Make validation tools more happy by not have TrustManager impl just accept (#9041)

Motivation:

Seems like some analyzer / validation tools scan code to detect if it may produce some security risk because of just blindly accept certificates. Such a tool did tag our code because we have such an implementation (which then is actually never be used). We should just change the impl to not do this as it does not matter for us and it makes such tools happier.

Modifications:

Throw CertificateException

Result:

Fixes https://github.com/netty/netty/issues/9032
This commit is contained in:
Norman Maurer 2019-04-12 21:36:57 +02:00 committed by GitHub
parent 86dd388637
commit 48edf40861
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -71,11 +71,13 @@ final class OpenSslX509TrustManagerWrapper {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
throw new CertificateException();
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
throw new CertificateException();
}
@Override