Rest Client: Add property to skip hostname verification #27956
Conversation
|
@famod mind trying this out? |
|
@geoand I'd love to, but right now I'm standing in the middle of chaos because on the weekend we're finally relocating to our new house. |
|
Hope all goes well with the move :) |
|
@Chexpir would you like to test this before we merge it? |
|
@geoand thanks for the proposition, no need to test it. I've reviewed the code and I trust that it will work! |
|
@Chexpir were you able to test this one? |
|
Were are we with this one? I personally think we should get it in |
My +100 to get it in. |
|
My last comment was to make sure we clearly say in the doc that skipping host name verification should not be used in prod ('use it to your own risk') |
|
We should 100% add that |
Sgitario
force-pushed
the
skip_verify_host
branch
from
116731d to
d1280c2
Compare
|
PR updated with adding this warning to the docs. |
This comment has been minimized.
This comment has been minimized.
|
Any updates on this pull request? I would like to proceed to merge it if everybody agrees. |
|
Hi, it would be awsome if you merged this PR 😄 |
|
@Sgitario This issue is a blocker for us because we have to communicate with an HTTPS service over an ssh tunnel. Please merge :) |
|
@gsmet any last words or should I dismiss the old review? |
Before these changes, we only can disable the hostname verification in Rest Client classic by providing the following property: ``` quarkus.rest-client.extensions-api.hostname-verifier=io.quarkus.restclient.NoopHostnameVerifier ``` However, this is not working in Rest Client reactive because setting a hostname verifier strategy is not supported by the Vert-x HTTP Client. With these changes, we have added a new property in both Rest Client classic and reactive `quarkus.rest-client.extensions-api.verify-host=true or false`. In Rest Client classic, when disabling the verify host, internally it will add the `NoopHostnameVerifier` strategy. In Rest Client reactive, it will properly configure the Vert.x HTTP client to disable the hostname verification. Therefore, in both Rest Client implementations (classic and reactive), the behaviour is the same. Fix quarkusio#27901
geoand
force-pushed
the
skip_verify_host
branch
from
d1280c2 to
941d3a6
Compare
|
Since the last CI run of this was a while ago, I rebased onto |
geoand
added
triage/backport?
triage/waiting-for-ci
quarkus-bot
bot
added
kind/enhancement
Before these changes, we only can disable the hostname verification in Rest Client classic by providing the following property:
However, this is not working in Rest Client reactive because setting a hostname verifier strategy is not supported by the Vert-x HTTP Client.
With these changes, we have added a new property in both Rest Client classic and reactive
quarkus.rest-client.extensions-api.verify-host=true or false. In Rest Client classic, when disabling the verify host, internally it will add theNoopHostnameVerifierstrategy. In Rest Client reactive, it will properly configure the Vert.x HTTP client to disable the hostname verification. Therefore, in both Rest Client implementations (classic and reactive), the behaviour is the same.Fix #27901