You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by jf...@apache.org on 2015/11/23 22:34:37 UTC
svn commit: r1715967 -
/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Author: jfclere
Date: Mon Nov 23 21:34:37 2015
New Revision: 1715967
URL: http://svn.apache.org/viewvc?rev=1715967&view=rev
Log:
Arrange provider to algorithm.
make sure the file is closed.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java?rev=1715967&r1=1715966&r2=1715967&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLUtil.java Mon Nov 23 21:34:37 2015
@@ -16,7 +16,7 @@
*/
package org.apache.tomcat.util.net.openssl;
-import java.io.FileInputStream;
+import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.util.List;
@@ -26,6 +26,7 @@ import javax.net.ssl.SSLSessionContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import org.apache.tomcat.util.file.ConfigFileLoader;
import org.apache.tomcat.util.net.SSLContext;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;
@@ -64,7 +65,7 @@ public class OpenSSLUtil implements SSLU
String storefile = System.getProperty("java.home") + "/lib/security/cacerts";
String password = "changeit";
String type = "jks";
- String provider = null;
+ String algorithm = null;
if (sslHostConfig.getTruststoreFile() != null) {
storefile = sslHostConfig.getTruststoreFile();
}
@@ -74,19 +75,33 @@ public class OpenSSLUtil implements SSLU
if (sslHostConfig.getTruststoreType() != null) {
type = sslHostConfig.getTruststoreType();
}
- if (sslHostConfig.getTruststoreProvider() != null) {
- provider = sslHostConfig.getTruststoreProvider();
+ if (sslHostConfig.getTruststoreAlgorithm() != null) {
+ algorithm = sslHostConfig.getTruststoreAlgorithm();
}
TrustManagerFactory factory;
- if (provider == null)
+ if (algorithm == null)
factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
else
- factory = TrustManagerFactory.getInstance(provider);
+ factory = TrustManagerFactory.getInstance(algorithm);
KeyStore keystore = KeyStore.getInstance(type);
- InputStream stream = new FileInputStream(storefile);
- keystore.load(stream, password.toCharArray());
+ InputStream stream = null;
+ try {
+ stream = ConfigFileLoader.getInputStream(storefile);
+ keystore.load(stream, password.toCharArray());
+ } catch (Exception ex) {
+ throw ex;
+ } finally {
+ if (stream != null) {
+ try {
+ stream.close();
+ } catch (IOException ioe) {
+ // Do nothing
+ }
+ }
+ }
+
factory.init(keystore);
TrustManager[] managers = factory.getTrustManagers();
return managers;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org