From c4677b211a863f809dfb2053598ee0e48c6bae25 Mon Sep 17 00:00:00 2001 From: Antony Riley Date: Mon, 8 Dec 2014 01:41:20 +0200 Subject: Add command line option to disable https certificate checking. --- src/main/java/org/spigotmc/builder/Builder.java | 50 +++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/src/main/java/org/spigotmc/builder/Builder.java b/src/main/java/org/spigotmc/builder/Builder.java index 45971b5..07eaedb 100644 --- a/src/main/java/org/spigotmc/builder/Builder.java +++ b/src/main/java/org/spigotmc/builder/Builder.java @@ -22,12 +22,21 @@ import java.io.InputStreamReader; import java.io.OutputStream; import java.io.PrintStream; import java.net.URL; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Date; import java.util.Enumeration; import java.util.List; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import lombok.RequiredArgsConstructor; import org.apache.commons.io.FileUtils; import org.eclipse.jgit.api.Git; @@ -46,6 +55,11 @@ public class Builder public static void main(String[] args) throws Exception { + for (String s : args) { + if ("--disable-certificate-check".equals(s)) { + disableHttpsCertificateCheck(); + } + } if ( IS_MAC ) { System.out.println( "Sorry, but Macintosh is not currently a supported platform for compilation at this time." ); @@ -431,4 +445,40 @@ public class Builder return target; } + + public static void disableHttpsCertificateCheck() { + // This globally disables certificate checking + // http://stackoverflow.com/questions/19723415/java-overriding-function-to-disable-ssl-certificate-check + try + { + TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() { + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return null; + } + public void checkClientTrusted(X509Certificate[] certs, String authType) { + } + public void checkServerTrusted(X509Certificate[] certs, String authType) { + } + } + }; + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); + + HostnameVerifier allHostsValid = new HostnameVerifier() { + public boolean verify(String hostname, SSLSession session) { + return true; + } + }; + HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid); + } catch ( NoSuchAlgorithmException ex ) + { + System.out.println("Failed to disable https certificate check"); + ex.printStackTrace(System.out); + } catch ( KeyManagementException ex ) + { + System.out.println("Failed to disable https certificate check"); + ex.printStackTrace(System.out); + } + } } -- cgit v1.2.3