Author: remm
Date: Mon Nov 5 15:38:53 2018
New Revision: 1845813
URL: http://svn.apache.org/viewvc?rev=1845813&view=rev
Log:
Reduce code duplication.
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/CertificateStreamProvider.java
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings.properties
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.java
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java?rev=1845813&r1=1845812&r2=1845813&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.java
Mon Nov 5 15:38:53 2018
@@ -17,17 +17,23 @@
package org.apache.catalina.tribes.membership.cloud;
+import java.io.BufferedInputStream;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
+import java.security.KeyStore;
import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.catalina.tribes.membership.Constants;
@@ -104,4 +110,32 @@ public abstract class AbstractStreamProv
return connection.getInputStream();
}
+ protected static TrustManager[] configureCaCert(String caCertFile) throws
Exception {
+ if (caCertFile != null) {
+ try (InputStream pemInputStream = new BufferedInputStream(new
FileInputStream(caCertFile))) {
+ CertificateFactory certFactory =
CertificateFactory.getInstance("X509");
+ X509Certificate cert =
(X509Certificate)certFactory.generateCertificate(pemInputStream);
+
+ KeyStore trustStore = KeyStore.getInstance("JKS");
+ trustStore.load(null);
+
+ String alias = cert.getSubjectX500Principal().getName();
+ trustStore.setCertificateEntry(alias, cert);
+
+ TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ trustManagerFactory.init(trustStore);
+
+ return trustManagerFactory.getTrustManagers();
+ } catch (FileNotFoundException fnfe) {
+ log.error(sm.getString("abstractStream.fileNotFound",
caCertFile));
+ throw fnfe;
+ } catch (Exception e) {
+ log.error(sm.getString("abstractStream.trustManagerError",
caCertFile));
+ throw e;
+ }
+ } else {
+ log.warn(sm.getString("abstractStream.CACertUndefined"));
+ return InsecureStreamProvider.INSECURE_TRUST_MANAGERS;
+ }
+ }
}
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/CertificateStreamProvider.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/CertificateStreamProvider.java?rev=1845813&r1=1845812&r2=1845813&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/CertificateStreamProvider.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/CertificateStreamProvider.java
Mon Nov 5 15:38:53 2018
@@ -31,7 +31,6 @@ import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -76,35 +75,9 @@ public class CertificateStreamProvider e
return keyManagerFactory.getKeyManagers();
} catch (IOException e) {
- log.error(sm.getString("certificateStream.clientCertError",
clientCertFile, clientKeyFile), e);
+ log.error(sm.getString("certificateStream.clientCertError",
clientCertFile, clientKeyFile));
throw e;
}
}
- private static TrustManager[] configureCaCert(String caCertFile) throws
Exception {
- if (caCertFile != null) {
- try (InputStream pemInputStream = new FileInputStream(caCertFile))
{
- CertificateFactory certFactory =
CertificateFactory.getInstance("X509");
- X509Certificate cert = (X509Certificate)
certFactory.generateCertificate(pemInputStream);
-
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(null);
-
- String alias = cert.getSubjectX500Principal().getName();
- trustStore.setCertificateEntry(alias, cert);
-
- TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustManagerFactory.init(trustStore);
-
- return trustManagerFactory.getTrustManagers();
- } catch (Exception e) {
- log.error(sm.getString("certificateStream.CACertError",
caCertFile), e);
- throw e;
- }
- } else {
- log.warn(sm.getString("certificateStream.CACertUndefined"));
- return InsecureStreamProvider.INSECURE_TRUST_MANAGERS;
- }
- }
-
}
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings.properties?rev=1845813&r1=1845812&r2=1845813&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings.properties
(original)
+++
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/LocalStrings.properties
Mon Nov 5 15:38:53 2018
@@ -13,14 +13,13 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+abstractStream.fileNotFound=CA cert file {0} not found
+abstractStream.trustManagerError=Could not create trust manager for {0}
+abstractStream.CACertUndefined=CA cert file undefined
+
certificateStream.clientCertError=Could not create key manager for {0} ({1})
-certificateStream.CACertError=Could not create trust store for {0}
-certificateStream.CACertUndefined=CA cert undefined
-tokenStream.failedConnection=Failed connection to {0} with token {1} and CA {2}
-tokenStream.fileNotFound=CA cert file {0} not found
-tokenStream.trustManagerError=Could not create trust manager for {0}
-tokenStream.CACertUndefined=CA cert file undefined
+tokenStream.failedConnection=Failed connection to {0} with token {1}
cloudMembershipService.stopFail=Unable to stop the static membership service,
level: [{0}]
Modified:
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.java?rev=1845813&r1=1845812&r2=1845813&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/tribes/membership/cloud/TokenStreamProvider.java
Mon Nov 5 15:38:53 2018
@@ -17,36 +17,22 @@
package org.apache.catalina.tribes.membership.cloud;
-import java.io.BufferedInputStream;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
-import java.security.KeyStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-
-import org.apache.juli.logging.Log;
-import org.apache.juli.logging.LogFactory;
public class TokenStreamProvider extends AbstractStreamProvider {
- private static final Log log =
LogFactory.getLog(TokenStreamProvider.class);
-
private String token;
- private String caCertFile;
private SSLSocketFactory factory;
TokenStreamProvider(String token, String caCertFile) throws Exception {
this.token = token;
- this.caCertFile = caCertFile;
- TrustManager[] trustManagers = configureCaCert(this.caCertFile);
+ TrustManager[] trustManagers = configureCaCert(caCertFile);
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, null);
this.factory = context.getSocketFactory();
@@ -68,36 +54,7 @@ public class TokenStreamProvider extends
return super.openStream(url, headers, connectTimeout, readTimeout);
} catch (IOException e) {
// Add debug information
- throw new IOException(sm.getString("tokenStream.failedConnection",
url, token, caCertFile), e);
- }
- }
-
- private TrustManager[] configureCaCert(String caCertFile) throws Exception
{
- if (caCertFile != null) {
- try (InputStream pemInputStream = new BufferedInputStream(new
FileInputStream(caCertFile))) {
- CertificateFactory certFactory =
CertificateFactory.getInstance("X509");
- X509Certificate cert =
(X509Certificate)certFactory.generateCertificate(pemInputStream);
-
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(null);
-
- String alias = cert.getSubjectX500Principal().getName();
- trustStore.setCertificateEntry(alias, cert);
-
- TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- trustManagerFactory.init(trustStore);
-
- return trustManagerFactory.getTrustManagers();
- } catch (FileNotFoundException fnfe) {
- log.error(sm.getString("tokenStream.fileNotFound",
caCertFile));
- throw fnfe;
- } catch (Exception e) {
- log.error(sm.getString("tokenStream.trustManagerError",
caCertFile), e);
- throw e;
- }
- } else {
- log.warn(sm.getString("tokenStream.CACertUndefined"));
- return InsecureStreamProvider.INSECURE_TRUST_MANAGERS;
+ throw new IOException(sm.getString("tokenStream.failedConnection",
url, token), e);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
