Skip to content

ssl verification skip #855

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

ssl verification skip #855

wants to merge 1 commit into from

Conversation

@germanosin
Copy link
Member

@germanosin germanosin commented Feb 21, 2025
edited by Haarolean
Loading

  • Breaking change? (if so, please describe the impact and migration path for existing application instances)

What changes did you make? (Give an overview)
Fixes #854

Is there anything you'd like reviewers to focus on?

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

  • No need to
  • Manually (please, describe, if necessary)
  • Unit checks
  • Integration checks
  • Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (e.g. ENVIRONMENT VARIABLES)
  • My changes generate no new warnings (e.g. Sonar is happy)
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)

@germanosin germanosin requested a review from a team as a code owner February 21, 2025 15:30
@kapybro kapybro bot added status/triage Issues pending maintainers triage status/triage/manual Manual triage in progress status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Feb 21, 2025
@fallen-up
Copy link

fallen-up commented Feb 21, 2025

there were checkstyle errors:

[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipTrustManagerFactorySpi.java:[18,57] (blocks) LeftCurly: '{' at column 57 should have line break after.
[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipTrustManagerFactorySpi.java:[18,72] (extension) RightCurlyAlone: '}' at column 72 should be alone on a line.
[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipTrustManagerFactorySpi.java:[19,11] (whitespace) EmptyLineSeparator: 'METHOD_DEF' should be separated from previous line.
[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipTrustManagerFactorySpi.java:[20,11] (whitespace) EmptyLineSeparator: 'METHOD_DEF' should be separated from previous line.
[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipSecurityProvider.java:[10,31] (whitespace) WhitespaceAround: WhitespaceAround: '+' is not followed by whitespace. Empty blocks may only be represented as {} when not part of a multi-block statement (4.1.3)
[WARNING] src/main/java/io/kafbat/ui/service/ssl/SkipSecurityProvider.java:[10,31] (whitespace) WhitespaceAround: WhitespaceAround: '+' is not preceded with whitespace.

formatted:
api/src/main/java/io/kafbat/ui/service/ssl/SkipSecurityProvider.java:

package io.kafbat.ui.service.ssl;

import java.security.Provider;

public class SkipSecurityProvider extends Provider {
  public static final String NAME = "Skip";

  public SkipSecurityProvider() {
    super("SkipProvider", 1.0, "Skip TrustManagerFactory Provider");
    put("TrustManagerFactory." + NAME, "SkipTrustManagerFactorySpi");
  }
}

api/src/main/java/io/kafbat/ui/service/ssl/SkipTrustManagerFactorySpi.java:

package io.kafbat.ui.service.ssl;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class SkipTrustManagerFactorySpi extends javax.net.ssl.TrustManagerFactorySpi {

  private final TrustManager[] trustAllCertificates;

  public SkipTrustManagerFactorySpi() {
    this.trustAllCertificates =  new TrustManager[] {
        new X509TrustManager() {
          public X509Certificate[] getAcceptedIssuers() {
              return null;
          }

          public void checkClientTrusted(X509Certificate[] certs, String authType) {

          }
          
          public void checkServerTrusted(X509Certificate[] certs, String authType) {

          }
        }
    };
  }

  @Override
  protected void engineInit(KeyStore ks) throws KeyStoreException {

  }

  @Override
  protected void engineInit(ManagerFactoryParameters spec)
      throws InvalidAlgorithmParameterException {

  }

  @Override
  protected TrustManager[] engineGetTrustManagers() {
    return trustAllCertificates;
  }
}

the application can't start:
kafka-ui.log

@germanosin
Copy link
Member Author

germanosin commented Feb 21, 2025

This is just a draft for @Haarolean

@Haarolean Haarolean self-assigned this Feb 24, 2025
@Haarolean Haarolean marked this pull request as draft February 24, 2025 19:46
@Haarolean Haarolean closed this Mar 23, 2025
@Haarolean Haarolean mentioned this pull request Mar 23, 2025
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Haarolean Haarolean

Labels

status/triage/completed Automatic triage completed status/triage/manual Manual triage in progress

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

BE: SR: Skip SSL for SR

4 participants

@germanosin @fallen-up @Haarolean