You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2016/12/28 08:55:48 UTC
svn commit: r1776247 - in /directory/apacheds/trunk/server-integ/src/test:
java/org/apache/directory/server/ssl/
resources/org/apache/directory/server/ssl/
Author: elecharny
Date: Wed Dec 28 08:55:48 2016
New Revision: 1776247
URL: http://svn.apache.org/viewvc?rev=1776247&view=rev
Log:
Fixed the certificate and factory to work with Java 8
Added:
directory/apacheds/trunk/server-integ/src/test/resources/org/apache/directory/server/ssl/
directory/apacheds/trunk/server-integ/src/test/resources/org/apache/directory/server/ssl/bogus.cert (with props)
Modified:
directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusSSLContextFactory.java
directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusTrustManagerFactory.java
Modified: directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusSSLContextFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusSSLContextFactory.java?rev=1776247&r1=1776246&r2=1776247&view=diff
==============================================================================
--- directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusSSLContextFactory.java (original)
+++ directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusSSLContextFactory.java Wed Dec 28 08:55:48 2016
@@ -19,16 +19,15 @@
*/
package org.apache.directory.server.ssl;
-
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
+import java.security.Security;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
-
/**
* Factory to create a bougus SSLContext.
*
@@ -36,28 +35,38 @@ import javax.net.ssl.SSLContext;
*/
public class BogusSSLContextFactory
{
-
/**
* Protocol to use.
*/
- private static final String PROTOCOL = "TLS";
+ private static final String PROTOCOL = "TLSv1.2";
+
+ private static final String KEY_MANAGER_FACTORY_ALGORITHM;
+
+ static {
+ String algorithm = Security.getProperty("ssl.KeyManagerFactory.algorithm");
+
+ if (algorithm == null) {
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ }
+ KEY_MANAGER_FACTORY_ALGORITHM = algorithm;
+ }
+
/**
- * Bougus Server certificate keystore file name.
+ * Bogus Server certificate keystore file name.
*/
- private static final String BOGUS_KEYSTORE = "/bogus.cert";
+ private static final String BOGUS_KEYSTORE = "bogus.cert";
// NOTE: The keystore was generated using keytool:
- // keytool -genkey -alias bogus -keysize 512 -validity 3650
- // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
- // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
- // -keypass boguspw -storepass boguspw -keystore bogus.cert
+ // keytool -genkey -alias bogus -keysize 2048 -validity 3650
+ // -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
+ // O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
+ // -keypass boguspw -storepass boguspw -keystore bogus.cert
/**
* Bougus keystore password.
*/
- private static final char[] BOGUS_PW =
- { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
+ private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p', 'w' };
private static SSLContext serverInstance = null;
@@ -67,48 +76,46 @@ public class BogusSSLContextFactory
/**
* Get SSLContext singleton.
*
- * @return SSLContext
- * @throws java.security.GeneralSecurityException
- *
+ * @param server A flag to tell if this is a Client or Server instance we want to create
+ * @return SSLContext The created SSLContext
+ * @throws GeneralSecurityException If we had an issue creating the SSLContext
*/
public static SSLContext getInstance( boolean server ) throws GeneralSecurityException
{
SSLContext retInstance = null;
+
if ( server )
{
- if ( serverInstance == null )
+ synchronized ( BogusSSLContextFactory.class )
{
- synchronized ( BogusSSLContextFactory.class )
+ if ( serverInstance == null )
{
- if ( serverInstance == null )
+ try
+ {
+ serverInstance = createBougusServerSSLContext();
+ }
+ catch ( Exception ioe )
{
- try
- {
- serverInstance = createBougusServerSSLContext();
- }
- catch ( Exception ioe )
- {
- throw new GeneralSecurityException( "Can't create Server SSLContext:" + ioe );
- }
+ throw new GeneralSecurityException( "Can't create Server SSLContext:" + ioe );
}
}
}
+
retInstance = serverInstance;
}
else
{
- if ( clientInstance == null )
+ synchronized ( BogusSSLContextFactory.class )
{
- synchronized ( BogusSSLContextFactory.class )
+ if ( clientInstance == null )
{
- if ( clientInstance == null )
- {
- clientInstance = createBougusClientSSLContext();
- }
+ clientInstance = createBougusClientSSLContext();
}
}
+
retInstance = clientInstance;
}
+
return retInstance;
}
@@ -118,6 +125,7 @@ public class BogusSSLContextFactory
// Create keystore
KeyStore ks = KeyStore.getInstance( "JKS" );
InputStream in = null;
+
try
{
in = BogusSSLContextFactory.class.getResourceAsStream( BOGUS_KEYSTORE );
@@ -153,6 +161,7 @@ public class BogusSSLContextFactory
{
SSLContext context = SSLContext.getInstance( PROTOCOL );
context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null );
+
return context;
}
Modified: directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusTrustManagerFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusTrustManagerFactory.java?rev=1776247&r1=1776246&r2=1776247&view=diff
==============================================================================
--- directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusTrustManagerFactory.java (original)
+++ directory/apacheds/trunk/server-integ/src/test/java/org/apache/directory/server/ssl/BogusTrustManagerFactory.java Wed Dec 28 08:55:48 2016
@@ -20,6 +20,7 @@
package org.apache.directory.server.ssl;
+import java.net.Socket;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -27,8 +28,10 @@ import java.security.cert.CertificateExc
import java.security.cert.X509Certificate;
import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
+import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
@@ -45,22 +48,45 @@ class BogusTrustManagerFactory extends T
*/
static X509Certificate[] lastReceivedServerCertificates;
- static final X509TrustManager X509 = new X509TrustManager()
- {
- public void checkClientTrusted( X509Certificate[] x509Certificates, String s ) throws CertificateException
- {
+ static final X509TrustManager X509 = new X509ExtendedTrustManager() {
+
+ @Override
+ public void checkClientTrusted( X509Certificate[] chain, String authType ) throws CertificateException {
+ // Nothing to do
}
+ @Override
+ public void checkServerTrusted( X509Certificate[] chain, String authType ) throws CertificateException {
+ // Nothing to do
+ }
- public void checkServerTrusted( X509Certificate[] x509Certificates, String s ) throws CertificateException
- {
- lastReceivedServerCertificates = x509Certificates;
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return new X509Certificate[0];
}
+ @Override
+ public void checkClientTrusted( X509Certificate[] chain, String authType, Socket socket )
+ throws CertificateException {
+ // Nothing to do
+ }
- public X509Certificate[] getAcceptedIssuers()
- {
- return new X509Certificate[0];
+ @Override
+ public void checkClientTrusted( X509Certificate[] chain, String authType, SSLEngine engine )
+ throws CertificateException {
+ // Nothing to do
+ }
+
+ @Override
+ public void checkServerTrusted( X509Certificate[] chain, String authType, Socket socket )
+ throws CertificateException {
+ // Nothing to do
+ }
+
+ @Override
+ public void checkServerTrusted( X509Certificate[] chain, String authType, SSLEngine engine )
+ throws CertificateException {
+ // Nothing to do
}
};
Added: directory/apacheds/trunk/server-integ/src/test/resources/org/apache/directory/server/ssl/bogus.cert
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-integ/src/test/resources/org/apache/directory/server/ssl/bogus.cert?rev=1776247&view=auto
==============================================================================
Binary file - no diff available.
Propchange: directory/apacheds/trunk/server-integ/src/test/resources/org/apache/directory/server/ssl/bogus.cert
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream