WIP

Bearer · Feb 5, 2024 · 76cde80 · 76cde80
1 parent ed6136e
commit 76cde80
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/rules/java/lang/ssl_hostname_verifier.yml b/rules/java/lang/ssl_hostname_verifier.yml
@@ -63,6 +63,19 @@ patterns:
         regex: \A(javax\.net\.ssl\.)?SSLSession\z
       - variable: "TRUE"
         detection: ssl_hostname_verifier_true
+  - pattern: |
+      class $<_> implements $<HOSTNAME_VERIFIER>() {
+        $<!>$<...>$<_> verify(String $<_>, $<SSL_SESSION> $<_>) {
+          return $<TRUE>;
+        }
+      };
+    filters:
+      - variable: HOSTNAME_VERIFIER
+        regex: \A(javax\.net\.ssl\.)?HostnameVerifier\z
+      - variable: SSL_SESSION
+        regex: \A(javax\.net\.ssl\.)?SSLSession\z
+      - variable: "TRUE"
+        detection: ssl_hostname_verifier_true
 auxiliary:
   - id: ssl_hostname_verifier_allow_all_hostname_verifier
     patterns:

diff --git a/tests/java/lang/ssl_hostname_verifier/testdata/main.java b/tests/java/lang/ssl_hostname_verifier/testdata/main.java
@@ -101,7 +101,7 @@ public boolean verify(String s, SSLSession sslSession) {
   e.printStackTrace();
 }
 
-public class MySSLSocketFactory extends SSLSocketFactory {
+public class MySocketFactorySubClass extends SSLSocketFactory {
   SSLContext sslContext = SSLContext.getInstance("TLS");
   public MySSLSocketFactory(KeyStore truststore) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
     super(truststore);
@@ -122,6 +122,5 @@ public X509Certificate[] getAcceptedIssuers() {
 }
 
 MySocketFactorySubClass socketFactory = new MySocketFactorySubClass(trustStore);
-// TODO: not catching extended cases
-// bearer:expected java_lang_ssl_hostname_verifier
+// TODO bearer expected java_lang_ssl_hostname_verifier
 socketFactory.setHostnameVerifier(MySocketFactorySubClass.ALLOW_ALL_HOSTNAME_VERIFIER);