http issue 3: Provide a way to disable SSL certificate validation

http issue 3: Provide a way to customize SSL certificate validation

http://code.google.com/p/google-http-java-client/issues/detail?id=3

[yanivi, 2012-11-30 19:55:46]

Ready for review now.

[yanivi, 2012-12-10 14:19:33]

Ping (now that media upload CL is done).

[rmistry, 2012-12-10 21:48:50]

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
File
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java
(right):

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java:85:
}
else if here? just to make it obvious that we do not allow both to be set.

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java:188:
doNotValidateCertificate == false, "cannot combine with
doNotValidateCertificate()");
Alternatively, we can do what FetchOptions.java is doing, allow both to be set
but only use the value of the last one.

doNotValidateCertification() can set:
doNoValidateCertificate = true;
validateCertificate = false;

and the reverse for validateCertificate().

We can document this behavior in both methods.

https://codereview.appspot.com/6843129/diff/6001/google-http-client/src/main/...
File
google-http-client/src/main/java/com/google/api/client/http/apache/ApacheHttpTransport.java
(right):

https://codereview.appspot.com/6843129/diff/6001/google-http-client/src/main/...
google-http-client/src/main/java/com/google/api/client/http/apache/ApacheHttpTransport.java:79:
* Constructor that uses {@link #newDefaultHttpClient()} for the Apache HTTP
client.
Should we specify "Use {@link Builder} to modify behavior." here and below?

[yanivi, 2012-12-10 22:04:43]

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
File
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java
(right):

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java:85:
}
On 2012/12/10 21:48:50, rmistry wrote:
> else if here? just to make it obvious that we do not allow both to be set.

Done.

https://codereview.appspot.com/6843129/diff/6001/google-http-client-appengine...
google-http-client-appengine/src/main/java/com/google/api/client/extensions/appengine/http/UrlFetchTransport.java:188:
doNotValidateCertificate == false, "cannot combine with
doNotValidateCertificate()");
On 2012/12/10 21:48:50, rmistry wrote:
> Alternatively, we can do what FetchOptions.java is doing, allow both to be set
> but only use the value of the last one.
> 
> doNotValidateCertification() can set:
> doNoValidateCertificate = true;
> validateCertificate = false;
> 
> and the reverse for validateCertificate().
> 
> We can document this behavior in both methods.

Done.

https://codereview.appspot.com/6843129/diff/6001/google-http-client/src/main/...
File
google-http-client/src/main/java/com/google/api/client/http/apache/ApacheHttpTransport.java
(right):

https://codereview.appspot.com/6843129/diff/6001/google-http-client/src/main/...
google-http-client/src/main/java/com/google/api/client/http/apache/ApacheHttpTransport.java:79:
* Constructor that uses {@link #newDefaultHttpClient()} for the Apache HTTP
client.
On 2012/12/10 21:48:50, rmistry wrote:
> Should we specify "Use {@link Builder} to modify behavior." here and below?

Done.

[rmistry, 2012-12-10 22:07:06]

LGTM