summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rwxr-xr-xplugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java7
-rw-r--r--plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java3
2 files changed, 7 insertions, 3 deletions
diff --git a/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java b/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
index ad74b02de..f1aa2b266 100755
--- a/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
+++ b/plugins/restapi-call-node/provider/src/main/java/org/onap/ccsdk/sli/plugins/restapicall/RestapiCallNode.java
@@ -81,6 +81,7 @@ import org.glassfish.jersey.media.multipart.file.FileDataBodyPart;
import org.onap.ccsdk.sli.core.sli.SvcLogicContext;
import org.onap.ccsdk.sli.core.sli.SvcLogicException;
import org.onap.ccsdk.sli.core.sli.SvcLogicJavaPlugin;
+import org.onap.ccsdk.sli.core.utils.common.AcceptIpAddressHostNameVerifier;
import org.onap.ccsdk.sli.core.utils.common.EnvProperties;
import org.onap.logging.filter.base.HttpURLConnectionMetricUtil;
import org.onap.logging.filter.base.MetricLogClientFilter;
@@ -795,9 +796,9 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
Client client;
if (ssl != null) {
HttpsURLConnection.setDefaultSSLSocketFactory(ssl.getSocketFactory());
- client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier((s, sslSession) -> true).build();
+ client = ClientBuilder.newBuilder().sslContext(ssl).hostnameVerifier(new AcceptIpAddressHostNameVerifier()).build();
} else {
- client = ClientBuilder.newBuilder().hostnameVerifier((s, sslSession) -> true).build();
+ client = ClientBuilder.newBuilder().hostnameVerifier(new AcceptIpAddressHostNameVerifier()).build();
}
setClientTimeouts(client);
@@ -924,7 +925,7 @@ public class RestapiCallNode implements SvcLogicJavaPlugin {
protected SSLContext createSSLContext(Parameters p) {
try (FileInputStream in = new FileInputStream(p.keyStoreFileName)) {
- HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
+ HttpsURLConnection.setDefaultHostnameVerifier(new AcceptIpAddressHostNameVerifier());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
KeyStore ks = KeyStore.getInstance("PKCS12");
char[] pwd = p.keyStorePassword.toCharArray();
diff --git a/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java b/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
index cf69d7a3c..5b47cf5b6 100644
--- a/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
+++ b/plugins/restconf-client/provider/src/main/java/org/onap/ccsdk/sli/plugins/restconfdiscovery/RestconfDiscoveryNode.java
@@ -167,6 +167,9 @@ public class RestconfDiscoveryNode implements SvcLogicDiscoveryPlugin {
log.info("Closed connection to SSE source");
}
+ // Note: Sonar complains about host name verification being
+ // disabled here. This is necessary to handle devices using self-signed
+ // certificates (where CA would be unknown) - so we are leaving this code as is.
private Client ignoreSslClient() {
SSLContext sslcontext = null;