|
15 | 15 | */ |
16 | 16 | package ch.swisscom.mid.client.rest; |
17 | 17 |
|
| 18 | +import ch.swisscom.mid.client.MIDFlowException; |
| 19 | +import ch.swisscom.mid.client.config.*; |
| 20 | +import ch.swisscom.mid.client.impl.ComProtocolHandler; |
| 21 | +import ch.swisscom.mid.client.impl.Loggers; |
| 22 | +import ch.swisscom.mid.client.model.*; |
| 23 | +import ch.swisscom.mid.client.rest.model.fault.MSSFault; |
| 24 | +import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest; |
| 25 | +import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse; |
| 26 | +import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest; |
| 27 | +import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse; |
| 28 | +import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest; |
| 29 | +import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse; |
| 30 | +import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest; |
| 31 | +import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse; |
| 32 | +import ch.swisscom.mid.client.utils.Utils; |
18 | 33 | import com.fasterxml.jackson.core.JsonProcessingException; |
19 | 34 | import com.fasterxml.jackson.databind.DeserializationFeature; |
20 | 35 | import com.fasterxml.jackson.databind.ObjectMapper; |
21 | | - |
22 | 36 | import org.apache.commons.codec.CharEncoding; |
23 | 37 | import org.apache.hc.client5.http.auth.AuthScope; |
24 | 38 | import org.apache.hc.client5.http.auth.UsernamePasswordCredentials; |
|
30 | 44 | import org.apache.hc.client5.http.impl.classic.HttpClients; |
31 | 45 | import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager; |
32 | 46 | import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder; |
| 47 | +import org.apache.hc.client5.http.ssl.NoopHostnameVerifier; |
33 | 48 | import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory; |
34 | 49 | import org.apache.hc.core5.http.ContentType; |
35 | 50 | import org.apache.hc.core5.http.HttpHost; |
|
43 | 58 | import org.slf4j.Logger; |
44 | 59 | import org.slf4j.LoggerFactory; |
45 | 60 |
|
| 61 | +import javax.net.ssl.SSLContext; |
| 62 | +import javax.net.ssl.SSLException; |
46 | 63 | import java.io.ByteArrayInputStream; |
47 | 64 | import java.io.FileInputStream; |
48 | 65 | import java.io.IOException; |
49 | 66 | import java.io.InputStream; |
50 | 67 | import java.security.KeyStore; |
51 | 68 | import java.util.concurrent.TimeUnit; |
52 | 69 |
|
53 | | -import javax.net.ssl.SSLContext; |
54 | | -import javax.net.ssl.SSLException; |
55 | | - |
56 | | -import ch.swisscom.mid.client.MIDFlowException; |
57 | | -import ch.swisscom.mid.client.config.*; |
58 | | -import ch.swisscom.mid.client.impl.ComProtocolHandler; |
59 | | -import ch.swisscom.mid.client.impl.Loggers; |
60 | | -import ch.swisscom.mid.client.model.*; |
61 | | -import ch.swisscom.mid.client.rest.model.fault.MSSFault; |
62 | | -import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest; |
63 | | -import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse; |
64 | | -import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest; |
65 | | -import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse; |
66 | | -import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest; |
67 | | -import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse; |
68 | | -import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest; |
69 | | -import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse; |
70 | | -import ch.swisscom.mid.client.utils.Utils; |
71 | | - |
72 | 70 | public class ComProtocolHandlerRestImpl implements ComProtocolHandler { |
73 | 71 |
|
74 | 72 | private static final Logger logConfig = LoggerFactory.getLogger(Loggers.CONFIG); |
@@ -115,9 +113,8 @@ public void initialize(ClientConfiguration config) { |
115 | 113 | if (tlsConfig.isHostnameVerification()) { |
116 | 114 | sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx); |
117 | 115 | } else { |
118 | | - logConfig.warn("Hostname verification is disabled in configuration. " + |
119 | | - "This setting is ignored for security reasons. Hostname verification will remain active."); |
120 | | - sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx); |
| 116 | + sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx, NoopHostnameVerifier.INSTANCE); |
| 117 | + logConfig.warn("Hostname verification is disabled in configuration."); |
121 | 118 | } |
122 | 119 |
|
123 | 120 | if (tlsConfig.getSslContext() == null && sslCtx != null) { |
|
0 commit comments