Support disabling host verification in naming service

As a workaround for an issue found in processing SAN certificates,
allow for hostname verification to be diabled by setting the
environment variable DISABLE_HOST_VERIFICATION=true.  By default,
host name verification remains enabled ... it must be explicitly
disabled for this environment variable setting.

Issue-ID: CCSDK-3501
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I0e3260cc5b8640814dd2f092aee20bca183dc34b

2 files changed, 15 insertions, 3 deletions

diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
index e84d5b69..56a6da2c 100644
--- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
+++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/extinf/props/PolicyManagerProps.java
@@ -35,6 +35,7 @@ public class PolicyManagerProps {
     String version;
     String environment;
     String ecompRequestId;
+    Boolean disableHostVerification = Boolean.FALSE;
 
     /**
      * Property passed to policy manager in the ClientAuth header.
@@ -54,6 +55,7 @@ public class PolicyManagerProps {
         return basicAuth;
     }
 
+
     public void setBasicAuth(String basicAuth) {
         this.basicAuth = basicAuth;
     }
@@ -102,4 +104,14 @@ public class PolicyManagerProps {
         this.version = version;
     }
 
+    /**
+     * Disable host name verification
+     */
+    public Boolean getDisableHostVerification() {
+        return disableHostVerification;
+    }
+
+    public void setDisableHostVerification(Boolean disableHostVerification) {
+        this.disableHostVerification = disableHostVerification;
+    }
 }
diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
index 33510332..6ae3c204 100644
--- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
+++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
@@ -141,7 +141,7 @@ public class PolicyFinderServiceImpl implements PolicyFinder {
         RequestEntity<T> re = RequestEntity.post(new URI(policManProps.getUrl()))
                         .accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).body(request);
         try {
-            ResponseEntity<Object> resp = getRestTemplate().exchange(re, Object.class);
+            ResponseEntity<Object> resp = getRestTemplate(policManProps.getDisableHostVerification()).exchange(re, Object.class);
             if (HttpStatus.OK.equals(resp.getStatusCode())) {
                 ObjectMapper objectmapper = new ObjectMapper();
                 String bodyStr = objectmapper.writeValueAsString(resp.getBody());
@@ -227,14 +227,14 @@ public class PolicyFinderServiceImpl implements PolicyFinder {
         }
     }
 
-    RestTemplate getRestTemplate() throws Exception {
+    RestTemplate getRestTemplate(Boolean disableHostVerification) throws Exception {
         if (restTemplate != null) {
             return restTemplate;
         }
         TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
         SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
                         .loadTrustMaterial(null, acceptingTrustStrategy).build();
-        HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier();
+        HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier(disableHostVerification);
         SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, verifier);
         CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
         HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();