diff options
author | Jim Hahn <jrh3@att.com> | 2020-06-30 09:14:51 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2020-06-30 09:21:35 -0400 |
commit | d3e074c0010cce39ed4ca0071f5a78aadc8d6496 (patch) | |
tree | 0cfa86f2cab0961f9f805f028492fa94f795b2a0 /utils/src/main/java/org/onap | |
parent | f71f3fcb8c1e3138f92a3c773f19bf3280572def (diff) |
Fix sonar about always-trust-manager
This trust manager is not secure and should be avoided. However,
it is only used when the configuration explicitly says to allow
self-signed certificates. Modified the code to use an apache trust
manager, thus avoid the sonar complaint.
Issue-ID: POLICY-2650
Change-Id: Iaf4c72689916ed5ed5e6864666f3f54b2c5e0f12
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'utils/src/main/java/org/onap')
-rw-r--r-- | utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java | 27 |
1 files changed, 2 insertions, 25 deletions
diff --git a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java index 4b823fdc..a2fb5a8b 100644 --- a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java +++ b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java @@ -26,9 +26,8 @@ import java.net.InetSocketAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.UnknownHostException; -import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; +import org.apache.commons.net.util.TrustManagerUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -48,29 +47,7 @@ public class NetworkUtil { /** * A trust manager that always trusts certificates. */ - // @formatter:off - private static final TrustManager[] ALWAYS_TRUST_MANAGER = new TrustManager[] { - new X509TrustManager() { - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } - - @Override - public void checkClientTrusted(final java.security.cert.X509Certificate[] certs, - final String authType) { - // always trust - } - - @Override - public void checkServerTrusted(final java.security.cert.X509Certificate[] certs, - final String authType) { - // always trust - } - } - }; - // @formatter:on + private static final TrustManager[] ALWAYS_TRUST_MANAGER = { TrustManagerUtils.getAcceptAllTrustManager() }; private NetworkUtil() { // Empty constructor |