summaryrefslogtreecommitdiffstats
path: root/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java
diff options
context:
space:
mode:
Diffstat (limited to 'security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java')
-rw-r--r--security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java16
1 files changed, 14 insertions, 2 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java b/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java
index c0e9e1053c3..5db6d551193 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/TransportSecurityOptions.java
@@ -30,6 +30,7 @@ public class TransportSecurityOptions {
private final Path caCertificatesFile;
private final AuthorizedPeers authorizedPeers;
private final List<String> acceptedCiphers;
+ private final boolean isHostnameValidationDisabled;
private TransportSecurityOptions(Builder builder) {
this.privateKeyFile = builder.privateKeyFile;
@@ -37,6 +38,7 @@ public class TransportSecurityOptions {
this.caCertificatesFile = builder.caCertificatesFile;
this.authorizedPeers = builder.authorizedPeers;
this.acceptedCiphers = builder.acceptedCiphers;
+ this.isHostnameValidationDisabled = builder.isHostnameValidationDisabled;
}
public Optional<Path> getPrivateKeyFile() {
@@ -57,6 +59,8 @@ public class TransportSecurityOptions {
public List<String> getAcceptedCiphers() { return acceptedCiphers; }
+ public boolean isHostnameValidationDisabled() { return isHostnameValidationDisabled; }
+
public static TransportSecurityOptions fromJsonFile(Path file) {
try (InputStream in = Files.newInputStream(file)) {
return new TransportSecurityOptionsJsonSerializer().deserialize(in);
@@ -90,6 +94,7 @@ public class TransportSecurityOptions {
private Path caCertificatesFile;
private AuthorizedPeers authorizedPeers;
private List<String> acceptedCiphers = new ArrayList<>();
+ private boolean isHostnameValidationDisabled;
public Builder() {}
@@ -114,6 +119,11 @@ public class TransportSecurityOptions {
return this;
}
+ public Builder withHostnameValidationDisabled(boolean isDisabled) {
+ this.isHostnameValidationDisabled = isDisabled;
+ return this;
+ }
+
public TransportSecurityOptions build() {
return new TransportSecurityOptions(this);
}
@@ -127,6 +137,7 @@ public class TransportSecurityOptions {
", caCertificatesFile=" + caCertificatesFile +
", authorizedPeers=" + authorizedPeers +
", acceptedCiphers=" + acceptedCiphers +
+ ", isHostnameValidationDisabled=" + isHostnameValidationDisabled +
'}';
}
@@ -135,7 +146,8 @@ public class TransportSecurityOptions {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
TransportSecurityOptions that = (TransportSecurityOptions) o;
- return Objects.equals(privateKeyFile, that.privateKeyFile) &&
+ return isHostnameValidationDisabled == that.isHostnameValidationDisabled &&
+ Objects.equals(privateKeyFile, that.privateKeyFile) &&
Objects.equals(certificatesFile, that.certificatesFile) &&
Objects.equals(caCertificatesFile, that.caCertificatesFile) &&
Objects.equals(authorizedPeers, that.authorizedPeers) &&
@@ -144,6 +156,6 @@ public class TransportSecurityOptions {
@Override
public int hashCode() {
- return Objects.hash(privateKeyFile, certificatesFile, caCertificatesFile, authorizedPeers, acceptedCiphers);
+ return Objects.hash(privateKeyFile, certificatesFile, caCertificatesFile, authorizedPeers, acceptedCiphers, isHostnameValidationDisabled);
}
} \ No newline at end of file