Skip to content

Commit

Permalink
JENKINS-41934 Added conf to ignore certificate
Browse files Browse the repository at this point in the history
  • Loading branch information
@janario
janario committed Mar 18, 2017
1 parent 2e9ba33 commit 5d631d5
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 19 deletions.
46 changes: 29 additions & 17 deletions src/main/java/jenkins/plugins/http_request/HttpRequest.java
View file
Expand Up @@ -74,7 +74,8 @@
public class HttpRequest extends Builder {

private @Nonnull String url;
private HttpMode httpMode = DescriptorImpl.httpMode;
private Boolean ignoreSslErrors = DescriptorImpl.ignoreSslErrors;
private HttpMode httpMode = DescriptorImpl.httpMode;
private Boolean passBuildParameters = DescriptorImpl.passBuildParameters;
private String validResponseCodes = DescriptorImpl.validResponseCodes;
private String validResponseContent = DescriptorImpl.validResponseContent;
Expand All @@ -92,7 +93,12 @@ public HttpRequest(@Nonnull String url) {
this.url = url;
}

@DataBoundSetter
@DataBoundSetter
public void setIgnoreSslErrors(Boolean ignoreSslErrors) {
this.ignoreSslErrors = ignoreSslErrors;
}

@DataBoundSetter
public void setHttpMode(HttpMode httpMode) {
this.httpMode = httpMode;
}
Expand Down Expand Up @@ -166,7 +172,11 @@ protected Object readResolve() {
if (validResponseCodes == null || validResponseCodes.trim().isEmpty()) {
validResponseCodes = DescriptorImpl.validResponseCodes;
}
return this;
if (ignoreSslErrors == null) {
//default for new job false(DescriptorImpl.ignoreSslErrors) for old ones true to keep same behavior
ignoreSslErrors = true;
}
return this;
}

public @Nonnull String getUrl() {
Expand Down Expand Up @@ -313,19 +323,20 @@ private ResponseContentSupplier authAndRequest(RequestAction requestAction, Prin
clientBuilder.setDefaultRequestConfig(config);
}
//ssl
try {
//TODO JENKINS-41934 will parametrize 'ignoreSslErro', default false. Make compatibility to true in olders
SSLContextBuilder builder = SSLContextBuilder.create();
builder.loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
});
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE);
clientBuilder.setSSLSocketFactory(sslsf);
} catch (KeyStoreException | NoSuchAlgorithmException | KeyManagementException e) {
throw new IllegalStateException(e);
if (ignoreSslErrors) {
try {
SSLContextBuilder builder = SSLContextBuilder.create();
builder.loadTrustMaterial(null, new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
return true;
}
});
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(builder.build(), NoopHostnameVerifier.INSTANCE);
clientBuilder.setSSLSocketFactory(sslsf);
} catch (KeyStoreException | NoSuchAlgorithmException | KeyManagementException e) {
throw new IllegalStateException(e);
}
}

HttpClientUtil clientUtil = new HttpClientUtil();
Expand Down Expand Up @@ -455,7 +466,8 @@ private String evaluate(String value, VariableResolver<String> vars, Map<String,

@Extension
public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
public static final HttpMode httpMode = HttpMode.GET;
public static final boolean ignoreSslErrors = false;
public static final HttpMode httpMode = HttpMode.GET;
public static final Boolean passBuildParameters = false;
public static final String validResponseCodes = "100:399";
public static final String validResponseContent = "";
Expand Down
12 changes: 10 additions & 2 deletions src/main/java/jenkins/plugins/http_request/HttpRequestStep.java
View file
Expand Up @@ -27,7 +27,8 @@
public final class HttpRequestStep extends AbstractStepImpl {

private @Nonnull String url;
private HttpMode httpMode = DescriptorImpl.httpMode;
private boolean ignoreSslErrors = DescriptorImpl.ignoreSslErrors;
private HttpMode httpMode = DescriptorImpl.httpMode;
private String validResponseCodes = DescriptorImpl.validResponseCodes;
private String validResponseContent = DescriptorImpl.validResponseContent;
private MimeType acceptType = DescriptorImpl.acceptType;
Expand All @@ -47,7 +48,12 @@ public String getUrl() {
return url;
}

@DataBoundSetter
@DataBoundSetter
public void setIgnoreSslErrors(boolean ignoreSslErrors) {
this.ignoreSslErrors = ignoreSslErrors;
}

@DataBoundSetter
public void setHttpMode(HttpMode httpMode) {
this.httpMode = httpMode;
}
Expand Down Expand Up @@ -143,6 +149,7 @@ public DescriptorImpl getDescriptor() {
}
@Extension
public static final class DescriptorImpl extends AbstractStepDescriptorImpl {
public static final boolean ignoreSslErrors = HttpRequest.DescriptorImpl.ignoreSslErrors;
public static final HttpMode httpMode = HttpRequest.DescriptorImpl.httpMode;
public static final String validResponseCodes = HttpRequest.DescriptorImpl.validResponseCodes;
public static final String validResponseContent = HttpRequest.DescriptorImpl.validResponseContent;
Expand Down Expand Up @@ -205,6 +212,7 @@ public static final class Execution extends AbstractSynchronousNonBlockingStepEx
@Override
protected ResponseContentSupplier run() throws Exception {
HttpRequest httpRequest = new HttpRequest(step.url);
httpRequest.setIgnoreSslErrors(step.ignoreSslErrors);
httpRequest.setHttpMode(step.httpMode);
httpRequest.setConsoleLogResponseBody(step.consoleLogResponseBody);
httpRequest.setValidResponseCodes(step.validResponseCodes);
Expand Down
3 changes: 3 additions & 0 deletions src/main/resources/jenkins/plugins/http_request/HttpRequest/config.jelly
View file
Expand Up @@ -6,6 +6,9 @@
<f:entry field="httpMode" title="HTTP mode" help="/plugin/http_request/help-httpMode.html">
<f:select />
</f:entry>
<f:entry field="ignoreSslErrors" title="Ignore Ssl errors?" help="/plugin/http_request/help-ignoreSslErrors.html">
<f:booleanRadio />
</f:entry>

<f:advanced>
<f:section title="Authorization">
Expand Down
3 changes: 3 additions & 0 deletions src/main/webapp/help-ignoreSslErrors.html
View file
@@ -0,0 +1,3 @@
<div>
<p>If set to true a request with https will trust in the certificate even when it is invalid or expire</p>
</div>

0 comments on commit 5d631d5

Please sign in to comment.