Add host name verifier that accepts IP addresses

Add a host name verifier that handles IP addresses as special cases, so that they can be safely ignored in lab environments Issue-ID: CCSDK-3196 Signed-off-by: Dan Timoney <dtimoney@att.com> Change-Id: I83cec989102620b52a227b7ca71efb92227d834c
author: Dan Timoney <dtimoney@att.com> 2021-07-09 10:20:56 -0400
committer: KAPIL SINGAL <ks220y@att.com> 2021-07-09 17:22:17 +0000
commit: 4e4988af6aa561d4950711322941cab8c2d2c895 (patch)
tree: 65c6190636ffa13092badc58b5f1d16dc56db65c /northbound
parent: 2ab339240c1d0bd8246bebb75d12c4849dd9e4c5 (diff)
2 files changed, 5 insertions, 12 deletions
diff --git a/northbound/dmaap-listener/src/main/java/org/onap/ccsdk/sli/northbound/dmaapclient/SdncOdlConnection.java b/northbound/dmaap-listener/src/main/java/org/onap/ccsdk/sli/northbound/dmaapclient/SdncOdlConnection.java
index 6eeef9b48..681502021 100644
--- a/northbound/dmaap-listener/src/main/java/org/onap/ccsdk/sli/northbound/dmaapclient/SdncOdlConnection.java
+++ b/northbound/dmaap-listener/src/main/java/org/onap/ccsdk/sli/northbound/dmaapclient/SdncOdlConnection.java
@@ -33,6 +33,7 @@ import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLSession;
 import org.apache.commons.codec.binary.Base64;
+import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -106,12 +107,8 @@ public class SdncOdlConnection {
         httpConn.setUseCaches(false);
 
         if (httpConn instanceof HttpsURLConnection) {
-            HostnameVerifier hostnameVerifier = new HostnameVerifier() {
-                @Override
-                public boolean verify(String hostname, SSLSession session) {
-                    return true;
-                }
-            };
+            // Safely disable host name verification if host is an ip address or 'localhost'
+            HostnameVerifier hostnameVerifier = new AcceptIpAddressHostNameVerifier();
             ((HttpsURLConnection) httpConn).setHostnameVerifier(hostnameVerifier);
         }
 
diff --git a/northbound/ueb-listener/src/main/java/org/onap/ccsdk/sli/northbound/uebclient/SdncOdlConnection.java b/northbound/ueb-listener/src/main/java/org/onap/ccsdk/sli/northbound/uebclient/SdncOdlConnection.java
index 78d9c5bc9..79bd2235f 100644
--- a/northbound/ueb-listener/src/main/java/org/onap/ccsdk/sli/northbound/uebclient/SdncOdlConnection.java
+++ b/northbound/ueb-listener/src/main/java/org/onap/ccsdk/sli/northbound/uebclient/SdncOdlConnection.java
@@ -35,6 +35,7 @@ import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLSession;
 
 import org.apache.commons.codec.binary.Base64;
+import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -110,12 +111,7 @@ public class SdncOdlConnection {
 		httpConn.setUseCaches(false);
 
 		if (httpConn instanceof HttpsURLConnection) {
-			HostnameVerifier hostnameVerifier = new HostnameVerifier() {
-				@Override
-				public boolean verify(String hostname, SSLSession session) {
-					return true;
-				}
-			};
+			HostnameVerifier hostnameVerifier = new AcceptIpAddressHostNameVerifier();
 			((HttpsURLConnection) httpConn).setHostnameVerifier(hostnameVerifier);
 		}
author	Dan Timoney <dtimoney@att.com>	2021-07-09 10:20:56 -0400
committer	KAPIL SINGAL <ks220y@att.com>	2021-07-09 17:22:17 +0000
commit	4e4988af6aa561d4950711322941cab8c2d2c895 (patch)
tree	65c6190636ffa13092badc58b5f1d16dc56db65c /northbound
parent	2ab339240c1d0bd8246bebb75d12c4849dd9e4c5 (diff)