Don't use deprecated X509HostnameVerifier
Use HostnameVerifier instead, per the documentation [1]
[1] https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/conn/ssl/X509HostnameVerifier.html
Change-Id: I4d9a213ad03d25d3f2c3624f5728b7d13f03dcc2
diff --git a/src/main/java/com/googlesource/gerrit/plugins/importer/HttpSession.java b/src/main/java/com/googlesource/gerrit/plugins/importer/HttpSession.java
index 9fb8e27..531d176 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/importer/HttpSession.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/importer/HttpSession.java
@@ -20,7 +20,6 @@
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
@@ -31,10 +30,9 @@
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
+import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
-import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
@@ -106,28 +104,12 @@
}
}
- private static class DummyHostnameVerifier implements X509HostnameVerifier {
+ private static class DummyHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
// always accept
return true;
}
-
- @Override
- public void verify(String host, SSLSocket ssl) throws IOException {
- // no check
- }
-
- @Override
- public void verify(String host, X509Certificate cert) throws SSLException {
- // no check
- }
-
- @Override
- public void verify(String host, String[] cns, String[] subjectAlts)
- throws SSLException {
- // no check
- }
}
}