Upgrade to HttpClient5 5.3.1

Closes gh-39703
2024-07-05 00:56:58 +08:00 · 2024-02-22 07:58:49 +00:00 · 2024-02-22 07:58:49 +00:00 · 102215ee96
commit 102215ee96
parent a52cc64701
4 changed files with 28 additions and 13 deletions
--- a/spring-boot-project/spring-boot-dependencies/build.gradle
+++ b/spring-boot-project/spring-boot-dependencies/build.gradle
@ -442,17 +442,12 @@ bom {
 			]
 		}
 	}
-	library("HttpClient5", "5.2.3") {
-		prohibit {
-			versionRange "[5.3]"
-			because "it can NPE when discarding a connection (https://issues.apache.org/jira/browse/HTTPCLIENT-2313)"
-		}
+	library("HttpClient5", "5.3.1") {
 		group("org.apache.httpcomponents.client5") {
 			modules = [
 				"httpclient5",
 				"httpclient5-cache",
-				"httpclient5-fluent",
-				"httpclient5-win",
+				"httpclient5-fluent"
 			]
 		}
 	}
--- a/spring-boot-project/spring-boot-test/src/main/java/org/springframework/boot/test/web/client/TestRestTemplate.java
+++ b/spring-boot-project/spring-boot-test/src/main/java/org/springframework/boot/test/web/client/TestRestTemplate.java
@ -21,6 +21,7 @@ import java.net.URI;
 import java.security.KeyManagementException;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.time.Duration;
 import java.util.Arrays;
 import java.util.HashSet;
@ -40,11 +41,11 @@ import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuil
 import org.apache.hc.client5.http.protocol.HttpClientContext;
 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
-import org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy;
 import org.apache.hc.core5.http.io.SocketConfig;
 import org.apache.hc.core5.http.protocol.HttpContext;
 import org.apache.hc.core5.http.ssl.TLS;
 import org.apache.hc.core5.ssl.SSLContextBuilder;
+import org.apache.hc.core5.ssl.TrustStrategy;

 import org.springframework.boot.web.client.ClientHttpRequestFactorySettings;
 import org.springframework.boot.web.client.RestTemplateBuilder;
@ -993,7 +994,7 @@ public class TestRestTemplate {
 		ENABLE_REDIRECTS,

 		/**
-		 * Use a {@link SSLConnectionSocketFactory} with {@link TrustSelfSignedStrategy}.
+		 * Use a {@link SSLConnectionSocketFactory} that trusts self-signed certificates.
 		 */
 		SSL

@ -1085,4 +1086,13 @@ public class TestRestTemplate {

 	}

+	private static final class TrustSelfSignedStrategy implements TrustStrategy {
+
+		@Override
+		public boolean isTrusted(X509Certificate[] chain, String authType) {
+			return chain.length == 1;
+		}
+
+	}
+
 }
--- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/TomcatServletWebServerFactoryTests.java
+++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/embedded/tomcat/TomcatServletWebServerFactoryTests.java
@ -64,7 +64,6 @@ import org.apache.hc.client5.http.HttpHostConnectException;
 import org.apache.hc.client5.http.classic.HttpClient;
 import org.apache.hc.client5.http.impl.classic.HttpClients;
 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
-import org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.NoHttpResponseException;
 import org.apache.hc.core5.ssl.SSLContextBuilder;
--- a/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java
+++ b/spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/servlet/server/AbstractServletWebServerFactoryTests.java
@ -87,7 +87,6 @@ import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
 import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
 import org.apache.hc.client5.http.protocol.HttpClientContext;
 import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
-import org.apache.hc.client5.http.ssl.TrustSelfSignedStrategy;
 import org.apache.hc.core5.http.HttpResponse;
 import org.apache.hc.core5.http.io.HttpClientResponseHandler;
 import org.apache.hc.core5.http.protocol.HttpContext;
@ -1404,7 +1403,7 @@ public abstract class AbstractServletWebServerFactoryTests {
 			compression.setExcludedUserAgents(excludedUserAgents);
 		}
 		factory.setCompression(compression);
-		factory.addInitializers(new ServletRegistrationBean<HttpServlet>(new HttpServlet() {
+		factory.addInitializers(new ServletRegistrationBean<>(new HttpServlet() {

 			@Override
 			protected void service(HttpServletRequest req, HttpServletResponse resp) throws IOException {
@ -1631,7 +1630,7 @@ public abstract class AbstractServletWebServerFactoryTests {
 		}

 		@Override
-		public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
+		public boolean isTrusted(X509Certificate[] chain, String authType) {
 			String hexSerialNumber = chain[0].getSerialNumber().toString(16);
 			boolean isMatch = hexSerialNumber.equalsIgnoreCase(this.serialNumber);
 			return super.isTrusted(chain, authType) && isMatch;
@ -1775,4 +1774,16 @@ public abstract class AbstractServletWebServerFactoryTests {

 	}

+	protected static class TrustSelfSignedStrategy implements TrustStrategy {
+
+		public TrustSelfSignedStrategy() {
+		}
+
+		@Override
+		public boolean isTrusted(X509Certificate[] chain, String authType) {
+			return chain.length == 1;
+		}
+
+	}
+
 }