have installed JSSE "
                    + "as described in http://java.sun.com/products/jsse/install.html: " + e);
        }
    }

    /**
     * get the Https Provider Class if it's been set already return it - otherwise check with the Security package and
     * take the first available provider if all fails take the default provider class
     *
     * @return the HttpsProviderClass
     *
     * @throws ClassNotFoundException
     */
    public static Class getHttpsProviderClass() throws ClassNotFoundException {
        if (_httpsProviderClass == null) {
            // [ 1520925 ] SSL patch
            Provider[] sslProviders = Security.getProviders("SSLContext.SSLv3");
            if (sslProviders.length > 0) {
                _httpsProviderClass = sslProviders[0].getClass();
            }
            if (_httpsProviderClass == null) {
                _httpsProviderClass = Class.forName(JSSE_PROVIDER_CLASS);
            }
        }
        return _httpsProviderClass;
    }

    private static boolean hasProvider(Class providerClass) {
        Provider[] list = Security.getProviders();
        for (Provider element : list) {
            if (element.getClass().equals(providerClass)) {
                return true;
            }
        }
        return false;
    }

    /**
     * convenience function: create a socket factory which uses an anything-goes trust manager. proposed by Florian
     * Weimar
     */
    public static SSLSocketFactory getSocketFactory() throws Exception {
        final SSLContext context = SSLContext.getInstance("TLS");
        context.init(null, new X509TrustManager[] { new X509TrustManager() {
            // @Override
            @Override
            public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
            }

            // @Override
            @Override
            public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
            }

            // @Override
            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

        } }, null);
        return context.getSocketFactory();
    }

    /**
     * register the Secure Socket Layer Protocol Handler
     */
    private static void registerSSLProtocolHandler() {
        String list = System.getProperty(PROTOCOL_HANDLER_PKGS);
        if (list == null || list.isEmpty()) {
            System.setProperty(PROTOCOL_HANDLER_PKGS, SSL_PROTOCOL_HANDLER);
        } else if (list.indexOf(SSL_PROTOCOL_HANDLER) < 0) {
            // [ 1516007 ] Default SSL provider not being used
            System.setProperty(PROTOCOL_HANDLER_PKGS, list + " | " + SSL_PROTOCOL_HANDLER);
        }
    }
}

1	/*
2	* MIT License
3	*
4	* Copyright 2011-2025 Russell Gold
5	*
6	* Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
7	* documentation files (the "Software"), to deal in the Software without restriction, including without limitation
8	* the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and
9	* to permit persons to whom the Software is furnished to do so, subject to the following conditions:
10	*
11	* The above copyright notice and this permission notice shall be included in all copies or substantial portions
12	* of the Software.
13	*
14	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
15	* THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16	* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
17	* CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
18	* DEALINGS IN THE SOFTWARE.
19	*/
20	package com.meterware.httpunit;
21
22	import java.security.Provider;
23	import java.security.Security;
24	import java.security.cert.CertificateException;
25	import java.security.cert.X509Certificate;
26
27	import javax.net.ssl.SSLContext;
28	import javax.net.ssl.SSLSocketFactory;
29	import javax.net.ssl.X509TrustManager;
30
31	/**
32	* Encapsulates support for the HTTPS protocol.
33	**/
34	public abstract class HttpsProtocolSupport {	×
35
36	/ The name of the system parameter used by java.net to locate protocol handlers. /
37	private static final String PROTOCOL_HANDLER_PKGS = "java.protocol.handler.pkgs";
38
39	// Sun Microsystems:
40	public static final String SunJSSE_PROVIDER_CLASS = "com.sun.net.ssl.internal.ssl.Provider";
41	// 741145: "sun.net.www.protocol.https";
42	public static final String SunJSSE_PROVIDER_CLASS2 = "sun.net.www.protocol.https";
43	public static final String SunSSL_PROTOCOL_HANDLER = "com.sun.net.ssl.internal.www.protocol";
44
45	// IBM WebSphere
46	// both ibm packages are inside ibmjsseprovider.jar that comes with WebSphere
47	public static final String IBMJSSE_PROVIDER_CLASS = "com.ibm.jsse.IBMJSSEProvider";
48	public static final String IBMSSL_PROTOCOL_HANDLER = "com.ibm.net.ssl.www.protocol";
49
50	/ The name of the JSSE class which provides support for SSL. /
51	private static String JSSE_PROVIDER_CLASS = SunJSSE_PROVIDER_CLASS;	1✔
52	/ The name of the JSSE class which supports the https protocol. /
53	private static String SSL_PROTOCOL_HANDLER = SunSSL_PROTOCOL_HANDLER;	1✔
54
55	private static Class _httpsProviderClass;
56
57	private static boolean _httpsSupportVerified;
58
59	private static boolean _httpsProtocolSupportEnabled;
60
61	/**
62	* use the given SSL providers - reset the one used so far
63	*
64	* @param className
65	* @param handlerName
66	*/
67	public static void useProvider(String className, String handlerName) {
68	_httpsProviderClass = null;	1✔
69	JSSE_PROVIDER_CLASS = className;	1✔
70	SSL_PROTOCOL_HANDLER = handlerName;	1✔
71	}	1✔
72
73	/**
74	* use the IBM WebShpere handlers
75	*/
76	public static void useIBM() {
77	useProvider(IBMJSSE_PROVIDER_CLASS, IBMSSL_PROTOCOL_HANDLER);	1✔
78	}	1✔
79
80	/**
81	* Returns true if the JSSE extension is installed.
82	*/
83	static boolean hasHttpsSupport() {
84	if (!_httpsSupportVerified) {	1✔
85	try {
86	getHttpsProviderClass();	1✔
87	} catch (ClassNotFoundException e) {	×
88	}	1✔
89	_httpsSupportVerified = true;	1✔
90	}
91	return _httpsProviderClass != null;	1!
92	}
93
94	/**
95	* Attempts to register the JSSE extension if it is not already registered. Will throw an exception if unable to
96	* register the extension.
97	*/
98	static void verifyProtocolSupport(String protocol) {
99	if (protocol.equalsIgnoreCase("http")) {	1✔
100	}
101	if (protocol.equalsIgnoreCase("https")) {	1✔
102	validateHttpsProtocolSupport();	1✔
103	}
104	}	1✔
105
106	private static void validateHttpsProtocolSupport() {
107	if (!_httpsProtocolSupportEnabled) {	1✔
108	verifyHttpsSupport();	1✔
109	_httpsProtocolSupportEnabled = true;	1✔
110	}
111	}	1✔
112
113	private static void verifyHttpsSupport() {
114	try {
115	Class providerClass = getHttpsProviderClass();	1✔
116	if (!hasProvider(providerClass)) {	1!
117	Security.addProvider((Provider) providerClass.getDeclaredConstructor().newInstance());	×
118	}
119	registerSSLProtocolHandler();	1✔
120	} catch (ClassNotFoundException e) {	×
121	throw new RuntimeException(	×
122	"https support requires the Java Secure Sockets Extension. See http://java.sun.com/products/jsse");
123	} catch (Throwable e) {	×
124	throw new RuntimeException("Unable to enable https support. Make sure that you have installed JSSE "	×
125	+ "as described in http://java.sun.com/products/jsse/install.html: " + e);
126	}	1✔
127	}	1✔
128
129	/**
130	* get the Https Provider Class if it's been set already return it - otherwise check with the Security package and
131	* take the first available provider if all fails take the default provider class
132	*
133	* @return the HttpsProviderClass
134	*
135	* @throws ClassNotFoundException
136	*/
137	public static Class getHttpsProviderClass() throws ClassNotFoundException {
138	if (_httpsProviderClass == null) {	1✔
139	// [ 1520925 ] SSL patch
140	Provider[] sslProviders = Security.getProviders("SSLContext.SSLv3");	1✔
141	if (sslProviders.length > 0) {	1!
142	_httpsProviderClass = sslProviders[0].getClass();	1✔
143	}
144	if (_httpsProviderClass == null) {	1!
145	_httpsProviderClass = Class.forName(JSSE_PROVIDER_CLASS);	×
146	}
147	}
148	return _httpsProviderClass;	1✔
149	}
150
151	private static boolean hasProvider(Class providerClass) {
152	Provider[] list = Security.getProviders();	1✔
153	for (Provider element : list) {	1!
154	if (element.getClass().equals(providerClass)) {	1✔
155	return true;	1✔
156	}
157	}
158	return false;	×
159	}
160
161	/**
162	* convenience function: create a socket factory which uses an anything-goes trust manager. proposed by Florian
163	* Weimar
164	*/
165	public static SSLSocketFactory getSocketFactory() throws Exception {
166	final SSLContext context = SSLContext.getInstance("TLS");	1✔
167	context.init(null, new X509TrustManager[] { new X509TrustManager() {	1✔
168	// @Override
169	@Override
170	public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
171	}	×
172
173	// @Override
174	@Override
175	public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
176	}	×
177
178	// @Override
179	@Override
180	public X509Certificate[] getAcceptedIssuers() {
181	return null;	×
182	}
183
184	} }, null);
185	return context.getSocketFactory();	1✔
186	}
187
188	/**
189	* register the Secure Socket Layer Protocol Handler
190	*/
191	private static void registerSSLProtocolHandler() {
192	String list = System.getProperty(PROTOCOL_HANDLER_PKGS);	1✔
193	if (list == null \|\| list.isEmpty()) {	1!
194	System.setProperty(PROTOCOL_HANDLER_PKGS, SSL_PROTOCOL_HANDLER);	1✔
195	} else if (list.indexOf(SSL_PROTOCOL_HANDLER) < 0) {	×
196	// [ 1516007 ] Default SSL provider not being used
197	System.setProperty(PROTOCOL_HANDLER_PKGS, list + " \| " + SSL_PROTOCOL_HANDLER);	×
198	}
199	}	1✔
200	}

hazendaz / httpunit / 636

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous