You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by br...@apache.org on 2011/09/26 19:14:11 UTC
svn commit: r1175959 - in /cassandra/branches/cassandra-0.8: CHANGES.txt
src/java/org/apache/cassandra/security/SSLFactory.java
Author: brandonwilliams
Date: Mon Sep 26 17:14:10 2011
New Revision: 1175959
URL: http://svn.apache.org/viewvc?rev=1175959&view=rev
Log:
Fix FD leak when internode encryption is enabled.
Patch by Vijay, reviewed by brandonwilliams for CASSANDRA-3257
Modified:
cassandra/branches/cassandra-0.8/CHANGES.txt
cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java
Modified: cassandra/branches/cassandra-0.8/CHANGES.txt
URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/CHANGES.txt?rev=1175959&r1=1175958&r2=1175959&view=diff
==============================================================================
--- cassandra/branches/cassandra-0.8/CHANGES.txt (original)
+++ cassandra/branches/cassandra-0.8/CHANGES.txt Mon Sep 26 17:14:10 2011
@@ -7,6 +7,7 @@
* File descriptor limit increased in packaging (CASSANDRA-3206)
* Log a miningfull warning when a node receive a message for a repair session
that don't exist anymore (CASSANDRA-3256)
+ * Fix FD leak when internode encryption is enabled (CASSANDRA-3257)
0.8.6
Modified: cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java
URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java?rev=1175959&r1=1175958&r2=1175959&view=diff
==============================================================================
--- cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java (original)
+++ cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java Mon Sep 26 17:14:10 2011
@@ -76,6 +76,8 @@ public final class SSLFactory
}
private static SSLContext createSSLContext(EncryptionOptions options) throws IOException {
+ FileInputStream tsf = new FileInputStream(options.truststore);
+ FileInputStream ksf = new FileInputStream(options.keystore);
SSLContext ctx;
try {
ctx = SSLContext.getInstance(PROTOCOL);
@@ -84,18 +86,21 @@ public final class SSLFactory
tmf = TrustManagerFactory.getInstance(ALGORITHM);
KeyStore ts = KeyStore.getInstance(STORE_TYPE);
- ts.load(new FileInputStream(options.truststore), options.truststore_password.toCharArray());
+ ts.load(tsf, options.truststore_password.toCharArray());
tmf.init(ts);
kmf = KeyManagerFactory.getInstance(ALGORITHM);
KeyStore ks = KeyStore.getInstance(STORE_TYPE);
- ks.load(new FileInputStream(options.keystore), options.keystore_password.toCharArray());
+ ks.load(ksf, options.keystore_password.toCharArray());
kmf.init(ks, options.keystore_password.toCharArray());
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
} catch (Exception e) {
throw new IOException("Error creating the initializing the SSL Context", e);
+ } finally {
+ tsf.close();
+ ksf.close();
}
return ctx;
}