public HttpRoute determineRoute(HttpHost target, HttpRequest request, HttpContext context)
throws HttpException {
if (request == null) {
throw new IllegalStateException("Request must not be null.");
}
// If we have a forced route, we can do without a target.
HttpRoute route = ConnRouteParams.getForcedRoute(request.getParams());
if (route != null) return route;
// If we get here, there is no forced route.
// So we need a target to compute a route.
if (target == null) {
throw new IllegalStateException("Target host must not be null.");
}
final InetAddress local = ConnRouteParams.getLocalAddress(request.getParams());
final HttpHost proxy = ConnRouteParams.getDefaultProxy(request.getParams());
final Scheme schm = schemeRegistry.getScheme(target.getSchemeName());
// as it is typically used for TLS/SSL, we assume that
// a layered scheme implies a secure connection
final boolean secure = schm.isLayered();
if (proxy == null) {
route = new HttpRoute(target, local, secure);
} else {
route = new HttpRoute(target, local, proxy, secure);
}
return route;
}
/**
* Creates the CONNECT request for tunnelling. Called by {@link #createTunnelToTarget
* createTunnelToTarget}.
*
* @param route the route to establish
* @param context the context for request execution
* @return the CONNECT request for tunnelling
*/
protected HttpRequest createConnectRequest(HttpRoute route, HttpContext context) {
// see RFC 2817, section 5.2 and
// INTERNET-DRAFT: Tunneling TCP based protocols through
// Web proxy servers
HttpHost target = route.getTargetHost();
String host = target.getHostName();
int port = target.getPort();
if (port < 0) {
Scheme scheme = connManager.getSchemeRegistry().getScheme(target.getSchemeName());
port = scheme.getDefaultPort();
}
StringBuilder buffer = new StringBuilder(host.length() + 6);
buffer.append(host);
buffer.append(':');
buffer.append(Integer.toString(port));
String authority = buffer.toString();
ProtocolVersion ver = HttpProtocolParams.getVersion(params);
HttpRequest req = new BasicHttpRequest("CONNECT", authority, ver);
return req;
}
/* (non-Javadoc)
* @see java.net.URLConnection#connect()
*/
@Override
public void connect() throws IOException {
if (m_client != null) {
return;
}
final HttpParams httpParams = new BasicHttpParams();
if (m_request != null) {
int timeout = m_request.getParameterAsInt("timeout");
if (timeout > 0) {
HttpConnectionParams.setConnectionTimeout(httpParams, timeout);
HttpConnectionParams.setSoTimeout(httpParams, timeout);
}
}
m_client = new DefaultHttpClient(httpParams);
m_client.addRequestInterceptor(new RequestAcceptEncoding());
m_client.addResponseInterceptor(new ResponseContentEncoding());
if (m_request != null) {
int retries = m_request.getParameterAsInt("retries");
if (retries > 0) {
m_client.setHttpRequestRetryHandler(
new DefaultHttpRequestRetryHandler() {
@Override
public boolean retryRequest(
IOException exception, int executionCount, HttpContext context) {
if (executionCount <= getRetryCount()
&& (exception instanceof SocketTimeoutException
|| exception instanceof ConnectTimeoutException)) {
return true;
}
return super.retryRequest(exception, executionCount, context);
}
});
}
String disableSslVerification = m_request.getParameter("disable-ssl-verification");
if (Boolean.parseBoolean(disableSslVerification)) {
final SchemeRegistry registry = m_client.getConnectionManager().getSchemeRegistry();
final Scheme https = registry.getScheme("https");
try {
SSLSocketFactory factory =
new SSLSocketFactory(
SSLContext.getInstance(EmptyKeyRelaxedTrustSSLContext.ALGORITHM),
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
final Scheme lenient = new Scheme(https.getName(), https.getDefaultPort(), factory);
registry.register(lenient);
} catch (NoSuchAlgorithmException e) {
LOG.warn(e.getMessage());
}
}
}
}
private void updateAuthState(
final AuthState authState, final HttpHost host, final CredentialsProvider credsProvider) {
if (!authState.isValid()) {
return;
}
String hostname = host.getHostName();
int port = host.getPort();
if (port < 0) {
Scheme scheme = connManager.getSchemeRegistry().getScheme(host);
port = scheme.getDefaultPort();
}
AuthScheme authScheme = authState.getAuthScheme();
AuthScope authScope =
new AuthScope(hostname, port, authScheme.getRealm(), authScheme.getSchemeName());
if (this.log.isDebugEnabled()) {
this.log.debug("Authentication scope: " + authScope);
}
Credentials creds = authState.getCredentials();
if (creds == null) {
creds = credsProvider.getCredentials(authScope);
if (this.log.isDebugEnabled()) {
if (creds != null) {
this.log.debug("Found credentials");
} else {
this.log.debug("Credentials not found");
}
}
} else {
if (authScheme.isComplete()) {
this.log.debug("Authentication failed");
creds = null;
}
}
authState.setAuthScope(authScope);
authState.setCredentials(creds);
}
// non-javadoc, see interface ClientConnectionOperator
public void updateSecureConnection(
OperatedClientConnection conn, HttpHost target, HttpContext context, HttpParams params)
throws IOException {
if (conn == null) {
throw new IllegalArgumentException("Connection must not be null.");
}
if (target == null) {
throw new IllegalArgumentException("Target host must not be null.");
}
// @@@ is context allowed to be null?
if (params == null) {
throw new IllegalArgumentException("Parameters must not be null.");
}
if (!conn.isOpen()) {
throw new IllegalArgumentException("Connection must be open.");
}
final Scheme schm = schemeRegistry.getScheme(target.getSchemeName());
if (!(schm.getSocketFactory() instanceof LayeredSocketFactory)) {
throw new IllegalArgumentException(
"Target scheme (" + schm.getName() + ") must have layered socket factory.");
}
final LayeredSocketFactory lsf = (LayeredSocketFactory) schm.getSocketFactory();
final Socket sock;
try {
sock =
lsf.createSocket(
conn.getSocket(), target.getHostName(), schm.resolvePort(target.getPort()), true);
} catch (ConnectException ex) {
throw new HttpHostConnectException(target, ex);
}
prepareSocket(sock, context, params);
conn.update(sock, target, lsf.isSecure(sock), params);
// @@@ error handling: close the layered socket in case of exception?
} // updateSecureConnection
// non-javadoc, see interface ClientConnectionOperator
public void openConnection(
OperatedClientConnection conn,
HttpHost target,
InetAddress local,
HttpContext context,
HttpParams params)
throws IOException {
if (conn == null) {
throw new IllegalArgumentException("Connection must not be null.");
}
if (target == null) {
throw new IllegalArgumentException("Target host must not be null.");
}
// local address may be null
// @@@ is context allowed to be null?
if (params == null) {
throw new IllegalArgumentException("Parameters must not be null.");
}
if (conn.isOpen()) {
throw new IllegalArgumentException("Connection must not be open.");
}
final Scheme schm = schemeRegistry.getScheme(target.getSchemeName());
final SocketFactory sf = schm.getSocketFactory();
final SocketFactory plain_sf;
final LayeredSocketFactory layered_sf;
if (sf instanceof LayeredSocketFactory) {
plain_sf = staticPlainSocketFactory;
layered_sf = (LayeredSocketFactory) sf;
} else {
plain_sf = sf;
layered_sf = null;
}
InetAddress[] addresses = InetAddress.getAllByName(target.getHostName());
for (int i = 0; i < addresses.length; ++i) {
Socket sock = plain_sf.createSocket();
conn.opening(sock, target);
try {
Socket connsock =
plain_sf.connectSocket(
sock,
addresses[i].getHostAddress(),
schm.resolvePort(target.getPort()),
local,
0,
params);
if (sock != connsock) {
sock = connsock;
conn.opening(sock, target);
}
/*
* prepareSocket is called on the just connected
* socket before the creation of the layered socket to
* ensure that desired socket options such as
* TCP_NODELAY, SO_RCVTIMEO, SO_LINGER will be set
* before any I/O is performed on the socket. This
* happens in the common case as
* SSLSocketFactory.createSocket performs hostname
* verification which requires that SSL handshaking be
* performed.
*/
prepareSocket(sock, context, params);
if (layered_sf != null) {
Socket layeredsock =
layered_sf.createSocket(
sock, target.getHostName(), schm.resolvePort(target.getPort()), true);
if (layeredsock != sock) {
conn.opening(layeredsock, target);
}
conn.openCompleted(sf.isSecure(layeredsock), params);
} else {
conn.openCompleted(sf.isSecure(sock), params);
}
break;
// BEGIN android-changed
// catch SocketException to cover any kind of connect failure
} catch (SocketException ex) {
if (i == addresses.length - 1) {
ConnectException cause =
ex instanceof ConnectException
? (ConnectException) ex
: new ConnectException(ex.getMessage(), ex);
throw new HttpHostConnectException(target, cause);
}
// END android-changed
} catch (ConnectTimeoutException ex) {
if (i == addresses.length - 1) {
throw ex;
}
}
}
} // openConnection
