From a859873c238589888aa39ebcb3fd66f0cf881d49 Mon Sep 17 00:00:00 2001
From: Yunchi Luo <yunchiluo@squareup.com>
Date: Mon, 22 Jul 2019 11:21:48 -0400
Subject: [PATCH] support overriding SSLSocketFactory

---
 .../launchdarkly/eventsource/EventSource.java | 27 ++++++++++++++-----
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/launchdarkly/eventsource/EventSource.java b/src/main/java/com/launchdarkly/eventsource/EventSource.java
index a130534..7e4b281 100644
--- a/src/main/java/com/launchdarkly/eventsource/EventSource.java
+++ b/src/main/java/com/launchdarkly/eventsource/EventSource.java
@@ -1,5 +1,6 @@
 package com.launchdarkly.eventsource;
 
+import javax.net.ssl.SSLSocketFactory;
 import okhttp3.*;
 import okio.BufferedSource;
 import okio.Okio;
@@ -512,6 +513,13 @@ public static final class Builder {
             .readTimeout(DEFAULT_READ_TIMEOUT_MS, TimeUnit.MILLISECONDS)
             .writeTimeout(DEFAULT_WRITE_TIMEOUT_MS, TimeUnit.MILLISECONDS)
             .retryOnConnectionFailure(true);
+    {
+      try {
+        clientBuilder.sslSocketFactory(new ModernTLSSocketFactory(), defaultTrustManager());
+      } catch (GeneralSecurityException e) {
+        // TLS is not available, so don't set up the socket factory, swallow the exception
+      }
+    }
 
     /**
      * Creates a new builder.
@@ -752,6 +760,19 @@ public Builder connectionErrorHandler(ConnectionErrorHandler handler) {
       return this;
     }
 
+    /**
+     * Sets the {@link SSLSocketFactory} for making TLS connections.
+     *
+     * @param sslSocketFactory the ssl socket factory
+     * @param trustManager the trust manager
+     * @return the builder
+     */
+    public Builder sslSocketFactory(SSLSocketFactory sslSocketFactory,
+        X509TrustManager trustManager) {
+      this.clientBuilder.sslSocketFactory(sslSocketFactory, trustManager);
+      return this;
+    }
+
     /**
      * Constructs an {@link EventSource} using the builder's current properties.
      * @return the new EventSource instance
@@ -761,12 +782,6 @@ public EventSource build() {
         clientBuilder.proxy(proxy);
       }
 
-      try {
-        clientBuilder.sslSocketFactory(new ModernTLSSocketFactory(), defaultTrustManager());
-      } catch (GeneralSecurityException e) {
-        // TLS is not available, so don't set up the socket factory, swallow the exception
-      }
-
       if (proxyAuthenticator != null) {
         clientBuilder.proxyAuthenticator(proxyAuthenticator);
       }