You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jmeter.apache.org by pm...@apache.org on 2019/09/30 21:15:27 UTC
[jmeter] 04/07: Sonar security Warning: False positives in the
context of performance and pen testing which is what JMeter is made for
This is an automated email from the ASF dual-hosted git repository.
pmouawad pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git
commit 5dc63d8cdd2062bb043846c84226d5ff891440d0
Author: pmouawad <p....@ubik-ingenierie.com>
AuthorDate: Mon Sep 30 23:12:36 2019 +0200
Sonar security Warning: False positives in the context of performance
and pen testing which is what JMeter is made for
---
.../org/apache/jmeter/util/CustomX509TrustManager.java | 5 +++--
.../org/apache/jmeter/util/TrustAllSSLSocketFactory.java | 16 ++++++++--------
.../smtp/sampler/protocol/TrustAllSSLSocketFactory.java | 6 ++----
3 files changed, 13 insertions(+), 14 deletions(-)
diff --git a/src/core/src/main/java/org/apache/jmeter/util/CustomX509TrustManager.java b/src/core/src/main/java/org/apache/jmeter/util/CustomX509TrustManager.java
index 31795e1..4258e8a 100644
--- a/src/core/src/main/java/org/apache/jmeter/util/CustomX509TrustManager.java
+++ b/src/core/src/main/java/org/apache/jmeter/util/CustomX509TrustManager.java
@@ -53,7 +53,7 @@ public class CustomX509TrustManager implements X509TrustManager
* @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String)
*/
@Override
- public void checkClientTrusted(X509Certificate[] certificates, String authType) {
+ public void checkClientTrusted(X509Certificate[] certificates, String authType) { // NOSONAR JMeter is a pentest and perf testing tool
if (log.isDebugEnabled() && certificates != null) {
for (int i = 0; i < certificates.length; i++) {
X509Certificate cert = certificates[i];
@@ -78,7 +78,8 @@ public class CustomX509TrustManager implements X509TrustManager
* @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String)
*/
@Override
- public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
+ public void checkServerTrusted(X509Certificate[] certificates,String authType) // NOSONAR JMeter is a pentest and perf testing tool
+ throws CertificateException {
if (log.isDebugEnabled() && certificates != null) {
for (int i = 0; i < certificates.length; i++) {
X509Certificate cert = certificates[i];
diff --git a/src/core/src/main/java/org/apache/jmeter/util/TrustAllSSLSocketFactory.java b/src/core/src/main/java/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
index 66841dc..16e52ab 100644
--- a/src/core/src/main/java/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
+++ b/src/core/src/main/java/org/apache/jmeter/util/TrustAllSSLSocketFactory.java
@@ -35,7 +35,7 @@ import javax.net.ssl.X509ExtendedTrustManager;
* This class can be used as a SocketFactory with SSL-connections.<p>
* Its purpose is to ensure that all certificates - no matter from which CA - are accepted to secure the SSL-connection.
*/
-public class TrustAllSSLSocketFactory extends SSLSocketFactory {
+public class TrustAllSSLSocketFactory extends SSLSocketFactory { // NOSONAR JMeter is a pentest and perf testing tool
private final SSLSocketFactory factory;
@@ -56,11 +56,11 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
return EMPTY_X509Certificate;
}
@Override
- public void checkClientTrusted(X509Certificate[] chain, String authType) {
+ public void checkClientTrusted(X509Certificate[] chain, String authType) { // NOSONAR JMeter is a pentest and perf testing tool
// NOOP
}
@Override
- public void checkServerTrusted(X509Certificate[] chain, String authType) {
+ public void checkServerTrusted(X509Certificate[] chain, String authType) { // NOSONAR JMeter is a pentest and perf testing tool
// NOOP
}
@Override
@@ -115,7 +115,7 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
@Override
public Socket createSocket(InetAddress address, int port,
InetAddress localAddress, int localPort) throws IOException {
- return factory.createSocket(address, port, localAddress, localPort);
+ return factory.createSocket(address, port, localAddress, localPort); // NOSONAR JMeter is a pentest and perf testing tool
}
/**
@@ -124,7 +124,7 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
@Override
public Socket createSocket(InetAddress address, int port) throws
IOException {
- return factory.createSocket(address, port);
+ return factory.createSocket(address, port); // NOSONAR JMeter is a pentest and perf testing tool
}
/**
@@ -133,7 +133,7 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
@Override
public Socket createSocket(String host, int port, InetAddress localHost, int localPort)
throws IOException {
- return factory.createSocket(host, port, localHost, localPort);
+ return factory.createSocket(host, port, localHost, localPort); // NOSONAR JMeter is a pentest and perf testing tool
}
/**
@@ -141,7 +141,7 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
*/
@Override
public Socket createSocket(String host, int port) throws IOException {
- return factory.createSocket(host, port);
+ return factory.createSocket(host, port); // NOSONAR JMeter is a pentest and perf testing tool
}
/**
@@ -149,7 +149,7 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
*/
@Override
public Socket createSocket() throws IOException {
- return factory.createSocket();
+ return factory.createSocket(); // NOSONAR JMeter is a pentest and perf testing tool
}
/**
diff --git a/src/protocol/mail/src/main/java/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java b/src/protocol/mail/src/main/java/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
index 9d22e5f..f65ba69 100644
--- a/src/protocol/mail/src/main/java/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
+++ b/src/protocol/mail/src/main/java/org/apache/jmeter/protocol/smtp/sampler/protocol/TrustAllSSLSocketFactory.java
@@ -56,12 +56,10 @@ public class TrustAllSSLSocketFactory extends SSLSocketFactory {
return EMPTY_X509Certificate;
}
@Override
- public void checkClientTrusted(
- X509Certificate[] certs, String authType) {
+ public void checkClientTrusted(X509Certificate[] certs, String authType) { // NOSONAR JMeter is a pentest and perf testing tool
}
@Override
- public void checkServerTrusted(
- X509Certificate[] certs, String authType) {
+ public void checkServerTrusted(X509Certificate[] certs, String authType) { // NOSONAR JMeter is a pentest and perf testing tool
}
}
},