diff options
author | Jim Hahn <jrh3@att.com> | 2020-06-30 09:14:51 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2020-06-30 09:21:35 -0400 |
commit | d3e074c0010cce39ed4ca0071f5a78aadc8d6496 (patch) | |
tree | 0cfa86f2cab0961f9f805f028492fa94f795b2a0 /utils | |
parent | f71f3fcb8c1e3138f92a3c773f19bf3280572def (diff) |
Fix sonar about always-trust-manager
This trust manager is not secure and should be avoided. However,
it is only used when the configuration explicitly says to allow
self-signed certificates. Modified the code to use an apache trust
manager, thus avoid the sonar complaint.
Issue-ID: POLICY-2650
Change-Id: Iaf4c72689916ed5ed5e6864666f3f54b2c5e0f12
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'utils')
-rw-r--r-- | utils/pom.xml | 5 | ||||
-rw-r--r-- | utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java | 27 |
2 files changed, 7 insertions, 25 deletions
diff --git a/utils/pom.xml b/utils/pom.xml index 846d6871..95ea2c39 100644 --- a/utils/pom.xml +++ b/utils/pom.xml @@ -61,6 +61,11 @@ <artifactId>commons-lang3</artifactId> </dependency> <dependency> + <groupId>commons-net</groupId> + <artifactId>commons-net</artifactId> + <version>3.6</version> + </dependency> + <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> </dependency> diff --git a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java index 4b823fdc..a2fb5a8b 100644 --- a/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java +++ b/utils/src/main/java/org/onap/policy/common/utils/network/NetworkUtil.java @@ -26,9 +26,8 @@ import java.net.InetSocketAddress; import java.net.ServerSocket; import java.net.Socket; import java.net.UnknownHostException; -import java.security.cert.X509Certificate; import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; +import org.apache.commons.net.util.TrustManagerUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -48,29 +47,7 @@ public class NetworkUtil { /** * A trust manager that always trusts certificates. */ - // @formatter:off - private static final TrustManager[] ALWAYS_TRUST_MANAGER = new TrustManager[] { - new X509TrustManager() { - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } - - @Override - public void checkClientTrusted(final java.security.cert.X509Certificate[] certs, - final String authType) { - // always trust - } - - @Override - public void checkServerTrusted(final java.security.cert.X509Certificate[] certs, - final String authType) { - // always trust - } - } - }; - // @formatter:on + private static final TrustManager[] ALWAYS_TRUST_MANAGER = { TrustManagerUtils.getAcceptAllTrustManager() }; private NetworkUtil() { // Empty constructor |