From c4677b211a863f809dfb2053598ee0e48c6bae25 Mon Sep 17 00:00:00 2001
From: Antony Riley <antony@cyberiantiger.org>
Date: Mon, 8 Dec 2014 01:41:20 +0200
Subject: Add command line option to disable https certificate checking.

---
 src/main/java/org/spigotmc/builder/Builder.java | 50 +++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/src/main/java/org/spigotmc/builder/Builder.java b/src/main/java/org/spigotmc/builder/Builder.java
index 45971b5..07eaedb 100644
--- a/src/main/java/org/spigotmc/builder/Builder.java
+++ b/src/main/java/org/spigotmc/builder/Builder.java
@@ -22,12 +22,21 @@ import java.io.InputStreamReader;
 import java.io.OutputStream;
 import java.io.PrintStream;
 import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipFile;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import lombok.RequiredArgsConstructor;
 import org.apache.commons.io.FileUtils;
 import org.eclipse.jgit.api.Git;
@@ -46,6 +55,11 @@ public class Builder
 
     public static void main(String[] args) throws Exception
     {
+        for (String s : args) {
+            if ("--disable-certificate-check".equals(s)) {
+                disableHttpsCertificateCheck();
+            }
+        }
         if ( IS_MAC )
         {
             System.out.println( "Sorry, but Macintosh is not currently a supported platform for compilation at this time." );
@@ -431,4 +445,40 @@ public class Builder
 
         return target;
     }
+
+    public static void disableHttpsCertificateCheck() {
+        // This globally disables certificate checking
+        // http://stackoverflow.com/questions/19723415/java-overriding-function-to-disable-ssl-certificate-check
+        try
+        {
+            TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
+                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+                    return null;
+                }
+                public void checkClientTrusted(X509Certificate[] certs, String authType) {
+                }
+                public void checkServerTrusted(X509Certificate[] certs, String authType) {
+                }
+            }
+            };
+            SSLContext sc = SSLContext.getInstance("SSL");
+            sc.init(null, trustAllCerts, new java.security.SecureRandom());
+            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+            
+            HostnameVerifier allHostsValid = new HostnameVerifier() {
+                public boolean verify(String hostname, SSLSession session) {
+                    return true;
+                }
+            };
+            HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
+        } catch ( NoSuchAlgorithmException ex )
+        {
+            System.out.println("Failed to disable https certificate check");
+            ex.printStackTrace(System.out);
+        } catch ( KeyManagementException ex )
+        {
+            System.out.println("Failed to disable https certificate check");
+            ex.printStackTrace(System.out);
+        }
+    }
 }
-- 
cgit v1.2.3