groovy-wslite
groovy-wslite copied to clipboard
Trust All X509TrustManager Improperly Returns Null for getAcceptedIssuers
The getAcceptedIssuers closure for trustingTrustManager in HTTPConnectionFactory.getConnectionTrustAllSSLCerts returns null in violation of the Java specification for X509TrustManager.getAcceptedIssuers (https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/X509TrustManager.html#getAcceptedIssuers--) which defines the return value to be a non-null (possibly empty) array.
This results in unexpected behavior when interacting with OpenJSSE, which relies on the above contract and ends up throwing a NullPointerException when the return value is unexpectedly null.