Skip to content

Commit ae5b1c0

Browse files
jyeminjyemin
committed
JAVA-4017
1 parent 32052a1 commit ae5b1c0

File tree

2 files changed

+23
-1
lines changed

2 files changed

+23
-1
lines changed

config/findbugs-exclude.xml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,15 @@
2525

2626

2727
<!-- these specific issues are deliberate design decisions -->
28+
29+
<!-- Deliberately ignoring this, as the check for a null SSLParameters is actually necessary.
30+
See https://jira.mongodb.org/browse/JAVA-2876 for details. -->
31+
<Match>
32+
<Class name="com.mongodb.client.internal.KeyManagementService"/>
33+
<Method name="enableHostNameVerification" params="javax.net.ssl.SSLSocket"/>
34+
<Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/>
35+
</Match>
36+
2837
<!-- Deliberately ignoring this, as many BSONObject subclasses don't do it -->
2938
<Match>
3039
<Package name="com.mongodb"/>

driver-sync/src/main/com/mongodb/client/internal/KeyManagementService.java

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,11 @@
1717
package com.mongodb.client.internal;
1818

1919
import com.mongodb.ServerAddress;
20+
import com.mongodb.internal.connection.SslHelper;
2021

2122
import javax.net.ssl.SSLContext;
23+
import javax.net.ssl.SSLParameters;
24+
import javax.net.ssl.SSLSocket;
2225
import java.io.IOException;
2326
import java.io.InputStream;
2427
import java.io.OutputStream;
@@ -38,9 +41,10 @@ class KeyManagementService {
3841

3942
public InputStream stream(final String host, final ByteBuffer message) throws IOException {
4043
ServerAddress serverAddress = host.contains(":") ? new ServerAddress(host) : new ServerAddress(host, defaultPort);
41-
Socket socket = sslContext.getSocketFactory().createSocket();
44+
SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket();
4245

4346
try {
47+
enableHostNameVerification(socket);
4448
socket.setSoTimeout(timeoutMillis);
4549
socket.connect(serverAddress.getSocketAddress(), timeoutMillis);
4650
} catch (IOException e) {
@@ -68,6 +72,15 @@ public InputStream stream(final String host, final ByteBuffer message) throws IO
6872
}
6973
}
7074

75+
private void enableHostNameVerification(final SSLSocket socket) {
76+
SSLParameters sslParameters = socket.getSSLParameters();
77+
if (sslParameters == null) {
78+
sslParameters = new SSLParameters();
79+
}
80+
SslHelper.enableHostNameVerification(sslParameters);
81+
socket.setSSLParameters(sslParameters);
82+
}
83+
7184
public int getDefaultPort() {
7285
return defaultPort;
7386
}

0 commit comments

Comments
 (0)