You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by br...@apache.org on 2011/09/26 19:14:11 UTC

svn commit: r1175959 - in /cassandra/branches/cassandra-0.8: CHANGES.txt src/java/org/apache/cassandra/security/SSLFactory.java

Author: brandonwilliams
Date: Mon Sep 26 17:14:10 2011
New Revision: 1175959

URL: http://svn.apache.org/viewvc?rev=1175959&view=rev
Log:
Fix FD leak when internode encryption is enabled.
Patch by Vijay, reviewed by brandonwilliams for CASSANDRA-3257

Modified:
    cassandra/branches/cassandra-0.8/CHANGES.txt
    cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java

Modified: cassandra/branches/cassandra-0.8/CHANGES.txt
URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/CHANGES.txt?rev=1175959&r1=1175958&r2=1175959&view=diff
==============================================================================
--- cassandra/branches/cassandra-0.8/CHANGES.txt (original)
+++ cassandra/branches/cassandra-0.8/CHANGES.txt Mon Sep 26 17:14:10 2011
@@ -7,6 +7,7 @@
  * File descriptor limit increased in packaging (CASSANDRA-3206)
  * Log a miningfull warning when a node receive a message for a repair session
    that don't exist anymore (CASSANDRA-3256)
+ * Fix FD leak when internode encryption is enabled (CASSANDRA-3257)
 
 
 0.8.6

Modified: cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java
URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java?rev=1175959&r1=1175958&r2=1175959&view=diff
==============================================================================
--- cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java (original)
+++ cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java Mon Sep 26 17:14:10 2011
@@ -76,6 +76,8 @@ public final class SSLFactory
     }
 
     private static SSLContext createSSLContext(EncryptionOptions options) throws IOException {
+        FileInputStream tsf = new FileInputStream(options.truststore);
+        FileInputStream ksf = new FileInputStream(options.keystore);
         SSLContext ctx;
         try {
             ctx = SSLContext.getInstance(PROTOCOL);
@@ -84,18 +86,21 @@ public final class SSLFactory
 
             tmf = TrustManagerFactory.getInstance(ALGORITHM);
             KeyStore ts = KeyStore.getInstance(STORE_TYPE);
-            ts.load(new FileInputStream(options.truststore), options.truststore_password.toCharArray());
+            ts.load(tsf, options.truststore_password.toCharArray());
             tmf.init(ts);
 
             kmf = KeyManagerFactory.getInstance(ALGORITHM);
             KeyStore ks = KeyStore.getInstance(STORE_TYPE);
-            ks.load(new FileInputStream(options.keystore), options.keystore_password.toCharArray());
+            ks.load(ksf, options.keystore_password.toCharArray());
             kmf.init(ks, options.keystore_password.toCharArray());
 
             ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
 
         } catch (Exception e) {
             throw new IOException("Error creating the initializing the SSL Context", e);
+        } finally {
+            tsf.close();
+            ksf.close();
         }
         return ctx;
     }