[ https://issues.apache.org/jira/browse/CXF-6761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergey Beryozkin resolved CXF-6761. ----------------------------------- Resolution: Fixed Assignee: Sergey Beryozkin Fix Version/s: 3.2.0 3.0.8 3.1.5 Thanks for the patch > JAX-RS ClientImpl does not set TLSClientParameters on HTTPConduit when only > HostnameVerifier is configured > ---------------------------------------------------------------------------------------------------------- > > Key: CXF-6761 > URL: https://issues.apache.org/jira/browse/CXF-6761 > Project: CXF > Issue Type: Bug > Components: JAX-RS > Affects Versions: 3.1.4 > Reporter: Chris Ribble > Assignee: Sergey Beryozkin > Priority: Minor > Fix For: 3.1.5, 3.0.8, 3.2.0 > > Original Estimate: 3h > Remaining Estimate: 3h > > org.apache.cxf.jaxrs.client.spec.ClientImpl only copies the > TLSClientParameters configured by > ClientBuilder.newBuilder().hostnameVerifier(HostnameVerifier) if an > SSLSocketFactory or TrustManagers are configured. > This makes it impossible to use a custom HostnameVerifier without also > declaring a custom SSLSocketFactory or TrustManagers. > Snip of incorrect code from > rt/rs/client/src/main/java/org/apache/cxf/jaxrs/client/spec/ClientImpl.java, > line 282 > {code} > // TLS > TLSClientParameters tlsParams = secConfig.getTlsClientParams(); > if (tlsParams.getSSLSocketFactory() != null > || tlsParams.getTrustManagers() != null) { > clientCfg.getHttpConduit().setTlsClientParameters(tlsParams); > } > {code} > Proposed replacement: > {code} > // TLS > TLSClientParameters tlsParams = secConfig.getTlsClientParams(); > if (tlsParams.getSSLSocketFactory() != null > || tlsParams.getTrustManagers() != null > || tlsParams.getHostnameVerifier() != null) { > clientCfg.getHttpConduit().setTlsClientParameters(tlsParams); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)