Skip to content

Commit b3c5e24

Browse files
dakronedakrone
committed
Merge branch 'pr/391'
2 parents efcac09 + 7a1d02a commit b3c5e24

File tree

2 files changed

+63
-41
lines changed

2 files changed

+63
-41
lines changed

README.org

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -987,6 +987,24 @@ would:
987987
(conn-mgr/make-socks-proxied-conn-manager "localhost" 8081)})
988988
#+END_SRC
989989

990+
If your SOCKS connection requires a keystore / trust-store, you can specify that too:
991+
992+
#+BEGIN_SRC clojure
993+
(ns foo.bar
994+
(:require [clj-http.client :as client]
995+
[clj-http.conn-mgr :as conn-mgr]))
996+
997+
(client/get "https://google.com"
998+
{:connection-manager
999+
(conn-mgr/make-socks-proxied-conn-manager "localhost" 8081
1000+
{:keystore "/path/to/keystore.ks"
1001+
:keystore-type "jks" ; default: jks
1002+
:keystore-pass "secretpass"
1003+
:trust-store "/path/to/trust-store.ks"
1004+
:trust-store-type "jks" ; default jks
1005+
:trust-store-pass "trustpass"})})
1006+
#+END_SRC
1007+
9901008
You can also store the proxied connection manager and reuse it later.
9911009

9921010
** Custom Middleware

src/clj_http/conn_mgr.clj

Lines changed: 45 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -50,12 +50,13 @@
5050
(defn ^SSLConnectionSocketFactory SSLGenericSocketFactory
5151
"Given a function that returns a new socket, create an
5252
SSLConnectionSocketFactory that will use that socket."
53-
[socket-factory]
54-
(proxy [SSLConnectionSocketFactory] [(SSLContexts/createDefault)]
55-
(connectSocket [timeout socket host remoteAddress localAddress context]
56-
(let [^SSLConnectionSocketFactory this this] ;; avoid reflection
57-
(proxy-super connectSocket timeout (socket-factory) host remoteAddress
58-
localAddress context)))))
53+
([socket-factory] (SSLGenericSocketFactory socket-factory (SSLContexts/createDefault)))
54+
([socket-factory ^SSLContext ssl-context]
55+
(proxy [SSLConnectionSocketFactory] [ssl-context]
56+
(connectSocket [timeout socket host remoteAddress localAddress context]
57+
(let [^SSLConnectionSocketFactory this this] ;; avoid reflection
58+
(proxy-super connectSocket timeout (socket-factory) host remoteAddress
59+
localAddress context))))))
5960

6061
(defn ^PlainConnectionSocketFactory PlainGenericSocketFactory
6162
"Given a Function that returns a new socket, create a
@@ -70,41 +71,6 @@
7071
[^String hostname ^Integer port]
7172
(Socket. (Proxy. Proxy$Type/SOCKS (InetSocketAddress. hostname port))))
7273

73-
(defn make-socks-proxied-conn-manager
74-
"Given an optional hostname and a port, create a connection manager that's
75-
proxied using a SOCKS proxy."
76-
[^String hostname ^Integer port]
77-
(let [socket-factory #(socks-proxied-socket hostname port)
78-
reg (-> (RegistryBuilder/create)
79-
(.register "http" (PlainGenericSocketFactory socket-factory))
80-
(.register "https" (SSLGenericSocketFactory socket-factory))
81-
(.build))]
82-
(PoolingHttpClientConnectionManager. reg)))
83-
84-
(def insecure-scheme-registry
85-
(-> (RegistryBuilder/create)
86-
(.register "http" PlainConnectionSocketFactory/INSTANCE)
87-
(.register "https" insecure-socket-factory)
88-
(.build)))
89-
90-
(def insecure-strategy-registry
91-
(-> (RegistryBuilder/create)
92-
(.register "http" NoopIOSessionStrategy/INSTANCE)
93-
(.register "https" insecure-strategy)
94-
(.build)))
95-
96-
(def regular-scheme-registry
97-
(-> (RegistryBuilder/create)
98-
(.register "http" (PlainConnectionSocketFactory/getSocketFactory))
99-
(.register "https" secure-ssl-socket-factory)
100-
(.build)))
101-
102-
(def regular-strategy-registry
103-
(-> (RegistryBuilder/create)
104-
(.register "http" NoopIOSessionStrategy/INSTANCE)
105-
(.register "https" secure-strategy)
106-
(.build)))
107-
10874
(defn ^KeyStore get-keystore*
10975
[keystore-file keystore-type ^String keystore-pass]
11076
(when keystore-file
@@ -139,6 +105,44 @@
139105
NoopHostnameVerifier/INSTANCE
140106
(DefaultHostnameVerifier.))}))
141107

108+
(defn make-socks-proxied-conn-manager
109+
"Given an optional hostname and a port, create a connection manager that's
110+
proxied using a SOCKS proxy."
111+
([^String hostname ^Integer port] (make-socks-proxied-conn-manager hostname port {}))
112+
([^String hostname ^Integer port {:keys [keystore keystore-type keystore-pass trust-store trust-store-type trust-store-pass] :as opts}]
113+
(let [socket-factory #(socks-proxied-socket hostname port)
114+
ssl-context (when (some (complement nil?) [keystore keystore-type keystore-pass trust-store trust-store-type trust-store-pass])
115+
(-> opts get-keystore-context-verifier :context))
116+
reg (-> (RegistryBuilder/create)
117+
(.register "http" (PlainGenericSocketFactory socket-factory))
118+
(.register "https" (SSLGenericSocketFactory socket-factory ssl-context))
119+
(.build))]
120+
(PoolingHttpClientConnectionManager. reg))))
121+
122+
(def insecure-scheme-registry
123+
(-> (RegistryBuilder/create)
124+
(.register "http" PlainConnectionSocketFactory/INSTANCE)
125+
(.register "https" insecure-socket-factory)
126+
(.build)))
127+
128+
(def insecure-strategy-registry
129+
(-> (RegistryBuilder/create)
130+
(.register "http" NoopIOSessionStrategy/INSTANCE)
131+
(.register "https" insecure-strategy)
132+
(.build)))
133+
134+
(def regular-scheme-registry
135+
(-> (RegistryBuilder/create)
136+
(.register "http" (PlainConnectionSocketFactory/getSocketFactory))
137+
(.register "https" secure-ssl-socket-factory)
138+
(.build)))
139+
140+
(def regular-strategy-registry
141+
(-> (RegistryBuilder/create)
142+
(.register "http" NoopIOSessionStrategy/INSTANCE)
143+
(.register "https" secure-strategy)
144+
(.build)))
145+
142146
(defn ^Registry get-keystore-scheme-registry
143147
[req]
144148
(let [{:keys [context verifier]} (get-keystore-context-verifier req)

0 commit comments

Comments
 (0)