You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2018/05/29 00:02:08 UTC

[GitHub] jai1 closed pull request #1851: Fixing resource leak due to open file descriptors in SecurityUtility.…

jai1 closed pull request #1851: Fixing resource leak due to open file descriptors in SecurityUtility.…
URL: https://github.com/apache/incubator-pulsar/pull/1851
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
index e9106f64ce..7121149181 100644
--- a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
+++ b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
@@ -58,7 +58,7 @@ public static SSLContext createSslContext(boolean allowInsecureConnection, Certi
     }
 
     public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
         return createNettySslContextForClient(allowInsecureConnection, trustCertsFilePath, (Certificate[]) null,
                 (PrivateKey) null);
     }
@@ -73,7 +73,7 @@ public static SSLContext createSslContext(boolean allowInsecureConnection, Strin
 
     public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath,
             String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
         X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath);
         PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);
         return createNettySslContextForClient(allowInsecureConnection, trustCertsFilePath, certificates, privateKey);
@@ -81,13 +81,15 @@ public static SslContext createNettySslContextForClient(boolean allowInsecureCon
 
     public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath,
             Certificate[] certificates, PrivateKey privateKey)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws GeneralSecurityException, IOException, FileNotFoundException {
         SslContextBuilder builder = SslContextBuilder.forClient();
         if (allowInsecureConnection) {
             builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
         } else {
             if (trustCertsFilePath != null && trustCertsFilePath.length() != 0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
             }
         }
         builder.keyManager(privateKey, (X509Certificate[]) certificates);
@@ -96,7 +98,7 @@ public static SslContext createNettySslContextForClient(boolean allowInsecureCon
 
     public static SslContext createNettySslContextForServer(boolean allowInsecureConnection, String trustCertsFilePath,
             String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
         X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath);
         PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);
 
@@ -105,7 +107,9 @@ public static SslContext createNettySslContextForServer(boolean allowInsecureCon
             builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
         } else {
             if (trustCertsFilePath != null && trustCertsFilePath.length() != 0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
             } else {
                 builder.trustManager((File) null);
             }


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services