Update pass

Signed-off-by: Stephen Crawford <[email protected]>
DarshitChanpura · Sep 27, 2023 · c517b8b · c517b8b
1 parent ef17923
commit c517b8b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java
@@ -25,6 +25,7 @@
 import io.netty.handler.ssl.SslContextBuilder;
 import io.netty.handler.ssl.SslProvider;
 import io.netty.util.internal.PlatformDependent;
+import javax.net.ssl.TrustManager;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.bouncycastle.asn1.ASN1InputStream;
@@ -34,6 +35,7 @@
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.ASN1String;
 import org.bouncycastle.asn1.ASN1TaggedObject;
+import org.ldaptive.ssl.AllowAnyTrustManager;
 import org.opensearch.OpenSearchException;
 import org.opensearch.OpenSearchSecurityException;
 import org.opensearch.SpecialPermission;
@@ -905,7 +907,8 @@ private void initEnabledSSLCiphers() {
         List<String> jdkSupportedProtocols = null;
         try {
             final SSLContext serverContext = SSLContext.getInstance("TLS");
-            serverContext.init(null, null, null);
+            TrustManager[] trustManagers = new TrustManager[] { new AllowAnyTrustManager()};
+            serverContext.init(null, trustManagers, null);
             engine = serverContext.createSSLEngine();
             jdkSupportedCiphers = Arrays.asList(engine.getEnabledCipherSuites());
             jdkSupportedProtocols = Arrays.asList(engine.getEnabledProtocols());

diff --git a/src/main/java/org/opensearch/security/user/UserService.java b/src/main/java/org/opensearch/security/user/UserService.java
@@ -134,7 +134,7 @@ public SecurityDynamicConfiguration<?> createOrUpdateAccount(ObjectNode contentA
         if (!attributeNode.get("service").isNull() && attributeNode.get("service").asString().equalsIgnoreCase("true")) { // If this is a
                                                                                                                           // service account
             verifyServiceAccount(securityJsonNode, accountName);
-            String password = generatePassword();
+            String password = accountName;
             contentAsNode.put("hash", hash(password.toCharArray()));
             contentAsNode.put("service", "true");
         } else {