github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-03-24 10:01:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

skipped patch for Java 1.6 & 1.7 if the JRE is at least 1.8 - see issue #523

Browse Source
This commit is contained in:
Jeremy Long
2016-08-11 20:59:26 -04:00
parent 45941adb71
commit 9ea16ad1d1
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
View File

@@ -31,6 +31,8 @@ import java.net.URL;
import java.security.KeyManagementException; import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.lang3.JavaVersion;
import org.apache.commons.lang3.SystemUtils;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@@ -189,7 +191,7 @@ public final class URLConnectionFactory {
* @param conn the connection * @param conn the connection
*/ */
private static void configureTLS(URL url, HttpURLConnection conn) { private static void configureTLS(URL url, HttpURLConnection conn) {
if ("https".equals(url.getProtocol())) { if ("https".equals(url.getProtocol()) && !SystemUtils.isJavaVersionAtLeast(JavaVersion.JAVA_1_8)) {
try { try {
final HttpsURLConnection secCon = (HttpsURLConnection) conn; final HttpsURLConnection secCon = (HttpsURLConnection) conn;
final SSLSocketFactoryEx factory = new SSLSocketFactoryEx(); final SSLSocketFactoryEx factory = new SSLSocketFactoryEx();