Skip to content
2 changes: 1 addition & 1 deletion mid-java-client-core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>ch.mobileid.mid-java-client</groupId>
<artifactId>mid-java-client-parent</artifactId>
<version>1.6.0</version>
<version>1.6.1</version>
</parent>

<artifactId>mid-java-client-core</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion mid-java-client-rest/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>ch.mobileid.mid-java-client</groupId>
<artifactId>mid-java-client-parent</artifactId>
<version>1.6.0</version>
<version>1.6.1</version>
</parent>

<artifactId>mid-java-client-rest</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,24 @@
*/
package ch.swisscom.mid.client.rest;

import ch.swisscom.mid.client.MIDFlowException;
import ch.swisscom.mid.client.config.*;
import ch.swisscom.mid.client.impl.ComProtocolHandler;
import ch.swisscom.mid.client.impl.Loggers;
import ch.swisscom.mid.client.model.*;
import ch.swisscom.mid.client.rest.model.fault.MSSFault;
import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest;
import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse;
import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest;
import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse;
import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest;
import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse;
import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest;
import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse;
import ch.swisscom.mid.client.utils.Utils;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;

import org.apache.commons.codec.CharEncoding;
import org.apache.hc.client5.http.auth.AuthScope;
import org.apache.hc.client5.http.auth.UsernamePasswordCredentials;
Expand All @@ -30,6 +44,7 @@
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager;
import org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder;
import org.apache.hc.client5.http.ssl.NoopHostnameVerifier;
import org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.HttpHost;
Expand All @@ -43,32 +58,15 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.util.concurrent.TimeUnit;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;

import ch.swisscom.mid.client.MIDFlowException;
import ch.swisscom.mid.client.config.*;
import ch.swisscom.mid.client.impl.ComProtocolHandler;
import ch.swisscom.mid.client.impl.Loggers;
import ch.swisscom.mid.client.model.*;
import ch.swisscom.mid.client.rest.model.fault.MSSFault;
import ch.swisscom.mid.client.rest.model.profqreq.MSSProfileQueryRequest;
import ch.swisscom.mid.client.rest.model.profqresp.MSSProfileQueryResponse;
import ch.swisscom.mid.client.rest.model.receiptreq.MSSReceiptRequest;
import ch.swisscom.mid.client.rest.model.receiptresp.MSSReceiptResponse;
import ch.swisscom.mid.client.rest.model.signreq.MSSSignatureRequest;
import ch.swisscom.mid.client.rest.model.signresp.MSSSignatureResponse;
import ch.swisscom.mid.client.rest.model.statusreq.MSSStatusRequest;
import ch.swisscom.mid.client.rest.model.statusresp.MSSStatusResponse;
import ch.swisscom.mid.client.utils.Utils;

public class ComProtocolHandlerRestImpl implements ComProtocolHandler {

private static final Logger logConfig = LoggerFactory.getLogger(Loggers.CONFIG);
Expand Down Expand Up @@ -115,9 +113,8 @@ public void initialize(ClientConfiguration config) {
if (tlsConfig.isHostnameVerification()) {
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx);
} else {
logConfig.warn("Hostname verification is disabled in configuration. " +
"This setting is ignored for security reasons. Hostname verification will remain active.");
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx);
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslCtx, NoopHostnameVerifier.INSTANCE);
logConfig.warn("Hostname verification is disabled in configuration.");
}

if (tlsConfig.getSslContext() == null && sslCtx != null) {
Expand Down
2 changes: 1 addition & 1 deletion mid-java-client-soap/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>ch.mobileid.mid-java-client</groupId>
<artifactId>mid-java-client-parent</artifactId>
<version>1.6.0</version>
<version>1.6.1</version>
</parent>

<artifactId>mid-java-client-soap</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,26 @@
*/
package ch.swisscom.mid.client.soap;

import ch.swisscom.mid.client.MIDClientException;
import ch.swisscom.mid.client.config.ClientConfiguration;
import ch.swisscom.mid.client.config.ConfigurationException;
import ch.swisscom.mid.client.config.ProxyConfiguration;
import ch.swisscom.mid.client.config.TlsConfiguration;
import ch.swisscom.mid.client.impl.Loggers;
import com.sun.xml.ws.developer.JAXWSProperties;

import org.apache.commons.pool2.BasePooledObjectFactory;
import org.apache.commons.pool2.PooledObject;
import org.apache.commons.pool2.impl.DefaultPooledObject;
import org.etsi.uri.ts102204.etsi204_kiuru.MSSSignatureService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.net.ssl.*;
import javax.xml.namespace.QName;
import javax.xml.ws.Binding;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
import javax.xml.ws.handler.Handler;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
Expand All @@ -32,20 +43,6 @@
import java.util.List;
import java.util.function.Supplier;

import javax.net.ssl.*;
import javax.xml.namespace.QName;
import javax.xml.ws.Binding;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;
import javax.xml.ws.handler.Handler;

import ch.swisscom.mid.client.MIDClientException;
import ch.swisscom.mid.client.config.ClientConfiguration;
import ch.swisscom.mid.client.config.ConfigurationException;
import ch.swisscom.mid.client.config.ProxyConfiguration;
import ch.swisscom.mid.client.config.TlsConfiguration;
import ch.swisscom.mid.client.impl.Loggers;

public class MssServiceFactory<PortType> extends BasePooledObjectFactory<MssService<PortType>> {

private static final Logger log = LoggerFactory.getLogger(Loggers.CLIENT_PROTOCOL);
Expand All @@ -69,6 +66,7 @@ public class MssServiceFactory<PortType> extends BasePooledObjectFactory<MssServ
private static final String JDK_JAXWS_REQUEST_TIMEOUT = "com.sun.xml.internal.ws.request.timeout";
private static final String JBOSS_CXF_REQUEST_TIMEOUT = "javax.xml.ws.client.receiveTimeout";

private static final java.lang.String JAXWS_HOSTNAME_VERIFIER = "com.sun.xml.internal.ws.transport.https.client.hostname.verifier";
private static final java.lang.String JAXWS_SSL_SOCKET_FACTORY = "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory";

private static final String MSSP_NAMESPACE = "http://uri.etsi.org/TS102204/etsi204-kiuru.wsdl";
Expand Down Expand Up @@ -149,8 +147,10 @@ private MssService<PortType> createMssService() {
bindingProvider.getRequestContext().put(JAXWS_SSL_SOCKET_FACTORY, sslSocketFactory);

if (!clientConfiguration.getTls().isHostnameVerification()) {
log.warn("MSS Soap client: Hostname verification is disabled in configuration. " +
"This setting is ignored for security reasons. Hostname verification will remain active.");
NoopHostnameVerifier noopHostnameVerifier = new NoopHostnameVerifier();
bindingProvider.getRequestContext().put(JAXWSProperties.HOSTNAME_VERIFIER, noopHostnameVerifier);
bindingProvider.getRequestContext().put(JAXWS_HOSTNAME_VERIFIER, noopHostnameVerifier);
log.warn("MSS Soap client: Hostname verification is disabled in configuration.");
}

String serviceBaseUrl = serviceUrlSupplier.get();
Expand Down Expand Up @@ -298,4 +298,11 @@ private KeyStore produceATrustStore(TlsConfiguration tlsConfig) {
}
}

// ----------------------------------------------------------------------------------------------------
private static class NoopHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostName, SSLSession session) {
return true;
}
}
}
2 changes: 1 addition & 1 deletion mid-java-client-usage/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<parent>
<groupId>ch.mobileid.mid-java-client</groupId>
<artifactId>mid-java-client-parent</artifactId>
<version>1.6.0</version>
<version>1.6.1</version>
</parent>

<artifactId>mid-java-client-usage</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

<groupId>ch.mobileid.mid-java-client</groupId>
<artifactId>mid-java-client-parent</artifactId>
<version>1.6.0</version>
<version>1.6.1</version>
<name>Mobile ID Java client</name>
<description>Mobile ID client reference implementation in Java</description>
<url>https://github.com/MobileID-Strong-Authentication/mobileid-client-java</url>
Expand Down
Loading