jmeter3.0 源码分析之：对HTTPS协议的支持

jmeter 3.0 的readme里有这样一句话：

Apache JMeter interfaces with the
Java Secure Socket Extension (JSSE) API to provide
- HTTPS support

于是查看了jmeter源码，想看看jmeter是如何对https做支持的。

首先从 org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl类入手：

重点关注sample方法，截取代码如下：

 public class HTTPHC4Impl extends HTTPHCAbstractImpl { @Override    protected HTTPSampleResult sample(URL url, String method,            boolean areFollowingRedirect, int frameDepth) {            //...            HttpClient httpClient = setupClient(url, res);                      }    private HttpClient setupClient(URL url, SampleResult res) {        //...        MeasuringConnectionManager connManager = new MeasuringConnectionManager(                    createSchemeRegistry(),                     resolver,                     TIME_TO_LIVE,                    VALIDITY_AFTER_INACTIVITY_TIMEOUT);    }    /**     * Setup LazySchemeSocketFactory     * @see "https://bz.apache.org/bugzilla/show_bug.cgi?id=58099"     */    private static SchemeRegistry createSchemeRegistry() {        final SchemeRegistry registry = new SchemeRegistry();        registry.register(                new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); //$NON-NLS-1$        registry.register(                new Scheme("https", 443, new LazySchemeSocketFactory())); //$NON-NLS-1$        return registry;    } }

接着我们看看LazySchemeSocketFactory类

public final class LazySchemeSocketFactory implements SchemeLayeredSocketFactory{     /**         * @throws SSLInitializationException         */        private static SchemeLayeredSocketFactory checkAndInit() throws SSLInitializationException {            LOG.info("Setting up HTTPS TrustAll Socket Factory");            try {                return new HC4TrustAllSSLSocketFactory();            } catch (GeneralSecurityException e) {                LOG.warn("Failed to initialise HTTPS HC4TrustAllSSLSocketFactory", e);                return SSLSocketFactory.getSocketFactory();            }        } }

这里又使用了HC4TrustAllSSLSocketFactory类：

public class HC4TrustAllSSLSocketFactory extends SSLSocketFactory {     private static final TrustStrategy TRUSTALL = new TrustStrategy(){        @Override        public boolean isTrusted(X509Certificate[] chain, String authType) {            return true;        }    };    private javax.net.ssl.SSLSocketFactory factory;    /**     * Create an SSL factory which trusts all certificates and hosts.     * {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)}      * @throws GeneralSecurityException if there's a problem setting up the security     */    public HC4TrustAllSSLSocketFactory() throws GeneralSecurityException {        this(new HttpSSLProtocolSocketFactory((JsseSSLManager)JsseSSLManager.getInstance(), JsseSSLManager.CPS));    }    /**     * Create an SSL factory which trusts all certificates and hosts.     * {@link SSLSocketFactory#SSLSocketFactory(TrustStrategy, org.apache.http.conn.ssl.X509HostnameVerifier)}      * @param factory javax.net.ssl.SSLSocketFactory      * @throws GeneralSecurityException if there's a problem setting up the security     */    protected HC4TrustAllSSLSocketFactory(javax.net.ssl.SSLSocketFactory factory) throws GeneralSecurityException {        super(TRUSTALL, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);        this.factory = factory;    } }

到这里可以看出，jmeter对https的支持是默认信任所有证书的。