diff options
author | Bjørn Christian Seime <bjorn.christian@seime.no> | 2018-01-05 10:16:57 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-01-05 10:16:57 +0100 |
commit | 92c43eede16d4c3e5059a690e24548689f3ec204 (patch) | |
tree | e7ad98feb133e69f728f4ad856ec43516ed00491 /controller-api/src | |
parent | f5df837564f3e60216657cc8da35849887539c18 (diff) |
Revert "Use httpclient version matching zts-client"
Diffstat (limited to 'controller-api/src')
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifier.java | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifier.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifier.java index 764ba9c2104..6f8ebc4c5db 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifier.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzIdentityVerifier.java @@ -29,12 +29,16 @@ public class AthenzIdentityVerifier implements HostnameVerifier { public boolean verify(String hostname, SSLSession session) { try { X509Certificate cert = (X509Certificate) session.getPeerCertificates()[0]; - return allowedIdentities.contains(AthenzUtils.createAthenzIdentity(cert)); + return isTrusted(AthenzUtils.createAthenzIdentity(cert)); } catch (SSLPeerUnverifiedException e) { log.log(Level.WARNING, "Unverified client: " + hostname); return false; } } + public boolean isTrusted(AthenzIdentity identity) { + return allowedIdentities.contains(identity); + } + } |