svnkit https 忽略证书认证
直接上代码
解决jdk版本问题:Security.setProperty("jdk.tls.disabledAlgorithms", "");
import java.io.ByteArrayOutputStream; import java.io.File; import java.security.Security; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.List; import java.util.Map; import org.apache.log4j.Logger; import org.tmatesoft.svn.core.ISVNDirEntryHandler; import org.tmatesoft.svn.core.ISVNLogEntryHandler; import org.tmatesoft.svn.core.SVNDepth; import org.tmatesoft.svn.core.SVNDirEntry; import org.tmatesoft.svn.core.SVNException; import org.tmatesoft.svn.core.SVNLogEntry; import org.tmatesoft.svn.core.SVNURL; import org.tmatesoft.svn.core.auth.ISVNAuthenticationManager; import org.tmatesoft.svn.core.internal.io.dav.DAVRepositoryFactory; import org.tmatesoft.svn.core.internal.io.fs.FSRepositoryFactory; import org.tmatesoft.svn.core.internal.io.svn.SVNRepositoryFactoryImpl; import org.tmatesoft.svn.core.wc.SVNClientManager; import org.tmatesoft.svn.core.wc.SVNCommitClient; import org.tmatesoft.svn.core.wc.SVNLogClient; import org.tmatesoft.svn.core.wc.SVNRevision; import org.tmatesoft.svn.core.wc.SVNUpdateClient; import org.tmatesoft.svn.core.wc.SVNWCClient; import org.tmatesoft.svn.core.wc.SVNWCUtil; import cn.internetware.yanphone.genplatform.constants.ServerConstants; import cn.internetware.yanphone.genplatform.model.ApiInfo; import cn.internetware.yanphone.genplatform.model.Commit; import cn.internetware.yanphone.genplatform.model.Group; import cn.internetware.yanphone.genplatform.model.SVNProjectLog; public class SVNUtils { private static final Logger LOGGER = Logger.getLogger(SVNUtils.class); static { Security.setProperty("jdk.tls.disabledAlgorithms", ""); DAVRepositoryFactory.setup(); SVNRepositoryFactoryImpl.setup(); FSRepositoryFactory.setup(); } public static boolean deleteFile(String url, String username, String password, String message) { try { SVNURL svnUrl = SVNURL.parseURIEncoded(url); ISVNAuthenticationManager authManager = new BasicWithCertificateTrustedAuthenticationManager(username, password); SVNClientManager clientManager = SVNClientManager.newInstance(SVNWCUtil.createDefaultOptions(true), authManager); SVNCommitClient commitClient = clientManager.getCommitClient(); commitClient.doDelete(new SVNURL[] { svnUrl }, "delete project " + message); } catch (SVNException e) { LOGGER.error("Delete svn error", e); return false; } return true; } public static long checkout(String url, File destPath) { ISVNAuthenticationManager authManager = new BasicWithCertificateTrustedAuthenticationManager( ServerConstants.SVN_ADMIN_USERNAME, ServerConstants.SVN_ADMIN_PASSWORD); SVNClientManager clientManager = SVNClientManager.newInstance(SVNWCUtil.createDefaultOptions(true), authManager); SVNUpdateClient updateClient = clientManager.getUpdateClient(); try { SVNURL svnUrl = SVNURL.parseURIEncoded(url); return updateClient.doCheckout(svnUrl, destPath, SVNRevision.HEAD, SVNRevision.HEAD, SVNDepth.INFINITY, false); } catch (SVNException e) { LOGGER.error("svn checkout error ...... ", e); } return 0; } }
import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; /** * TrustManager utilities for generating TrustManagers. * * @since 3.0 */ public final class TrustManagerUtils { private static final X509Certificate[] EMPTY_X509CERTIFICATE_ARRAY = new X509Certificate[]{}; private static class TrustManager implements X509TrustManager { private final boolean checkServerValidity; TrustManager(boolean checkServerValidity) { this.checkServerValidity = checkServerValidity; } /** * Never generates a CertificateException. */ public void checkClientTrusted(X509Certificate[] certificates, String authType) { return; } public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException { if (checkServerValidity) { for (int i = 0; i < certificates.length; ++i) { certificates[i].checkValidity(); } } } /** * @return an empty array of certificates */ public X509Certificate[] getAcceptedIssuers() { return EMPTY_X509CERTIFICATE_ARRAY; } } private static final X509TrustManager ACCEPT_ALL=new TrustManager(false); private static final X509TrustManager CHECK_SERVER_VALIDITY=new TrustManager(true); /** * Generate a TrustManager that performs no checks. * * @return the TrustManager */ public static X509TrustManager getAcceptAllTrustManager(){ return ACCEPT_ALL; } /** * Generate a TrustManager that checks server certificates for validity, * but otherwise performs no checks. * * @return the validating TrustManager */ public static X509TrustManager getValidateServerCertificateTrustManager(){ return CHECK_SERVER_VALIDITY; } /** * Return the default TrustManager provided by the JVM. * <p> * This should be the same as the default used by {@link javax.net.ssl.SSLContext#init(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], java.security.SecureRandom) * SSLContext#init(KeyManager[], TrustManager[], SecureRandom)} * when the TrustManager parameter is set to {@code null} * @param keyStore the KeyStore to use, may be {@code null} * @return the default TrustManager * @throws GeneralSecurityException */ public static X509TrustManager getDefaultTrustManager(KeyStore keyStore) throws GeneralSecurityException { String defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); TrustManagerFactory instance = TrustManagerFactory.getInstance(defaultAlgorithm); instance.init(keyStore); return (X509TrustManager) instance.getTrustManagers()[0]; } }
import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.tmatesoft.svn.core.SVNErrorCode; import org.tmatesoft.svn.core.SVNErrorMessage; import org.tmatesoft.svn.core.SVNException; import org.tmatesoft.svn.core.SVNURL; import org.tmatesoft.svn.core.auth.BasicAuthenticationManager; public class BasicWithCertificateTrustedAuthenticationManager extends BasicAuthenticationManager { public BasicWithCertificateTrustedAuthenticationManager(String userName, String password) { super(userName, password); } @Override public TrustManager getTrustManager(SVNURL url) throws SVNException { try { // HTTPS URL requires certificate trust process // if (url != null && url.getProtocol() != null && // url.getProtocol().startsWith("https")) { // TrustManagerUtils comes from commons-net:commons-net:3.3 TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[] {}; } public void checkClientTrusted(X509Certificate[] chain, String authType) { } public void checkServerTrusted(X509Certificate[] chain, String authType) { } } }; return trustAllCerts[0]; // } } catch (Exception e) { throw new SVNException(SVNErrorMessage.create(SVNErrorCode.IO_ERROR, e.getMessage()), e); } } }