[GitHub] [incubator-shenyu] moremind commented on a diff in pull request #3438: [type:optimize] SpringBoot upgrade to 2.6.8

Mon, 30 May 2022 06:48:29 -0700 


moremind commented on code in PR #3438:
URL: https://github.com/apache/incubator-shenyu/pull/3438#discussion_r884850591


##########
shenyu-spring-boot-starter/shenyu-spring-boot-starter-plugin/shenyu-spring-boot-starter-plugin-httpclient/src/main/java/org/apache/shenyu/springboot/starter/plugin/httpclient/HttpClientPluginConfiguration.java:
##########
@@ -128,50 +134,75 @@ public HttpClient httpClient(final HttpClientProperties 
properties,
     }
 
     private void setSsl(final SslProvider.SslContextSpec sslContextSpec, final 
HttpClientProperties.Ssl ssl) {
-        SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
-        X509Certificate[] trustedX509Certificates = 
ssl.getTrustedX509CertificatesForTrustManager();
-        if (ArrayUtils.isNotEmpty(trustedX509Certificates)) {
-            sslContextBuilder.trustManager(trustedX509Certificates);
-        } else if (ssl.isUseInsecureTrustManager()) {
-            
sslContextBuilder.trustManager(InsecureTrustManagerFactory.INSTANCE);
-        }
-        sslContextBuilder.keyManager(ssl.getKeyManagerFactory());
-        sslContextSpec.sslContext(sslContextBuilder)
-                .defaultConfiguration(ssl.getDefaultConfigurationType())
+        SslProvider.ProtocolSslContextSpec spec = 
DefaultSslContextSpec.forClient()
+                .configure(sslContextBuilder -> {
+                    X509Certificate[] trustedX509Certificates = 
ssl.getTrustedX509CertificatesForTrustManager();
+                    if (ArrayUtils.isNotEmpty(trustedX509Certificates)) {
+                        
sslContextBuilder.trustManager(trustedX509Certificates);
+                    } else if (ssl.isUseInsecureTrustManager()) {
+                        
sslContextBuilder.trustManager(InsecureTrustManagerFactory.INSTANCE);
+                    }
+                    sslContextBuilder.keyManager(ssl.getKeyManagerFactory());
+                    
sslContextBuilder.sslProvider(ssl.getDefaultConfigurationType());
+                });
+        sslContextSpec.sslContext(spec)
                 .handshakeTimeout(ssl.getHandshakeTimeout())
                 .closeNotifyFlushTimeout(ssl.getCloseNotifyFlushTimeout())
                 .closeNotifyReadTimeout(ssl.getCloseNotifyReadTimeout());
     }
 
-    private TcpClient setTcpClientProxy(final TcpClient tcpClient, final 
HttpClientProperties.Proxy proxy) {

Review Comment:
   use tcpConfiguration config http server isn't allowed, this will remove in 
the future.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to