knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject knox git commit: KNOX-903 - KnoxShell allows self signed certs to be used without any checks
Date Wed, 08 Mar 2017 23:34:29 GMT
Repository: knox
Updated Branches:
  refs/heads/v0.12.0 fcdef6f20 -> 3ec2fc3b7


KNOX-903 - KnoxShell allows self signed certs to be used without any checks

Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/3ec2fc3b
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/3ec2fc3b
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/3ec2fc3b

Branch: refs/heads/v0.12.0
Commit: 3ec2fc3b759063dc6fc03f3805dde82c6f0141d1
Parents: fcdef6f
Author: Larry McCay <lmccay@hortonworks.com>
Authored: Wed Mar 8 18:33:14 2017 -0500
Committer: Larry McCay <lmccay@hortonworks.com>
Committed: Wed Mar 8 18:34:17 2017 -0500

----------------------------------------------------------------------
 .../src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/3ec2fc3b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
----------------------------------------------------------------------
diff --git a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
index ed0feb3..b830014 100644
--- a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
+++ b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
@@ -122,10 +122,11 @@ public class Hadoop implements Closeable {
 
     // SSL
     HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
-    TrustStrategy trustStrategy = TrustSelfSignedStrategy.INSTANCE;
+    TrustStrategy trustStrategy = null;
     if (clientContext.connection().secure()) {
       hostnameVerifier = SSLConnectionSocketFactory.getDefaultHostnameVerifier();
     } else {
+      trustStrategy = TrustSelfSignedStrategy.INSTANCE;
       System.out.println("**************** WARNING ******************\n"
               + "This is an insecure client instance and may\n"
               + "leave the interactions subject to a man in\n"


Mime
View raw message