fernandomora · November 30, 2015 10:02
diff --git a/SniHttpClientConnectionOperator.java b/SniHttpClientConnectionOperator.java
 SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(buildTrustAllSSLContext(), NoopHostnameVerifier.INSTANCE);
 Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslsf).build();
 HttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(new DefaultHttpClientConnectionOperator(socketFactoryRegistry, null, null), null, -1, TimeUnit.MILLISECONDS);
 HttpClientBuilder clientBuilder = HttpClients.custom();
 clientBuilder.setConnectionManager(cm);

 class SniHttpClientConnectionOperator extends DefaultHttpClientConnectionOperator {

 		class SniSSLSocketFactory extends SSLConnectionSocketFactory {

 			public static final String ENABLE_SNI = "__enable_sni__";

 			/*
             * Implement any constructor you need for your particular application -
             * SSLConnectionSocketFactory has many variants
             */
 			public SniSSLSocketFactory(final SSLContext sslContext, final HostnameVerifier verifier) {
 				super(sslContext, verifier);
 			}

 			@Override
 			public Socket createLayeredSocket(
 					final Socket socket,
 					final String target,
 					final int port,
 					final HttpContext context) throws IOException {
 				Boolean enableSniValue = (Boolean) context.getAttribute(ENABLE_SNI);
 				boolean enableSni = enableSniValue == null || enableSniValue;
 				return super.createLayeredSocket(socket, enableSni ? target : "", port, context);
 			}
 		}

 		public SniHttpClientConnectionOperator(Lookup<ConnectionSocketFactory> socketFactoryRegistry) {
 			super(socketFactoryRegistry, null, null);
 		}

 		@Override
 		public void connect(
 				final ManagedHttpClientConnection conn,
 				final HttpHost host,
 				final InetSocketAddress localAddress,
 				final int connectTimeout,
 				final SocketConfig socketConfig,
 				final HttpContext context) throws IOException {
 			try {
 				super.connect(conn, host, localAddress, connectTimeout, socketConfig, context);
 			} catch (SSLProtocolException e) {
 				Boolean enableSniValue = (Boolean) context.getAttribute(SniSSLSocketFactory.ENABLE_SNI);
 				boolean enableSni = enableSniValue == null || enableSniValue;
 				if (enableSni && e.getMessage() != null && e.getMessage().equals("handshake alert:  unrecognized_name")) {
 					traza.warn("Server received saw wrong SNI host, retrying without SNI");
 					context.setAttribute(SniSSLSocketFactory.ENABLE_SNI, false);
 					super.connect(conn, host, localAddress, connectTimeout, socketConfig, context);
 				} else {
 					throw e;
 				}
 			}
 		}
 	}
	SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(buildTrustAllSSLContext(), NoopHostnameVerifier.INSTANCE);
	Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslsf).build();
	HttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(new DefaultHttpClientConnectionOperator(socketFactoryRegistry, null, null), null, -1, TimeUnit.MILLISECONDS);
	HttpClientBuilder clientBuilder = HttpClients.custom();
	clientBuilder.setConnectionManager(cm);

	class SniHttpClientConnectionOperator extends DefaultHttpClientConnectionOperator {

	class SniSSLSocketFactory extends SSLConnectionSocketFactory {

	public static final String ENABLE_SNI = "__enable_sni__";

	/*
	* Implement any constructor you need for your particular application -
	* SSLConnectionSocketFactory has many variants
	*/
	public SniSSLSocketFactory(final SSLContext sslContext, final HostnameVerifier verifier) {
	super(sslContext, verifier);
	}

	@Override
	public Socket createLayeredSocket(
	final Socket socket,
	final String target,
	final int port,
	final HttpContext context) throws IOException {
	Boolean enableSniValue = (Boolean) context.getAttribute(ENABLE_SNI);
	boolean enableSni = enableSniValue == null \|\| enableSniValue;
	return super.createLayeredSocket(socket, enableSni ? target : "", port, context);
	}
	}

	public SniHttpClientConnectionOperator(Lookup<ConnectionSocketFactory> socketFactoryRegistry) {
	super(socketFactoryRegistry, null, null);
	}

	@Override
	public void connect(
	final ManagedHttpClientConnection conn,
	final HttpHost host,
	final InetSocketAddress localAddress,
	final int connectTimeout,
	final SocketConfig socketConfig,
	final HttpContext context) throws IOException {
	try {
	super.connect(conn, host, localAddress, connectTimeout, socketConfig, context);
	} catch (SSLProtocolException e) {
	Boolean enableSniValue = (Boolean) context.getAttribute(SniSSLSocketFactory.ENABLE_SNI);
	boolean enableSni = enableSniValue == null \|\| enableSniValue;
	if (enableSni && e.getMessage() != null && e.getMessage().equals("handshake alert: unrecognized_name")) {
	traza.warn("Server received saw wrong SNI host, retrying without SNI");
	context.setAttribute(SniSSLSocketFactory.ENABLE_SNI, false);
	super.connect(conn, host, localAddress, connectTimeout, socketConfig, context);
	} else {
	throw e;
	}
	}
	}
	}