You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by va...@apache.org on 2006/11/20 15:58:31 UTC
svn commit: r477210 - /geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java

Author: vamsic007
Date: Mon Nov 20 06:58:30 2006
New Revision: 477210

URL: http://svn.apache.org/viewvc?view=rev&rev=477210
Log:
GERONIMO-2587 FileKeystoreInstance.loadKeystoreData() results in inconsistent state if wrong password is supplied

Modified:
    geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java

Modified: geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?view=diff&rev=477210&r1=477209&r2=477210
==============================================================================
--- geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java (original)
+++ geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java Mon Nov 20 06:58:30 2006
@@ -580,16 +580,18 @@
     // ==================== Internals =====================
 
     private void loadKeystoreData(char[] password) throws KeystoreException {
+        InputStream in = null;
         try {
-            keystoreReadDate = System.currentTimeMillis();
+            // Make sure the keystore is loadable using the provided password before resetting the instance variables.
+            KeyStore tempKeystore = KeyStore.getInstance(JKS);
+            in = new BufferedInputStream(new FileInputStream(keystoreFile));
+            long readDate = System.currentTimeMillis();
+            tempKeystore.load(in, password);
+            // Keystore could be loaded successfully.  Initialize the instance variables to reflect the new keystore.
+            keystore = tempKeystore;
+            keystoreReadDate = readDate;
             privateKeys.clear();
             trustCerts.clear();
-            if(keystore == null) {
-                keystore = KeyStore.getInstance(JKS);
-            }
-            InputStream in = new BufferedInputStream(new FileInputStream(keystoreFile));
-            keystore.load(in, password);
-            in.close();
             openPassword = password;
             Enumeration aliases = keystore.aliases();
             while (aliases.hasMoreElements()) {
@@ -608,6 +610,14 @@
             throw new KeystoreException("Unable to open keystore with provided password", e);
         } catch (CertificateException e) {
             throw new KeystoreException("Unable to open keystore with provided password", e);
+        } finally {
+            if(in != null) {
+                try {
+                    in.close();
+                } catch (IOException e) {
+                    log.error("Error while closing keystore file "+keystoreFile.getAbsolutePath(), e);
+                }
+            }
         }
     }