mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-05 00:56:58 +08:00
Merge branch '3.2.x'
Closes gh-41010
This commit is contained in:
commit
781d7b0394
@ -22,7 +22,6 @@ import org.apache.catalina.connector.Connector;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.coyote.ProtocolHandler;
|
||||
import org.apache.coyote.http11.AbstractHttp11JsseProtocol;
|
||||
import org.apache.coyote.http11.Http11NioProtocol;
|
||||
import org.apache.tomcat.util.net.SSLHostConfig;
|
||||
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
|
||||
import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type;
|
||||
@ -117,7 +116,7 @@ class SslConnectorCustomizer {
|
||||
String ciphers = StringUtils.arrayToCommaDelimitedString(options.getCiphers());
|
||||
sslHostConfig.setCiphers(ciphers);
|
||||
}
|
||||
configureSslStoreProvider(protocol, sslHostConfig, certificate, stores);
|
||||
configureSslStores(sslHostConfig, certificate, stores);
|
||||
configureEnabledProtocols(sslHostConfig, options);
|
||||
}
|
||||
|
||||
@ -132,10 +131,8 @@ class SslConnectorCustomizer {
|
||||
config.setCertificateVerification(ClientAuth.map(this.clientAuth, "none", "optional", "required"));
|
||||
}
|
||||
|
||||
private void configureSslStoreProvider(AbstractHttp11JsseProtocol<?> protocol, SSLHostConfig sslHostConfig,
|
||||
SSLHostConfigCertificate certificate, SslStoreBundle stores) {
|
||||
Assert.isInstanceOf(Http11NioProtocol.class, protocol,
|
||||
"SslStoreProvider can only be used with Http11NioProtocol");
|
||||
private void configureSslStores(SSLHostConfig sslHostConfig, SSLHostConfigCertificate certificate,
|
||||
SslStoreBundle stores) {
|
||||
try {
|
||||
if (stores.getKeyStore() != null) {
|
||||
certificate.setCertificateKeystore(stores.getKeyStore());
|
||||
|
@ -60,6 +60,7 @@ import org.apache.catalina.util.CharsetMapper;
|
||||
import org.apache.catalina.valves.RemoteIpValve;
|
||||
import org.apache.coyote.ProtocolHandler;
|
||||
import org.apache.coyote.http11.AbstractHttp11Protocol;
|
||||
import org.apache.coyote.http11.Http11Nio2Protocol;
|
||||
import org.apache.hc.client5.http.HttpHostConnectException;
|
||||
import org.apache.hc.client5.http.classic.HttpClient;
|
||||
import org.apache.hc.client5.http.impl.classic.HttpClients;
|
||||
@ -681,6 +682,20 @@ class TomcatServletWebServerFactoryTests extends AbstractServletWebServerFactory
|
||||
assertThat(verifier.getLastPrincipal()).isEqualTo("CN=2");
|
||||
}
|
||||
|
||||
@Test
|
||||
void sslWithHttp11Nio2Protocol() throws Exception {
|
||||
TomcatServletWebServerFactory factory = getFactory();
|
||||
addTestTxtFile(factory);
|
||||
factory.setProtocol(Http11Nio2Protocol.class.getName());
|
||||
factory.setSsl(getSsl(null, "password", "src/test/resources/test.jks"));
|
||||
this.webServer = factory.getWebServer();
|
||||
this.webServer.start();
|
||||
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
|
||||
new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
|
||||
HttpComponentsClientHttpRequestFactory requestFactory = createHttpComponentsRequestFactory(socketFactory);
|
||||
assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected JspServlet getJspServlet() throws ServletException {
|
||||
Tomcat tomcat = ((TomcatWebServer) this.webServer).getTomcat();
|
||||
|
Loading…
Reference in New Issue
Block a user