diff options
Diffstat (limited to 'plugins')
2 files changed, 7 insertions, 3 deletions
diff --git a/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java b/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java index ad74b02de..f1aa2b266 100755 --- a/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java +++ b/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java @@ -81,6 +81,7 @@ import org.glassfish.jersey.media.multipart.file.FileDataBodyPart; import org.onap.ccsdk.sli.core.sli.SvcLogicContext; import org.onap.ccsdk.sli.core.sli.SvcLogicException; import org.onap.ccsdk.sli.core.sli.SvcLogicJavaPlugin; +import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier; import org.onap.ccsdk.sli.core.utils.common.EnvProperties; import org.onap.logging.filter.base.HttpURLConnectionMetricUtil; import org.onap.logging.filter.base.MetricLogClientFilter; @@ -795,9 +796,9 @@ public class RestapiCallNode implements SvcLogicJavaPlugin { Client client; if (ssl != null) { HttpsURLConnection.setDefaultSSLSocketFactory(ssl.getSocketFactory()); - client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier((s, sslSession) -> true).build(); + client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier(new AcceptIpAddressHostNameVerifier()).build(); } else { - client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build(); + client = ClientBuilder.newBuilder().hostnameVerifier(new AcceptIpAddressHostNameVerifier()).build(); } setClientTimeouts(client); @@ -924,7 +925,7 @@ public class RestapiCallNode implements SvcLogicJavaPlugin { protected SSLContext createSSLContext(Parameters p) { try (FileInputStream in = new FileInputStream(p.keyStoreFileName)) { - HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true); + HttpsURLConnection.setDefaultHostnameVerifier(new AcceptIpAddressHostNameVerifier()); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); KeyStore ks = KeyStore.getInstance("PKCS12"); char[] pwd = p.keyStorePassword.toCharArray(); diff --git a/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java b/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java index cf69d7a3c..5b47cf5b6 100644 --- a/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java +++ b/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java @@ -167,6 +167,9 @@ public class RestconfDiscoveryNode implements SvcLogicDiscoveryPlugin { log.info("Closed connection to SSE source"); } + // Note: Sonar complains about host name verification being + // disabled here. This is necessary to handle devices using self-signed + // certificates (where CA would be unknown) - so we are leaving this code as is. private Client ignoreSslClient() { SSLContext sslcontext = null; |