jmeter3.0 源碼分析之：對HTTPS協議的支持

jmeter 3.0 的readme裏有這樣一句話：

Apache JMeter interfaces with the
Java Secure Socket Extension (JSSE) API to provide
- HTTPS support

於是查看了jmeter源碼，想看看jmeter是如何對https做支持的。

首先從 org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl類入手：

重點關注sample方法，截取代碼如下：

 public class HTTPHC4Impl extends HTTPHCAbstractImpl {

 @Override
    protected HTTPSampleResult sample(URL url, String method,
            boolean areFollowingRedirect, int frameDepth) {
            //...
            HttpClient httpClient = setupClient(url, res);          
            }

    private HttpClient setupClient(URL url, SampleResult res) {
        //...
        MeasuringConnectionManager connManager = new MeasuringConnectionManager(
                    createSchemeRegistry(), 
                    resolver, 
                    TIME_TO_LIVE,
                    VALIDITY_AFTER_INACTIVITY_TIMEOUT);

    }
    /**
     * Setup LazySchemeSocketFactory
     * @see "https://bz.apache.org/bugzilla/show_bug.cgi?id=58099"
     */
    private static SchemeRegistry createSchemeRegistry() {
        final SchemeRegistry registry = new SchemeRegistry();
        registry.register(
                new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); //$NON-NLS-1$
        registry.register(
                new Scheme("https", 443, new LazySchemeSocketFactory())); //$NON-NLS-1$
        return registry;
    }
 }

接着我們看看LazySchemeSocketFactory類

public final class LazySchemeSocketFactory implements SchemeLayeredSocketFactory{

     /**
         * @throws SSLInitializationException
         */
        private static SchemeLayeredSocketFactory checkAndInit() throws SSLInitializationException {
            LOG.info("Setting up HTTPS TrustAll Socket Factory");
            try {
                return new HC4TrustAllSSLSocketFactory();
            } catch (GeneralSecurityException e) {
                LOG.warn("Failed to initialise HTTPS HC4TrustAllSSLSocketFactory", e);
                return SSLSocketFactory.getSocketFactory();
            }
        }
 }

這裏又使用了HC4TrustAllSSLSocketFactory類：

public class HC4TrustAllSSLSocketFactory extends SSLSocketFactory {

     private static final TrustStrategy TRUSTALL = new TrustStrategy(){
        @Override
        public boolean isTrusted(X509Certificate[] chain, String authType) {
            return true;
        }
    };
    private javax.net.ssl.SSLSocketFactory factory;

    /**
     * Create an SSL factory which trusts all certificates and hosts.
     * {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)} 
     * @throws GeneralSecurityException if there's a problem setting up the security
     */
    public HC4TrustAllSSLSocketFactory() throws GeneralSecurityException {
        this(new HttpSSLProtocolSocketFactory((JsseSSLManager)JsseSSLManager.getInstance(), JsseSSLManager.CPS));
    }

    /**
     * Create an SSL factory which trusts all certificates and hosts.
     * {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)} 
     * @param factory javax.net.ssl.SSLSocketFactory 
     * @throws GeneralSecurityException if there's a problem setting up the security
     */
    protected HC4TrustAllSSLSocketFactory(javax.net.ssl.SSLSocketFactory factory) throws GeneralSecurityException {
        super(TRUSTALL, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        this.factory = factory;
    }
 }

到這裏可以看出，jmeter對https的支持是默認信任所有證書的。