You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2017/03/08 23:33:38 UTC
knox git commit: KNOX-903 - KnoxShell allows self signed certs to be
used without any checks
Repository: knox
Updated Branches:
refs/heads/master 56176ef44 -> 9f7e34f11
KNOX-903 - KnoxShell allows self signed certs to be used without any checks
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/9f7e34f1
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/9f7e34f1
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/9f7e34f1
Branch: refs/heads/master
Commit: 9f7e34f114d499da39f98ec3c77a389e9d0538a4
Parents: 56176ef
Author: Larry McCay <lm...@hortonworks.com>
Authored: Wed Mar 8 18:33:14 2017 -0500
Committer: Larry McCay <lm...@hortonworks.com>
Committed: Wed Mar 8 18:33:32 2017 -0500
----------------------------------------------------------------------
.../src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/9f7e34f1/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
----------------------------------------------------------------------
diff --git a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
index ed0feb3..b830014 100644
--- a/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
+++ b/gateway-shell/src/main/java/org/apache/hadoop/gateway/shell/Hadoop.java
@@ -122,10 +122,11 @@ public class Hadoop implements Closeable {
// SSL
HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE;
- TrustStrategy trustStrategy = TrustSelfSignedStrategy.INSTANCE;
+ TrustStrategy trustStrategy = null;
if (clientContext.connection().secure()) {
hostnameVerifier = SSLConnectionSocketFactory.getDefaultHostnameVerifier();
} else {
+ trustStrategy = TrustSelfSignedStrategy.INSTANCE;
System.out.println("**************** WARNING ******************\n"
+ "This is an insecure client instance and may\n"
+ "leave the interactions subject to a man in\n"