[
https://issues.apache.org/jira/browse/DRILL-8008?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17427349#comment-17427349
]
ASF GitHub Bot commented on DRILL-8008:
---------------------------------------
vvysotskyi commented on a change in pull request #2331:
URL: https://github.com/apache/drill/pull/2331#discussion_r726523723
##########
File path:
contrib/storage-http/src/main/java/org/apache/drill/exec/store/http/util/SimpleHttp.java
##########
@@ -116,6 +125,28 @@ private OkHttpClient setupHttpClient() {
builder.writeTimeout(timeout, TimeUnit.SECONDS);
builder.readTimeout(timeout, TimeUnit.SECONDS);
+ // Code to skip SSL Certificate validation
+ // Sourced from
https://stackoverflow.com/questions/60110848/how-to-disable-ssl-verification
+ if (! scanDefn.tableSpec().connectionConfig().verifySSLCert()) {
+ try {
+ TrustManager[] trustAllCerts = getAllTrustingTrustManager();
+ SSLContext sslContext = SSLContext.getInstance("SSL");
+ sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
+ SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
+
+
+ builder.sslSocketFactory(sslSocketFactory, (X509TrustManager)
trustAllCerts[0]);
+ builder.hostnameVerifier(new HostnameVerifier() {
+ @Override
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }
+ });
Review comment:
Can we use lambda here instead of declaring an anonymous class?
##########
File path:
contrib/storage-http/src/main/java/org/apache/drill/exec/store/http/HttpApiConfig.java
##########
@@ -102,6 +102,8 @@
private final int xmlDataLevel;
@JsonProperty
private final boolean errorOn400;
+ @JsonProperty
Review comment:
Please add `@JsonInclude` annotation, since it wouldn't be possible to
disable this property.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
> Add Config Option to HTTP Plugin to Skip SSL Validation
> -------------------------------------------------------
>
> Key: DRILL-8008
> URL: https://issues.apache.org/jira/browse/DRILL-8008
> Project: Apache Drill
> Issue Type: Improvement
> Components: Storage - Other
> Affects Versions: 1.19.0
> Reporter: Charles Givre
> Assignee: Charles Givre
> Priority: Minor
> Fix For: 1.20.0
>
>
> In the current implementation, Drill validates all SSL certificates when
> querying REST APIs. In some circumstances, such as a corporate network, or
> for testing, a user might want to disable this functionality. This PR adds a
> config option to the HTTP plugin to disable SSL validation.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
