adutra commented on code in PR #15500:
URL: https://github.com/apache/iceberg/pull/15500#discussion_r3016685398
##########
core/src/main/java/org/apache/iceberg/rest/auth/TLSConfigurer.java:
##########
@@ -32,6 +33,10 @@ default SSLContext sslContext() {
return SSLContexts.createDefault();
}
+ default HostnameVerificationPolicy hostnameVerificationPolicy() {
+ return HostnameVerificationPolicy.CLIENT;
+ }
+
default HostnameVerifier hostnameVerifier() {
Review Comment:
@stevenzwu @RussellSpitzer I implemented the suggested approach, PTAL.
I want to stress though that **returning null instead of
`HttpsSupport.getDefaultHostnameVerifier()` here is a behavioral change**.
The built-in verifier and Apache's default verifier both do roughly the same
verifications, but the latter is more strict/complete. They also kick in in
different phases and throw different exceptions.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
