Merge pull request #215 from splunk/verify-cluster-master-hosts

ashah-splunk · web-flow · commit e6c5fe7582b8 · 2023-05-18T10:38:47.000+05:30
Feature added to include cluster master hosts for HostName verification
diff --git a/splunk/src/main/java/com/splunk/HttpService.java b/splunk/src/main/java/com/splunk/HttpService.java
@@ -23,11 +23,8 @@
 import java.io.OutputStreamWriter;
 import java.net.*;
 import java.security.cert.X509Certificate;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.Map.Entry;
-import java.util.Objects;
 
 /**
  * The {@code HttpService} class represents a generic HTTP service at a given
@@ -50,13 +47,11 @@ public class HttpService {
     private static SSLSocketFactory sslSocketFactory = createSSLFactory();
     private static String HTTPS_SCHEME = "https";
     private static String HTTP_SCHEME = "http";
-    private static String HOSTNAME = "localhost";
-    private static String HOSTIP = "127.0.0.1";
-    private static String HOSTIPv6 = "::1";
+    private static List<String> VALID_HOSTS = new ArrayList<String>(Arrays.asList("localhost", "127.0.0.1", "::1"));
 
     private static final HostnameVerifier HOSTNAME_VERIFIER = new HostnameVerifier() {
         public boolean verify(String s, SSLSession sslSession) {
-            if (s.equals(HOSTNAME) || s.equals(HOSTIP) || s.equals(HOSTIPv6)) {
+            if(VALID_HOSTS.contains(s)){
                 return true;
             } else {
                 HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
@@ -239,6 +234,14 @@ public static void setSslSecurityProtocol(SSLSecurityProtocol securityProtocol)
         }
     }
 
+    /**
+     * Adds list of Cluster Master Hosts to the list of Valid Hosts for Hostname verification.
+     * @param searchHeadService Splunk SearchHead Service instance
+     */
+    public static void addClusterMasterURIsToHosts(Service searchHeadService){
+        VALID_HOSTS.addAll(searchHeadService.getClusterMasters());
+    }
+
     /**
      * Returns the URL prefix of this service, consisting of
      * {@code scheme://host[:port]}.
diff --git a/splunk/src/main/java/com/splunk/Service.java b/splunk/src/main/java/com/splunk/Service.java
@@ -19,9 +19,9 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
-import java.net.Socket;
-import java.net.URLEncoder;
-import java.net.URLStreamHandler;
+import java.net.*;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -594,6 +594,35 @@ public ServiceInfo getInfo() {
         return new ServiceInfo(this);
     }
 
+    /**
+     * Returns list of all applicable Cluster Master Hosts for the SearchHead Service.
+     *
+     * @return List of Cluster Master Host(s).
+     */
+    public List<String> getClusterMasters(){
+        Entity caps = new Entity(this, "cluster/config");
+        List<String> hosts = new ArrayList<String>();
+        try {
+            String clusterMasterURIs = caps.getString("master_uri");
+            URL clusterMasterUrl;
+            //for multi-cluster environment, there might be more than cluster master for the searchHead
+            if(clusterMasterURIs.contains(",")){
+                String[] masterURIs = clusterMasterURIs.split(",");
+                for(String uri : masterURIs){
+                    clusterMasterUrl = new URL(uri);
+                    hosts.add(clusterMasterUrl.getHost());
+                }
+            }else {
+                clusterMasterUrl = new URL(clusterMasterURIs);
+                hosts.add(clusterMasterUrl.getHost());
+            }
+            return hosts;
+        } catch (MalformedURLException e) {
+            e.printStackTrace();
+        }
+        return hosts;
+    }
+
     /**
      * Returns a collection of configured inputs.
      *
