diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-10 14:18:57 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-10 14:30:34 +0100 |
commit | 0185e8a039281a1e12bab3c8c20399b75a0798f9 (patch) | |
tree | e334197f2d614165b0144400d04fbe99723cb172 | |
parent | 3e4b51c07bf72cb35e67dbb8b63c274ada397861 (diff) |
Upgrade Apache httpclient+httpcore to newest version
Use deprecated setSslcontext() in code that may run
outside JDisc.
6 files changed, 15 insertions, 8 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java index dd43195f67d..95867b3786c 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java @@ -213,7 +213,7 @@ public class ConfigServerRestExecutorImpl extends AbstractComponent implements C HostnameVerifier hostnameVerifier) { return HttpClientBuilder.create() .setUserAgent("config-server-proxy-client") - .setSslcontext(sslContextProvider.getIdentitySslContext()) + .setSSLContext(sslContextProvider.getIdentitySslContext()) .setSSLHostnameVerifier(hostnameVerifier) .setDefaultRequestConfig(config) .setMaxConnPerRoute(10) diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/systemflags/FlagsClient.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/systemflags/FlagsClient.java index b22c9e44a2b..5cd6b32d572 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/systemflags/FlagsClient.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/systemflags/FlagsClient.java @@ -87,7 +87,7 @@ class FlagsClient { return HttpClientBuilder.create() .setUserAgent("controller-flags-v1-client") .setRetryHandler(new DefaultHttpRequestRetryHandler(5, /*retry on non-idempotent requests*/true)) - .setSslcontext(identityProvider.getIdentitySslContext()) + .setSSLContext(identityProvider.getIdentitySslContext()) .setSSLHostnameVerifier(new FlagTargetsHostnameVerifier(targets)) .setDefaultRequestConfig(RequestConfig.custom() .setConnectTimeout((int) Duration.ofSeconds(10).toMillis()) diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java index e206cb3215d..ffff63a424e 100644 --- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java +++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/server/jetty/HealthCheckProxyHandler.java @@ -133,7 +133,7 @@ class HealthCheckProxyHandler extends HandlerWrapper { client = HttpClientBuilder.create() .disableAutomaticRetries() .setConnectionReuseStrategy(NoConnectionReuseStrategy.INSTANCE) - .setSslcontext(sslContextFactory.getSslContext()) + .setSSLContext(sslContextFactory.getSslContext()) .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) .setUserTokenHandler(context -> null) // https://stackoverflow.com/a/42112034/1615280 .setUserAgent("health-check-proxy-client") diff --git a/parent/pom.xml b/parent/pom.xml index 2408ae06e1d..ca6e361899c 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -735,8 +735,8 @@ <properties> <antlr.version>3.5.2</antlr.version> <antlr4.version>4.5</antlr4.version> - <apache.httpclient.version>4.4.1</apache.httpclient.version> - <apache.httpcore.version>4.4.1</apache.httpcore.version> + <apache.httpclient.version>4.5.10</apache.httpclient.version> + <apache.httpcore.version>4.4.12</apache.httpcore.version> <asm.version>7.0</asm.version> <!-- Athenz dependencies. Make sure these dependencies match those in Vespa's internal repositories --> <athenz.version>1.8.29</athenz.version> diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java index dba29841952..c99e40732bb 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/identityprovider/client/DefaultIdentityDocumentClient.java @@ -101,7 +101,7 @@ public class DefaultIdentityDocumentClient implements IdentityDocumentClient { HostnameVerifier hostnameVerifier) { return HttpClientBuilder.create() .setRetryHandler(new DefaultHttpRequestRetryHandler(3, /*requestSentRetryEnabled*/true)) - .setSslcontext(sslContext) + .setSSLContext(sslContext) .setSSLHostnameVerifier(hostnameVerifier) .setUserAgent("default-identity-document-client") .setDefaultRequestConfig(RequestConfig.custom() diff --git a/vespa-http-client/src/main/java/com/yahoo/vespa/http/client/core/communication/ApacheGatewayConnection.java b/vespa-http-client/src/main/java/com/yahoo/vespa/http/client/core/communication/ApacheGatewayConnection.java index 0e7488c8927..f59d4a4bbba 100644 --- a/vespa-http-client/src/main/java/com/yahoo/vespa/http/client/core/communication/ApacheGatewayConnection.java +++ b/vespa-http-client/src/main/java/com/yahoo/vespa/http/client/core/communication/ApacheGatewayConnection.java @@ -23,6 +23,7 @@ import org.apache.http.entity.InputStreamEntity; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.message.BasicHeader; +import javax.net.ssl.SSLContext; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -413,7 +414,7 @@ class ApacheGatewayConnection implements GatewayConnection { } else { clientBuilder = HttpClientBuilder.create(); if (connectionParams.getSslContext() != null) { - clientBuilder.setSslcontext(connectionParams.getSslContext()); + setSslContext(clientBuilder, connectionParams.getSslContext()); } else { SslContextBuilder builder = new SslContextBuilder(); if (connectionParams.getPrivateKey() != null && connectionParams.getCertificate() != null) { @@ -422,7 +423,7 @@ class ApacheGatewayConnection implements GatewayConnection { if (connectionParams.getCaCertificates() != null) { builder.withTrustStore(connectionParams.getCaCertificates()); } - clientBuilder.setSslcontext(builder.build()); + setSslContext(clientBuilder, builder.build()); } if (connectionParams.getHostnameVerifier() != null) { clientBuilder.setSSLHostnameVerifier(connectionParams.getHostnameVerifier()); @@ -454,4 +455,10 @@ class ApacheGatewayConnection implements GatewayConnection { } } + // Note: Using deprecated setSslcontext() to allow httpclient 4.4 on classpath (e.g unexpected Maven dependency resolution for test classpath) + @SuppressWarnings("deprecation") + private static void setSslContext(HttpClientBuilder builder, SSLContext sslContext) { + builder.setSslcontext(sslContext); + } + } |