Make validation tools more happy by not have TrustManager impl just accept (#9041)

Motivation:

Seems like some analyzer / validation tools scan code to detect if it may produce some security risk because of just blindly accept certificates. Such a tool did tag our code because we have such an implementation (which then is actually never be used). We should just change the impl to not do this as it does not matter for us and it makes such tools happier.

Modifications:

Throw CertificateException

Result:

Fixes https://github.com/netty/netty/issues/9032
This commit is contained in:
Norman Maurer 2019-04-12 21:36:57 +02:00
parent bbb9ea69e5
commit ee207f4bc6

View File

@ -66,11 +66,13 @@ final class OpenSslX509TrustManagerWrapper {
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
throw new CertificateException();
}
@Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
throws CertificateException {
throw new CertificateException();
}
@Override