From 17e9cd97acb6b61ae376b7af33a24a163a6b2629 Mon Sep 17 00:00:00 2001
From: Looly <loolly@gmail.com>
Date: Fri, 10 Mar 2023 00:51:16 +0800
Subject: [PATCH] fix code

---
 .../core/net/ssl/SSLContextBuilder.java       |  4 +--
 .../java/cn/hutool/core/net/ssl/SSLUtil.java  | 30 ++++++++++++++-----
 ...Manager.java => TrustAnyTrustManager.java} | 12 ++++----
 .../cn/hutool/http/client/ClientConfig.java   | 10 +++----
 .../engine/httpclient5/HttpClient5Engine.java | 20 ++++++++++---
 .../client/engine/jdk/HttpConnection.java     |  6 ++--
 .../http/ssl/CustomProtocolsSSLFactory.java   |  2 +-
 .../http/ssl/TrustAnyHostnameVerifier.java    |  2 +-
 ...faultSSLInfo.java => TrustAnySSLInfo.java} |  5 ++--
 9 files changed, 59 insertions(+), 32 deletions(-)
 rename hutool-core/src/main/java/cn/hutool/core/net/ssl/{DefaultTrustManager.java => TrustAnyTrustManager.java} (71%)
 rename hutool-http/src/main/java/cn/hutool/http/ssl/{DefaultSSLInfo.java => TrustAnySSLInfo.java} (80%)

diff --git a/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLContextBuilder.java b/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLContextBuilder.java
index fe62c62e5..62975599f 100644
--- a/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLContextBuilder.java
+++ b/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLContextBuilder.java
@@ -18,7 +18,7 @@ import java.security.SecureRandom;
  * <ul>
  *     <li>协议（protocol），默认TLS</li>
  *     <li>{@link KeyManager}，默认空</li>
- *     <li>{@link TrustManager}，默认{@link DefaultTrustManager}，即信任全部</li>
+ *     <li>{@link TrustManager}，默认{@link TrustAnyTrustManager}，即信任全部</li>
  *     <li>{@link SecureRandom}</li>
  * </ul>
  * <p>
@@ -32,7 +32,7 @@ public class SSLContextBuilder implements SSLProtocols, Builder<SSLContext> {
 
 	private String protocol = TLS;
 	private KeyManager[] keyManagers;
-	private TrustManager[] trustManagers = {DefaultTrustManager.INSTANCE};
+	private TrustManager[] trustManagers = {TrustAnyTrustManager.INSTANCE};
 	private SecureRandom secureRandom = new SecureRandom();
 
 
diff --git a/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLUtil.java b/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLUtil.java
index ecd1f2ac5..e8b56dfd0 100644
--- a/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLUtil.java
+++ b/hutool-core/src/main/java/cn/hutool/core/net/ssl/SSLUtil.java
@@ -15,23 +15,37 @@ import javax.net.ssl.TrustManager;
 public class SSLUtil {
 
 	/**
-	 * 创建{@link SSLContext}，默认新人全部
+	 * 创建{@link SSLContext}，信任全部，协议为TLS
 	 *
-	 * @param protocol     SSL协议，例如TLS等
+	 * @return {@link SSLContext}
+	 * @throws IORuntimeException 包装 GeneralSecurityException异常
+	 */
+	public static SSLContext createTrustAnySSLContext() throws IORuntimeException {
+		return createTrustAnySSLContext(null);
+	}
+
+	/**
+	 * 创建{@link SSLContext}，信任全部
+	 *
+	 * @param protocol SSL协议，例如TLS等，{@code null}表示默认TLS
 	 * @return {@link SSLContext}
 	 * @throws IORuntimeException 包装 GeneralSecurityException异常
 	 * @since 5.7.8
 	 */
-	public static SSLContext createSSLContext(final String protocol) throws IORuntimeException{
-		return SSLContextBuilder.of().setProtocol(protocol).build();
+	public static SSLContext createTrustAnySSLContext(final String protocol) throws IORuntimeException {
+		return SSLContextBuilder.of()
+				.setProtocol(protocol)
+				// 信任所有服务端
+				.setTrustManagers(new TrustManager[]{TrustAnyTrustManager.INSTANCE})
+				.build();
 	}
 
 	/**
 	 * 创建{@link SSLContext}
 	 *
 	 * @param protocol     SSL协议，例如TLS等
-	 * @param keyManager   密钥管理器,{@code null}表示无
-	 * @param trustManager 信任管理器, {@code null}表示无
+	 * @param keyManager   密钥管理器,{@code null}表示默认
+	 * @param trustManager 信任管理器, {@code null}表示默认
 	 * @return {@link SSLContext}
 	 * @throws IORuntimeException 包装 GeneralSecurityException异常
 	 */
@@ -46,8 +60,8 @@ public class SSLUtil {
 	 * 创建和初始化{@link SSLContext}
 	 *
 	 * @param protocol      SSL协议，例如TLS等
-	 * @param keyManagers   密钥管理器,{@code null}表示无
-	 * @param trustManagers 信任管理器, {@code null}表示无
+	 * @param keyManagers   密钥管理器,{@code null}表示默认
+	 * @param trustManagers 信任管理器, {@code null}表示默认
 	 * @return {@link SSLContext}
 	 * @throws IORuntimeException 包装 GeneralSecurityException异常
 	 */
diff --git a/hutool-core/src/main/java/cn/hutool/core/net/ssl/DefaultTrustManager.java b/hutool-core/src/main/java/cn/hutool/core/net/ssl/TrustAnyTrustManager.java
similarity index 71%
rename from hutool-core/src/main/java/cn/hutool/core/net/ssl/DefaultTrustManager.java
rename to hutool-core/src/main/java/cn/hutool/core/net/ssl/TrustAnyTrustManager.java
index 1f0903fdb..13fe0f137 100644
--- a/hutool-core/src/main/java/cn/hutool/core/net/ssl/DefaultTrustManager.java
+++ b/hutool-core/src/main/java/cn/hutool/core/net/ssl/TrustAnyTrustManager.java
@@ -6,19 +6,21 @@ import java.net.Socket;
 import java.security.cert.X509Certificate;
 
 /**
- * 默认信任管理器，默认信任所有客户端和服务端证书<br>
- * 继承{@link X509ExtendedTrustManager}的原因见：https://blog.csdn.net/ghaohao/article/details/79454913
+ * 新任所有信任管理器，默认信任所有客户端和服务端证书<br>
+ * 继承{@link X509ExtendedTrustManager}的原因见：<br>
+ * https://blog.csdn.net/ghaohao/article/details/79454913
  *
  * @author Looly
  * @since 5.5.7
  */
-public class DefaultTrustManager extends X509ExtendedTrustManager {
+public class TrustAnyTrustManager extends X509ExtendedTrustManager {
 
 	/**
-	 * 默认的全局单例默认信任管理器，默认信任所有客户端和服务端证书
+	 * 全局单例信任管理器，默认信任所有客户端和服务端证书
+	 *
 	 * @since 5.7.8
 	 */
-	public static DefaultTrustManager INSTANCE = new DefaultTrustManager();
+	public static TrustAnyTrustManager INSTANCE = new TrustAnyTrustManager();
 
 	@Override
 	public X509Certificate[] getAcceptedIssuers() {
diff --git a/hutool-http/src/main/java/cn/hutool/http/client/ClientConfig.java b/hutool-http/src/main/java/cn/hutool/http/client/ClientConfig.java
index d07d27a40..95fc4ea0f 100755
--- a/hutool-http/src/main/java/cn/hutool/http/client/ClientConfig.java
+++ b/hutool-http/src/main/java/cn/hutool/http/client/ClientConfig.java
@@ -3,7 +3,7 @@ package cn.hutool.http.client;
 import cn.hutool.core.lang.Assert;
 import cn.hutool.core.net.ssl.SSLUtil;
 import cn.hutool.http.HttpGlobalConfig;
-import cn.hutool.http.ssl.DefaultSSLInfo;
+import cn.hutool.http.ssl.TrustAnySSLInfo;
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLSocketFactory;
@@ -58,8 +58,8 @@ public class ClientConfig {
 	public ClientConfig() {
 		connectionTimeout = HttpGlobalConfig.getTimeout();
 		readTimeout = HttpGlobalConfig.getTimeout();
-		hostnameVerifier = DefaultSSLInfo.TRUST_ANY_HOSTNAME_VERIFIER;
-		socketFactory = DefaultSSLInfo.DEFAULT_SSF;
+		hostnameVerifier = TrustAnySSLInfo.TRUST_ANY_HOSTNAME_VERIFIER;
+		socketFactory = TrustAnySSLInfo.DEFAULT_SSF;
 	}
 
 	/**
@@ -179,12 +179,12 @@ public class ClientConfig {
 	 *
 	 * @param protocol 协议
 	 * @return this
-	 * @see SSLUtil#createSSLContext(String)
+	 * @see SSLUtil#createTrustAnySSLContext(String)
 	 * @see #setSocketFactory(SSLSocketFactory)
 	 */
 	public ClientConfig setSSLProtocol(final String protocol) {
 		Assert.notBlank(protocol, "protocol must be not blank!");
-		setSocketFactory(SSLUtil.createSSLContext(protocol).getSocketFactory());
+		setSocketFactory(SSLUtil.createTrustAnySSLContext(protocol).getSocketFactory());
 		return this;
 	}
 
diff --git a/hutool-http/src/main/java/cn/hutool/http/client/engine/httpclient5/HttpClient5Engine.java b/hutool-http/src/main/java/cn/hutool/http/client/engine/httpclient5/HttpClient5Engine.java
index bc3d3fef6..5b3557ca4 100755
--- a/hutool-http/src/main/java/cn/hutool/http/client/engine/httpclient5/HttpClient5Engine.java
+++ b/hutool-http/src/main/java/cn/hutool/http/client/engine/httpclient5/HttpClient5Engine.java
@@ -2,6 +2,7 @@ package cn.hutool.http.client.engine.httpclient5;
 
 import cn.hutool.core.io.IoUtil;
 import cn.hutool.core.lang.Assert;
+import cn.hutool.core.net.ssl.SSLUtil;
 import cn.hutool.core.net.url.UrlBuilder;
 import cn.hutool.http.GlobalHeaders;
 import cn.hutool.http.HttpException;
@@ -11,11 +12,13 @@ import cn.hutool.http.client.Request;
 import cn.hutool.http.client.Response;
 import cn.hutool.http.client.body.HttpBody;
 import org.apache.hc.client5.http.classic.methods.HttpUriRequestBase;
+import org.apache.hc.client5.http.config.ConnectionConfig;
 import org.apache.hc.client5.http.config.RequestConfig;
 import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
-import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
 import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
 import org.apache.hc.client5.http.impl.classic.HttpClients;
+import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
+import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder;
 import org.apache.hc.core5.http.ClassicHttpRequest;
 import org.apache.hc.core5.http.ClassicHttpResponse;
 import org.apache.hc.core5.http.Header;
@@ -86,14 +89,22 @@ public class HttpClient5Engine implements ClientEngine {
 			return;
 		}
 
+		// 连接配置
+		final PoolingHttpClientConnectionManagerBuilder connectionManagerBuilder = PoolingHttpClientConnectionManagerBuilder.create()
+				.setSSLSocketFactory(SSLConnectionSocketFactoryBuilder.create()
+						.setSslContext(SSLUtil.createTrustAnySSLContext()).build());
+		final int connectionTimeout = this.config.getConnectionTimeout();
+		if(connectionTimeout > 0){
+			connectionManagerBuilder.setDefaultConnectionConfig(ConnectionConfig.custom()
+					.setConnectTimeout(connectionTimeout, TimeUnit.MILLISECONDS).build());
+		}
+
+		// 请求配置
 		RequestConfig requestConfig = null;
 		if(null != this.config){
 			final RequestConfig.Builder builder = RequestConfig.custom();
 
-			final int connectionTimeout = this.config.getConnectionTimeout();
 			if(connectionTimeout > 0){
-				// TODO 细化替换
-				builder.setConnectTimeout(connectionTimeout, TimeUnit.MILLISECONDS);
 				builder.setConnectionRequestTimeout(connectionTimeout, TimeUnit.MILLISECONDS);
 			}
 			final int readTimeout = this.config.getReadTimeout();
@@ -105,6 +116,7 @@ public class HttpClient5Engine implements ClientEngine {
 		}
 
 		final HttpClientBuilder builder = HttpClients.custom()
+				.setConnectionManager(connectionManagerBuilder.build())
 				.setDefaultRequestConfig(requestConfig)
 				// 设置默认头信息
 				.setDefaultHeaders(toHeaderList(GlobalHeaders.INSTANCE.headers()));
diff --git a/hutool-http/src/main/java/cn/hutool/http/client/engine/jdk/HttpConnection.java b/hutool-http/src/main/java/cn/hutool/http/client/engine/jdk/HttpConnection.java
index 6d4072780..302046572 100644
--- a/hutool-http/src/main/java/cn/hutool/http/client/engine/jdk/HttpConnection.java
+++ b/hutool-http/src/main/java/cn/hutool/http/client/engine/jdk/HttpConnection.java
@@ -7,7 +7,7 @@ import cn.hutool.core.util.ObjUtil;
 import cn.hutool.http.HttpException;
 import cn.hutool.http.client.HeaderOperation;
 import cn.hutool.http.meta.Method;
-import cn.hutool.http.ssl.DefaultSSLInfo;
+import cn.hutool.http.ssl.TrustAnySSLInfo;
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
@@ -211,8 +211,8 @@ public class HttpConnection implements HeaderOperation<HttpConnection> {
 			// Https请求
 			final HttpsURLConnection httpsConn = (HttpsURLConnection) conn;
 			// 验证域
-			httpsConn.setHostnameVerifier(ObjUtil.defaultIfNull(hostnameVerifier, DefaultSSLInfo.TRUST_ANY_HOSTNAME_VERIFIER));
-			httpsConn.setSSLSocketFactory(ObjUtil.defaultIfNull(ssf, DefaultSSLInfo.DEFAULT_SSF));
+			httpsConn.setHostnameVerifier(ObjUtil.defaultIfNull(hostnameVerifier, TrustAnySSLInfo.TRUST_ANY_HOSTNAME_VERIFIER));
+			httpsConn.setSSLSocketFactory(ObjUtil.defaultIfNull(ssf, TrustAnySSLInfo.DEFAULT_SSF));
 		}
 
 		return this;
diff --git a/hutool-http/src/main/java/cn/hutool/http/ssl/CustomProtocolsSSLFactory.java b/hutool-http/src/main/java/cn/hutool/http/ssl/CustomProtocolsSSLFactory.java
index c7cbc3332..4433c766a 100644
--- a/hutool-http/src/main/java/cn/hutool/http/ssl/CustomProtocolsSSLFactory.java
+++ b/hutool-http/src/main/java/cn/hutool/http/ssl/CustomProtocolsSSLFactory.java
@@ -28,7 +28,7 @@ public class CustomProtocolsSSLFactory extends SSLSocketFactory {
 	 */
 	public CustomProtocolsSSLFactory(final String... protocols) throws IORuntimeException {
 		this.protocols = protocols;
-		this.base = SSLUtil.createSSLContext(null).getSocketFactory();
+		this.base = SSLUtil.createTrustAnySSLContext(null).getSocketFactory();
 	}
 
 	@Override
diff --git a/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnyHostnameVerifier.java b/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnyHostnameVerifier.java
index 75d04730d..e10eb6d6e 100644
--- a/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnyHostnameVerifier.java
+++ b/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnyHostnameVerifier.java
@@ -4,7 +4,7 @@ import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLSession;
 
 /**
- * https 域名校验
+ * https 域名校验，信任所有域名
  *
  * @author Looly
  */
diff --git a/hutool-http/src/main/java/cn/hutool/http/ssl/DefaultSSLInfo.java b/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnySSLInfo.java
similarity index 80%
rename from hutool-http/src/main/java/cn/hutool/http/ssl/DefaultSSLInfo.java
rename to hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnySSLInfo.java
index fad532a73..699c2c64a 100644
--- a/hutool-http/src/main/java/cn/hutool/http/ssl/DefaultSSLInfo.java
+++ b/hutool-http/src/main/java/cn/hutool/http/ssl/TrustAnySSLInfo.java
@@ -5,12 +5,11 @@ import cn.hutool.core.text.StrUtil;
 import javax.net.ssl.SSLSocketFactory;
 
 /**
- * 默认的全局SSL配置，当用户未设置相关信息时，使用默认设置，默认设置为单例模式。
+ * 新任所有SSL配置
  *
  * @author looly
- * @since 5.1.2
  */
-public class DefaultSSLInfo {
+public class TrustAnySSLInfo {
 	/**
 	 * 默认信任全部的域名校验器
 	 */