aboutsummaryrefslogtreecommitdiffstats
path: root/ms
diff options
context:
space:
mode:
authorDan Timoney <dtimoney@att.com>2019-09-18 17:24:34 +0000
committerGerrit Code Review <gerrit@onap.org>2019-09-18 17:24:34 +0000
commite68e4afc65fe0b94515011d16d02c60dd92809b8 (patch)
tree905361ad8c1679b33ff38b628332b742655e18e8 /ms
parenta1f447c4398bf6edb1742a39193f1ac1d8925c7b (diff)
parente275dc8ea2986f582b3a4aea65c8ca8c0d9f05f3 (diff)
Merge "SSLRestClientProperties does not allow ignoring hostname discrepancies with certificate, when doing SSL negotiation."
Diffstat (limited to 'ms')
-rw-r--r--ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/BluePrintRestLibData.kt1
-rw-r--r--ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLRestClientService.kt12
2 files changed, 10 insertions, 3 deletions
diff --git a/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/BluePrintRestLibData.kt b/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/BluePrintRestLibData.kt
index 68672f227..1e6e23b86 100644
--- a/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/BluePrintRestLibData.kt
+++ b/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/BluePrintRestLibData.kt
@@ -28,6 +28,7 @@ open class SSLRestClientProperties : RestClientProperties() {
lateinit var keyStoreInstance: String // JKS, PKCS12
lateinit var sslTrust: String
lateinit var sslTrustPassword: String
+ var sslTrustIgnoreHostname: Boolean = false
var sslKey: String? = null
var sslKeyPassword: String? = null
}
diff --git a/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLRestClientService.kt b/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLRestClientService.kt
index 2acf776ca..0ef1757e2 100644
--- a/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLRestClientService.kt
+++ b/ms/blueprintsprocessor/modules/commons/rest-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/rest/service/SSLRestClientService.kt
@@ -32,6 +32,7 @@ import java.io.File
import java.io.FileInputStream
import java.security.KeyStore
import java.security.cert.X509Certificate
+import org.apache.http.conn.ssl.NoopHostnameVerifier
class SSLRestClientService(private val restClientProperties: SSLRestClientProperties) :
BlueprintWebClientService {
@@ -87,6 +88,7 @@ class SSLRestClientService(private val restClientProperties: SSLRestClientProper
val sslKeyPwd = restClientProperties.sslKeyPassword
val sslTrust = restClientProperties.sslTrust
val sslTrustPwd = restClientProperties.sslTrustPassword
+ val sslTrustIgnoreHostname = restClientProperties.sslTrustIgnoreHostname
val acceptingTrustStrategy = { _: Array<X509Certificate>, _: String ->
true
@@ -101,9 +103,13 @@ class SSLRestClientService(private val restClientProperties: SSLRestClientProper
}
}
- sslContext.loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(),
- acceptingTrustStrategy)
- val csf = SSLConnectionSocketFactory(sslContext.build())
+ sslContext.loadTrustMaterial(File(sslTrust), sslTrustPwd.toCharArray(), acceptingTrustStrategy)
+ var csf : SSLConnectionSocketFactory
+ if (sslTrustIgnoreHostname) {
+ csf = SSLConnectionSocketFactory(sslContext.build(), NoopHostnameVerifier())
+ } else {
+ csf = SSLConnectionSocketFactory(sslContext.build())
+ }
return HttpClients.custom()
.addInterceptorFirst(WebClientUtils.logRequest())
.addInterceptorLast(WebClientUtils.logResponse())