jmeter3.0 源码分析之：对HTTPS协议的支持

jmeter 3.0 的readme里有这样一句话：

Apache JMeter interfaces with the

Java Secure Socket Extension (JSSE) API to provide

- HTTPS support

于是查看了jmeter源码，想看看jmeter是如何对https做支持的。

首先从 org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl类入手：

重点关注sample方法，截取代码如下：

public class HTTPHC4Impl extends HTTPHCAbstractImpl {

@Override
protected HTTPSampleResult sample(URL url, String method,
boolean areFollowingRedirect, int frameDepth) {
//...
HttpClient httpClient = setupClient(url, res);
}

private HttpClient setupClient(URL url, SampleResult res) {
//...
MeasuringConnectionManager connManager = new MeasuringConnectionManager(
createSchemeRegistry(),
resolver,
TIME_TO_LIVE,
VALIDITY_AFTER_INACTIVITY_TIMEOUT);

}
/**
* Setup LazySchemeSocketFactory
* @see "https://bz.apache.org/bugzilla/show_bug.cgi?id=58099"
*/
private static SchemeRegistry createSchemeRegistry() {
final SchemeRegistry registry = new SchemeRegistry();
registry.register(
new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); //$NON-NLS-1$
registry.register(
new Scheme("https", 443, new LazySchemeSocketFactory())); //$NON-NLS-1$
return registry;
}
}

接着我们看看LazySchemeSocketFactory类

public final class LazySchemeSocketFactory implements SchemeLayeredSocketFactory{

/**
* @throws SSLInitializationException
*/
private static SchemeLayeredSocketFactory checkAndInit() throws SSLInitializationException {
LOG.info("Setting up HTTPS TrustAll Socket Factory");
try {
return new HC4TrustAllSSLSocketFactory();
} catch (GeneralSecurityException e) {
LOG.warn("Failed to initialise HTTPS HC4TrustAllSSLSocketFactory", e);
return SSLSocketFactory.getSocketFactory();
}
}
}

这里又使用了HC4TrustAllSSLSocketFactory类：

public class HC4TrustAllSSLSocketFactory extends SSLSocketFactory {

private static final TrustStrategy TRUSTALL = new TrustStrategy(){
@Override
public boolean isTrusted(X509Certificate[] chain, String authType) {
return true;
}
};
private javax.net.ssl.SSLSocketFactory factory;

/**
* Create an SSL factory which trusts all certificates and hosts.
* {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)}
* @throws GeneralSecurityException if there's a problem setting up the security
*/
public HC4TrustAllSSLSocketFactory() throws GeneralSecurityException {
this(new HttpSSLProtocolSocketFactory((JsseSSLManager)JsseSSLManager.getInstance(), JsseSSLManager.CPS));
}

/**
* Create an SSL factory which trusts all certificates and hosts.
* {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)}
* @param factory javax.net.ssl.SSLSocketFactory
* @throws GeneralSecurityException if there's a problem setting up the security
*/
protected HC4TrustAllSSLSocketFactory(javax.net.ssl.SSLSocketFactory factory) throws GeneralSecurityException {
super(TRUSTALL, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
this.factory = factory;
}
}

到这里可以看出，jmeter对https的支持是默认信任所有证书的。