summaryrefslogtreecommitdiffstats
path: root/ms/neng
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2021-07-29 11:11:15 -0400
committerDan Timoney <dtimoney@att.com>2021-07-29 11:11:15 -0400
commitf051be6ecc0ceeef0d4d086085547218d5f4e8d6 (patch)
tree6d3fb2fa3bb90576481d4a4292664ee24a619918 /ms/neng
parentfaf965656265dd96a350ce03bb478ef2b9a3805b (diff)
Address weak crypto issues
Fix 2 weak cryptography issues identified by SonarCloud scans. Issue-ID: CCSDK-3196 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I0fee14e7a96badeac8a278de4d74ef244c24f06f
Diffstat (limited to 'ms/neng')
-rw-r--r--ms/neng/pom.xml5
-rw-r--r--ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java3
2 files changed, 7 insertions, 1 deletions
diff --git a/ms/neng/pom.xml b/ms/neng/pom.xml
index e2d8aefe..ef3f5a55 100644
--- a/ms/neng/pom.xml
+++ b/ms/neng/pom.xml
@@ -350,6 +350,11 @@
<artifactId>jest</artifactId>
<version>5.3.3</version>
</dependency>
+ <dependency>
+ <groupId>org.onap.ccsdk.sli.core</groupId>
+ <artifactId>utils-provider</artifactId>
+ <version>${ccsdk.sli.version}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
index d577dc4b..33510332 100644
--- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
+++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java
@@ -46,6 +46,7 @@ import org.onap.ccsdk.apps.ms.neng.core.resource.model.GetConfigRequestV2;
import org.onap.ccsdk.apps.ms.neng.core.resource.model.GetConfigResponse;
import org.onap.ccsdk.apps.ms.neng.core.rs.interceptors.PolicyManagerAuthorizationInterceptor;
import org.onap.ccsdk.apps.ms.neng.extinf.props.PolicyManagerProps;
+import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.web.client.RestTemplateBuilder;
@@ -233,7 +234,7 @@ public class PolicyFinderServiceImpl implements PolicyFinder {
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
.loadTrustMaterial(null, acceptingTrustStrategy).build();
- HostnameVerifier verifier = (String arg0, SSLSession arg1) -> true;
+ HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier();
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, verifier);
CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();