diff --git a/src/main/java/land/oras/auth/HttpClient.java b/src/main/java/land/oras/auth/HttpClient.java index 56d9ffb0..77fe0045 100644 --- a/src/main/java/land/oras/auth/HttpClient.java +++ b/src/main/java/land/oras/auth/HttpClient.java @@ -805,22 +805,34 @@ public X509Certificate[] getAcceptedIssuers() { } @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) {} + public void checkClientTrusted(X509Certificate[] chain, String authType) { + // Intentionally empty: insecure trust manager that accepts all client certificates + } @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) {} + public void checkServerTrusted(X509Certificate[] chain, String authType) { + // Intentionally empty: insecure trust manager that accepts all server certificates + } @Override - public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) {} + public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket) { + // Intentionally empty: insecure trust manager that accepts all client certificates + } @Override - public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) {} + public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket) { + // Intentionally empty: insecure trust manager that accepts all server certificates + } @Override - public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) {} + public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine) { + // Intentionally empty: insecure trust manager that accepts all client certificates + } @Override - public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) {} + public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine) { + // Intentionally empty: insecure trust manager that accepts all server certificates + } } /**