apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CPVM: use X509ExtendedTrustManager (#5419)

Browse Source
This commit is contained in:
Wei Zhou 2021-09-22 20:46:57 +02:00 committed by GitHub
parent 7d5393d577
commit 50a0e80de6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
services/console-proxy/server/src/main/java/com/cloud/consoleproxy/websocket/WebSocketReverseProxy.java
View File

@ -25,13 +25,14 @@ import org.java_websocket.handshake.ServerHandshake;
import org.java_websocket.protocols.Protocol;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import java.io.IOException;
import java.net.Socket;
import java.net.URI;
import java.nio.ByteBuffer;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
@ -54,15 +55,28 @@ public class WebSocketReverseProxy extends WebSocketClient {
private Session remoteSession;
private void acceptAllCerts() {
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
TrustManager[] trustAllCerts = new TrustManager[]{new X509ExtendedTrustManager() {
@Override
public void checkClientTrusted (X509Certificate [] chain, String authType, Socket socket) {
}
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
@Override
public void checkServerTrusted (X509Certificate [] chain, String authType, Socket socket) {
}
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
@Override
public void checkClientTrusted (X509Certificate [] chain, String authType, SSLEngine engine) {
}
@Override
public void checkServerTrusted (X509Certificate [] chain, String authType, SSLEngine engine) {
}
@Override
public java.security.cert.X509Certificate [] getAcceptedIssuers () {
return null;
}
@Override
public void checkClientTrusted (X509Certificate [] certs, String authType) {
}
@Override
public void checkServerTrusted (X509Certificate [] certs, String authType) {
}
}};
SSLContext sc;