11package org .kohsuke .github .extras ;
22
3+ import com .squareup .okhttp .ConnectionSpec ;
34import com .squareup .okhttp .OkHttpClient ;
45import com .squareup .okhttp .OkUrlFactory ;
6+
57import org .kohsuke .github .HttpConnector ;
68
79import java .io .IOException ;
10+
811import java .net .HttpURLConnection ;
912import java .net .URL ;
1013
14+ import java .security .KeyManagementException ;
15+ import java .security .NoSuchAlgorithmException ;
16+
17+ import java .util .Arrays ;
18+ import java .util .List ;
19+
20+ import javax .net .ssl .SSLContext ;
21+ import javax .net .ssl .SSLSocketFactory ;
22+
1123/**
1224 * {@link HttpConnector} for {@link OkHttpClient}.
1325 *
@@ -23,10 +35,33 @@ public class OkHttpConnector implements HttpConnector {
2335 private final OkUrlFactory urlFactory ;
2436
2537 public OkHttpConnector (OkUrlFactory urlFactory ) {
38+ urlFactory .client ().setSslSocketFactory (TlsSocketFactory ());
39+ urlFactory .client ().setConnectionSpecs (TlsConnectionSpecs ());
2640 this .urlFactory = urlFactory ;
2741 }
2842
2943 public HttpURLConnection connect (URL url ) throws IOException {
3044 return urlFactory .open (url );
3145 }
46+
47+ /** Returns TLSv1.2 only SSL Socket Factory. */
48+ private SSLSocketFactory TlsSocketFactory () {
49+ SSLContext sc ;
50+ try {
51+ sc = SSLContext .getInstance ("TLSv1.2" );
52+ } catch (NoSuchAlgorithmException e ) {
53+ throw new RuntimeException (e .getMessage (), e );
54+ }
55+ try {
56+ sc .init (null , null , null );
57+ return sc .getSocketFactory ();
58+ } catch (KeyManagementException e ) {
59+ throw new RuntimeException (e .getMessage (), e );
60+ }
61+ }
62+
63+ /** Returns connection spec with TLS v1.2 in it */
64+ private List <ConnectionSpec > TlsConnectionSpecs () {
65+ return Arrays .asList (ConnectionSpec .MODERN_TLS , ConnectionSpec .CLEARTEXT );
66+ }
3267}
0 commit comments