diff --git a/core/src/main/java/org/jivesoftware/resource/Default.java b/core/src/main/java/org/jivesoftware/resource/Default.java
index ed487de4a..384995330 100644
--- a/core/src/main/java/org/jivesoftware/resource/Default.java
+++ b/core/src/main/java/org/jivesoftware/resource/Default.java
@@ -144,7 +144,6 @@ public class Default {
public static final String PLUGIN_BLACKLIST = "PLUGIN_BLACKLIST";
public static final String PLUGIN_BLACKLIST_CLASS = "PLUGIN_BLACKLIST_CLASS";
public static final String PLUGIN_REPOSITORY = "PLUGIN_REPOSITORY";
- public static final String PLUGIN_REPOSITORY_USE_PROXY = "PLUGIN_REPOSITORY_USE_PROXY";
public static final String PROXY_PROTOCOL = "PROXY_PROTOCOL";
public static final String IDLE_LOCK = "IDLE_LOCK";
public static final String IDLE_TIME = "IDLE_TIME";
diff --git a/core/src/main/java/org/jivesoftware/sparkimpl/plugin/viewer/PluginViewer.java b/core/src/main/java/org/jivesoftware/sparkimpl/plugin/viewer/PluginViewer.java
index 26bb125ae..f6fcde1cb 100644
--- a/core/src/main/java/org/jivesoftware/sparkimpl/plugin/viewer/PluginViewer.java
+++ b/core/src/main/java/org/jivesoftware/sparkimpl/plugin/viewer/PluginViewer.java
@@ -45,7 +45,6 @@
import org.jivesoftware.sparkimpl.settings.JiveInfo;
import org.jivesoftware.sparkimpl.settings.local.LocalPreferences;
import org.jivesoftware.sparkimpl.settings.local.SettingsManager;
-import org.jivesoftware.sparkimpl.updater.AcceptAllCertsConnectionManager;
import org.xml.sax.SAXException;
import javax.swing.*;
@@ -304,27 +303,7 @@ private void loadAvailablePlugins()
public Object construct()
{
final HttpGet request = new HttpGet(retrieveListURL);
-
- HttpHost proxy = null;
- if ( Default.getBoolean( Default.PLUGIN_REPOSITORY_USE_PROXY ) )
- {
- String proxyHost = System.getProperty( "http.proxyHost" );
- String proxyPort = System.getProperty( "http.proxyPort" );
- if ( ModelUtil.hasLength( proxyHost ) && ModelUtil.hasLength(proxyPort) ) {
- try{
- proxy = new HttpHost(proxyHost, Integer.parseInt(proxyPort));
- } catch ( NumberFormatException e ) {
- Log.error( e );
- }
- }
- }
-
- try (final CloseableHttpClient httpClient =
- HttpClients.custom()
- .setConnectionManager(AcceptAllCertsConnectionManager.getInstance())
- .setProxy(proxy)
- .build();
- ) {
+ try (final CloseableHttpClient httpClient = HttpClients.createSystem()) {
return httpClient.execute(request, response -> {
if (response.getCode() != 200) {
return null;
@@ -383,8 +362,6 @@ private void downloadPlugin( final PublicPlugin plugin )
final HttpGet request = new HttpGet(plugin.getDownloadURL());
HttpHost proxy = null;
- if ( Default.getBoolean( Default.PLUGIN_REPOSITORY_USE_PROXY ) )
- {
String proxyHost = System.getProperty( "http.proxyHost" );
String proxyPort = System.getProperty( "http.proxyPort" );
if ( ModelUtil.hasLength( proxyHost ) && ModelUtil.hasLength(proxyPort) ) {
@@ -394,14 +371,8 @@ private void downloadPlugin( final PublicPlugin plugin )
Log.error( e );
}
}
- }
- try (final CloseableHttpClient httpClient =
- HttpClients.custom()
- .setConnectionManager(AcceptAllCertsConnectionManager.getInstance())
- .setProxy(proxy)
- .build();
- ) {
+ try (final CloseableHttpClient httpClient = HttpClients.createSystem()) {
httpClient.execute(request, response -> {
if (response.getCode() != 200) {
return null;
diff --git a/core/src/main/java/org/jivesoftware/sparkimpl/updater/AcceptAllCertsConnectionManager.java b/core/src/main/java/org/jivesoftware/sparkimpl/updater/AcceptAllCertsConnectionManager.java
deleted file mode 100644
index 75c2ada77..000000000
--- a/core/src/main/java/org/jivesoftware/sparkimpl/updater/AcceptAllCertsConnectionManager.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Copyright (C) 2023 Ignite Realtime Foundation. All rights reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.jivesoftware.sparkimpl.updater;
-
-import org.apache.hc.client5.http.impl.io.BasicHttpClientConnectionManager;
-import org.apache.hc.client5.http.socket.ConnectionSocketFactory;
-import org.apache.hc.client5.http.socket.PlainConnectionSocketFactory;
-import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
-import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
-import org.apache.hc.core5.http.config.Registry;
-import org.apache.hc.core5.http.config.RegistryBuilder;
-import org.apache.hc.core5.ssl.SSLContexts;
-import org.apache.hc.core5.ssl.TrustStrategy;
-
-import javax.net.ssl.SSLContext;
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-
-/**
- * A HTTP Client connection manager that knowingly by-passes all verification of TLS certificates.
- *
- * This SHOULD NOT be used for productive systems due to security reasons, unless it is a conscious decision and you are
- * perfectly aware of security implications of accepting self-signed certificates.
- *
- * Usage example:
- *
- * AcceptAllCertsConnectionManager connectionManager = AcceptAllCertsConnectionManager.getInstance();
- * try( CloseableHttpClient httpClient = HttpClients.custom()
- * .setConnectionManager(connectionManager)
- * .build();
- *
- * CloseableHttpResponse response = (CloseableHttpResponse) httpClient
- * .execute(getMethod, new CustomHttpClientResponseHandler())) {
- *
- * final int statusCode = response.getCode();
- * assertThat(statusCode, equalTo(HttpStatus.SC_OK));
- * };
- *
- * @author Guus der Kinderen, guus.der.kinderen@gmail.com
- */
-public class AcceptAllCertsConnectionManager extends BasicHttpClientConnectionManager
-{
- public static BasicHttpClientConnectionManager getInstance() throws NoSuchAlgorithmException, KeyStoreException, KeyManagementException
- {
- // Taken from https://www.baeldung.com/httpclient-ssl
- final TrustStrategy acceptingTrustStrategy = (cert, authType) -> true;
- final SSLContext sslContext = SSLContexts.custom()
- .loadTrustMaterial(null, acceptingTrustStrategy)
- .build();
- final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
- final Registry socketFactoryRegistry =
- RegistryBuilder. create()
- .register("https", sslsf)
- .register("http", new PlainConnectionSocketFactory())
- .build();
-
- return new BasicHttpClientConnectionManager(socketFactoryRegistry);
- }
-}
diff --git a/core/src/main/java/org/jivesoftware/sparkimpl/updater/CheckUpdates.java b/core/src/main/java/org/jivesoftware/sparkimpl/updater/CheckUpdates.java
index 7146501b2..bdbff76e1 100644
--- a/core/src/main/java/org/jivesoftware/sparkimpl/updater/CheckUpdates.java
+++ b/core/src/main/java/org/jivesoftware/sparkimpl/updater/CheckUpdates.java
@@ -114,18 +114,6 @@ else if (sparkPluginInstalled) {
* @return true if there is a new build available for download.
*/
public SparkVersion isNewBuildAvailableFromJivesoftware() {
-
- HttpHost proxy = null;
- String proxyHost = System.getProperty( "http.proxyHost" );
- String proxyPort = System.getProperty( "http.proxyPort" );
- if ( ModelUtil.hasLength( proxyHost ) && ModelUtil.hasLength(proxyPort) ) {
- try{
- proxy = new HttpHost(proxyHost, Integer.parseInt(proxyPort));
- } catch ( NumberFormatException e ) {
- Log.error( e );
- }
- }
-
final String os;
if (Spark.isWindows()) {
os = "windows";
@@ -144,12 +132,7 @@ else if (Spark.isMac()) {
// if (isBetaCheckingEnabled) {
// post.addParameter("beta", "true");
// }
- try (final CloseableHttpClient httpClient =
- HttpClients.custom()
- .setConnectionManager(AcceptAllCertsConnectionManager.getInstance())
- .setProxy(proxy)
- .build()
- ) {
+ try (final CloseableHttpClient httpClient = HttpClients.createSystem()) {
final ClassicHttpRequest request = ClassicRequestBuilder.post(mainUpdateURL)
.addParameter("os", os)
.setHeader("User-Agent", "Spark HttpFileUpload")
@@ -179,24 +162,7 @@ public void downloadUpdate(final File downloadedFile, final SparkVersion version
final java.util.Timer timer = new java.util.Timer();
final HttpGet request = new HttpGet(version.getDownloadURL());
-
- HttpHost proxy = null;
- String proxyHost = System.getProperty( "http.proxyHost" );
- String proxyPort = System.getProperty( "http.proxyPort" );
- if ( ModelUtil.hasLength( proxyHost ) && ModelUtil.hasLength(proxyPort) ) {
- try{
- proxy = new HttpHost(proxyHost, Integer.parseInt(proxyPort));
- } catch ( NumberFormatException e ) {
- Log.error( e );
- }
- }
-
- try (final CloseableHttpClient httpClient =
- HttpClients.custom()
- .setConnectionManager(AcceptAllCertsConnectionManager.getInstance())
- .setProxy(proxy)
- .build();
- ) {
+ try (final CloseableHttpClient httpClient = HttpClients.createSystem()) {
httpClient.execute(request, response -> {
if (response.getCode() != 200) {
return null;
diff --git a/core/src/main/resources/default.properties b/core/src/main/resources/default.properties
index 23eae9b3a..84c51b4db 100644
--- a/core/src/main/resources/default.properties
+++ b/core/src/main/resources/default.properties
@@ -273,11 +273,6 @@ APPLICATION_LINK_TXT = www.igniterealtime.org
# for a sample structure see trunk/documentation/sample_plugin_repository.xml
# default: http://www.igniterealtime.org/updater/plugins.jsp
PLUGIN_REPOSITORY = http://www.igniterealtime.org/updater/plugins.jsp
-# Use Sparks global Proxy to connect to the repository?
-# if your repository lies within your network, this probably needs to be disabled
-# default: true
-PLUGIN_REPOSITORY_USE_PROXY = true
-#http://www.igniterealtime.org/updater/plugins.jsp
# Disable Installing of Plugins
# set true if you want to disable installing of Plugins
INSTALL_PLUGINS_DISABLED =
diff --git a/plugins/fileupload/src/main/java/org/jivesoftware/spark/plugin/fileupload/ChatRoomDecorator.java b/plugins/fileupload/src/main/java/org/jivesoftware/spark/plugin/fileupload/ChatRoomDecorator.java
index 0d4e12269..00b9aee93 100644
--- a/plugins/fileupload/src/main/java/org/jivesoftware/spark/plugin/fileupload/ChatRoomDecorator.java
+++ b/plugins/fileupload/src/main/java/org/jivesoftware/spark/plugin/fileupload/ChatRoomDecorator.java
@@ -31,7 +31,6 @@
import org.jivesoftware.spark.ui.ChatRoom;
import org.jivesoftware.spark.util.GraphicUtils;
import org.jivesoftware.spark.util.log.Log;
-import org.jivesoftware.sparkimpl.updater.AcceptAllCertsConnectionManager;
import org.jxmpp.jid.EntityBareJid;
import org.jxmpp.jid.impl.JidCreate;
@@ -124,12 +123,7 @@ private void handleUpload(File file, ChatRoom room, Message.Type type)
private void uploadFile(File file, UploadRequest response, ChatRoom room, Message.Type type)
{
Log.debug("About to upload file for room " + room.getBareJid() + " via HTTP PUT to URL " + response.putUrl);
-
- try (final CloseableHttpClient httpClient =
- HttpClients.custom()
- .setConnectionManager(AcceptAllCertsConnectionManager.getInstance())
- .build()
- ) {
+ try (final CloseableHttpClient httpClient = HttpClients.createSystem()) {
final ClassicHttpRequest request = ClassicRequestBuilder.put(response.putUrl)
.setEntity(new FileEntity(file, ContentType.create("application/binary")))
.setHeader("User-Agent", "Spark HttpFileUpload")