You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by va...@apache.org on 2006/11/20 15:58:31 UTC
svn commit: r477210 -
/geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Author: vamsic007
Date: Mon Nov 20 06:58:30 2006
New Revision: 477210
URL: http://svn.apache.org/viewvc?view=rev&rev=477210
Log:
GERONIMO-2587 FileKeystoreInstance.loadKeystoreData() results in inconsistent state if wrong password is supplied
Modified:
geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Modified: geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?view=diff&rev=477210&r1=477209&r2=477210
==============================================================================
--- geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java (original)
+++ geronimo/server/branches/1.2/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java Mon Nov 20 06:58:30 2006
@@ -580,16 +580,18 @@
// ==================== Internals =====================
private void loadKeystoreData(char[] password) throws KeystoreException {
+ InputStream in = null;
try {
- keystoreReadDate = System.currentTimeMillis();
+ // Make sure the keystore is loadable using the provided password before resetting the instance variables.
+ KeyStore tempKeystore = KeyStore.getInstance(JKS);
+ in = new BufferedInputStream(new FileInputStream(keystoreFile));
+ long readDate = System.currentTimeMillis();
+ tempKeystore.load(in, password);
+ // Keystore could be loaded successfully. Initialize the instance variables to reflect the new keystore.
+ keystore = tempKeystore;
+ keystoreReadDate = readDate;
privateKeys.clear();
trustCerts.clear();
- if(keystore == null) {
- keystore = KeyStore.getInstance(JKS);
- }
- InputStream in = new BufferedInputStream(new FileInputStream(keystoreFile));
- keystore.load(in, password);
- in.close();
openPassword = password;
Enumeration aliases = keystore.aliases();
while (aliases.hasMoreElements()) {
@@ -608,6 +610,14 @@
throw new KeystoreException("Unable to open keystore with provided password", e);
} catch (CertificateException e) {
throw new KeystoreException("Unable to open keystore with provided password", e);
+ } finally {
+ if(in != null) {
+ try {
+ in.close();
+ } catch (IOException e) {
+ log.error("Error while closing keystore file "+keystoreFile.getAbsolutePath(), e);
+ }
+ }
}
}