示例#1
0
 /**
  * * Connect to an EC2 instance.
  *
  * @return {@link AmazonEC2} client
  */
 public static synchronized AmazonEC2 connect(
     AWSCredentialsProvider credentialsProvider, URL endpoint) {
   awsCredentialsProvider = credentialsProvider;
   ClientConfiguration config = new ClientConfiguration();
   config.setMaxErrorRetry(16); // Default retry limit (3) is low and often
   // cause problems. Raise it a bit.
   // See: https://issues.jenkins-ci.org/browse/JENKINS-26800
   config.setSignerOverride("QueryStringSignerType");
   ProxyConfiguration proxyConfig = Jenkins.getInstance().proxy;
   Proxy proxy =
       proxyConfig == null ? Proxy.NO_PROXY : proxyConfig.createProxy(endpoint.getHost());
   if (!proxy.equals(Proxy.NO_PROXY) && proxy.address() instanceof InetSocketAddress) {
     InetSocketAddress address = (InetSocketAddress) proxy.address();
     config.setProxyHost(address.getHostName());
     config.setProxyPort(address.getPort());
     if (null != proxyConfig.getUserName()) {
       config.setProxyUsername(proxyConfig.getUserName());
       config.setProxyPassword(proxyConfig.getPassword());
     }
   }
   AmazonEC2 client = new AmazonEC2Client(credentialsProvider, config);
   client.setEndpoint(endpoint.toString());
   return client;
 }
  /**
   * Returns the HttpClient through which the REST call is made. Uses an unsafe TrustStrategy in
   * case the user specified a HTTPS URL and set the ignoreUnverifiedSSLPeer flag.
   *
   * @param logger the logger to log messages to
   * @return the HttpClient
   */
  private HttpClient getHttpClient(PrintStream logger) throws Exception {
    boolean ignoreUnverifiedSSL = ignoreUnverifiedSSLPeer;
    String stashServer = stashServerBaseUrl;
    DescriptorImpl descriptor = getDescriptor();
    if ("".equals(stashServer) || stashServer == null) {
      stashServer = descriptor.getStashRootUrl();
    }
    if (!ignoreUnverifiedSSL) {
      ignoreUnverifiedSSL = descriptor.isIgnoreUnverifiedSsl();
    }

    URL url = new URL(stashServer);
    HttpClientBuilder builder = HttpClientBuilder.create();
    if (url.getProtocol().equals("https") && ignoreUnverifiedSSL) {
      // add unsafe trust manager to avoid thrown
      // SSLPeerUnverifiedException
      try {
        TrustStrategy easyStrategy =
            new TrustStrategy() {
              public boolean isTrusted(X509Certificate[] chain, String authType)
                  throws CertificateException {
                return true;
              }
            };

        SSLContext sslContext =
            SSLContexts.custom().loadTrustMaterial(null, easyStrategy).useTLS().build();
        SSLConnectionSocketFactory sslConnSocketFactory =
            new SSLConnectionSocketFactory(
                sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        builder.setSSLSocketFactory(sslConnSocketFactory);

        Registry<ConnectionSocketFactory> registry =
            RegistryBuilder.<ConnectionSocketFactory>create()
                .register("https", sslConnSocketFactory)
                .build();

        HttpClientConnectionManager ccm = new BasicHttpClientConnectionManager(registry);

        builder.setConnectionManager(ccm);
      } catch (NoSuchAlgorithmException nsae) {
        logger.println("Couldn't establish SSL context:");
        nsae.printStackTrace(logger);
      } catch (KeyManagementException kme) {
        logger.println("Couldn't initialize SSL context:");
        kme.printStackTrace(logger);
      } catch (KeyStoreException kse) {
        logger.println("Couldn't initialize SSL context:");
        kse.printStackTrace(logger);
      }
    }

    // Configure the proxy, if needed
    // Using the Jenkins methods handles the noProxyHost settings
    ProxyConfiguration proxyConfig = Jenkins.getInstance().proxy;
    if (proxyConfig != null) {
      Proxy proxy = proxyConfig.createProxy(url.getHost());
      if (proxy != null && proxy.type() == Proxy.Type.HTTP) {
        SocketAddress addr = proxy.address();
        if (addr != null && addr instanceof InetSocketAddress) {
          InetSocketAddress proxyAddr = (InetSocketAddress) addr;
          HttpHost proxyHost =
              new HttpHost(proxyAddr.getAddress().getHostAddress(), proxyAddr.getPort());
          builder = builder.setProxy(proxyHost);

          String proxyUser = proxyConfig.getUserName();
          if (proxyUser != null) {
            String proxyPass = proxyConfig.getPassword();
            CredentialsProvider cred = new BasicCredentialsProvider();
            cred.setCredentials(
                new AuthScope(proxyHost), new UsernamePasswordCredentials(proxyUser, proxyPass));
            builder =
                builder
                    .setDefaultCredentialsProvider(cred)
                    .setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy());
          }
        }
      }
    }

    return builder.build();
  }