diff options
| author |   Dan Timoney <dtimoney@att.com> | 2021-07-29 11:11:15 -0400 |
|---|---|---|
| committer | Dan Timoney <dtimoney@att.com> | 2021-07-29 11:11:15 -0400 |
| commit | f051be6ecc0ceeef0d4d086085547218d5f4e8d6 (patch) | |
| tree | 6d3fb2fa3bb90576481d4a4292664ee24a619918 /ms/neng | |
| parent | faf965656265dd96a350ce03bb478ef2b9a3805b (diff) | |
Address weak crypto issues
Fix 2 weak cryptography issues identified by SonarCloud scans.
Issue-ID: CCSDK-3196
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I0fee14e7a96badeac8a278de4d74ef244c24f06f
Diffstat (limited to 'ms/neng')
| -rw-r--r-- | ms/neng/pom.xml | 5 | ||||
| -rw-r--r-- | ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java | 3 |
2 files changed, 7 insertions, 1 deletions
diff --git a/ms/neng/pom.xml b/ms/neng/pom.xml index e2d8aefe..ef3f5a55 100644 --- a/ms/neng/pom.xml +++ b/ms/neng/pom.xml @@ -350,6 +350,11 @@ <artifactId>jest</artifactId> <version>5.3.3</version> </dependency> + <dependency> + <groupId>org.onap.ccsdk.sli.core</groupId> + <artifactId>utils-provider</artifactId> + <version>${ccsdk.sli.version}</version> + </dependency> </dependencies> <build> diff --git a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java index d577dc4b..33510332 100644 --- a/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java +++ b/ms/neng/src/main/java/org/onap/ccsdk/apps/ms/neng/service/extinf/impl/PolicyFinderServiceImpl.java @@ -46,6 +46,7 @@ import org.onap.ccsdk.apps.ms.neng.core.resource.model.GetConfigRequestV2; import org.onap.ccsdk.apps.ms.neng.core.resource.model.GetConfigResponse; import org.onap.ccsdk.apps.ms.neng.core.rs.interceptors.PolicyManagerAuthorizationInterceptor; import org.onap.ccsdk.apps.ms.neng.extinf.props.PolicyManagerProps; +import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.web.client.RestTemplateBuilder; @@ -233,7 +234,7 @@ public class PolicyFinderServiceImpl implements PolicyFinder { TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true; SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom() .loadTrustMaterial(null, acceptingTrustStrategy).build(); - HostnameVerifier verifier = (String arg0, SSLSession arg1) -> true; + HostnameVerifier verifier = new AcceptIpAddressHostNameVerifier(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, verifier); CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(csf).build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); |