You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2015/11/26 15:21:54 UTC
svn commit: r1716671 - in /qpid/java/branches/6.0.x: ./
broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
Author: orudyy
Date: Thu Nov 26 14:21:54 2015
New Revision: 1716671
URL: http://svn.apache.org/viewvc?rev=1716671&view=rev
Log:
QPID-6873: Fix NPE in SiteSpecificTrustStoreImpl when certificate cannot be retrieved from given site
------------------------------------------------------------------------
Merged from trunk with command:
svn merge -c r1716155 https://svn.apache.org/repos/asf/qpid/java/trunk
Modified:
qpid/java/branches/6.0.x/ (props changed)
qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
Propchange: qpid/java/branches/6.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Nov 26 14:21:54 2015
@@ -9,5 +9,5 @@
/qpid/branches/java-broker-vhost-refactor/java:1493674-1494547
/qpid/branches/java-network-refactor/qpid/java:805429-821809
/qpid/branches/qpid-2935/qpid/java:1061302-1072333
-/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153
+/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155
/qpid/trunk/qpid:796646-796653
Modified: qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java?rev=1716671&r1=1716670&r2=1716671&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java (original)
+++ qpid/java/branches/6.0.x/broker-core/src/main/java/org/apache/qpid/server/security/SiteSpecificTrustStoreImpl.java Thu Nov 26 14:21:54 2015
@@ -118,14 +118,18 @@ public class SiteSpecificTrustStoreImpl
@Override
public String getCertificate()
{
- try
- {
- return DatatypeConverter.printBase64Binary(_x509Certificate.getEncoded());
- }
- catch (CertificateEncodingException e)
+ if (_x509Certificate != null)
{
- throw new IllegalConfigurationException("Unable to encode certificate");
+ try
+ {
+ return DatatypeConverter.printBase64Binary(_x509Certificate.getEncoded());
+ }
+ catch (CertificateEncodingException e)
+ {
+ throw new IllegalConfigurationException("Unable to encode certificate");
+ }
}
+ return null;
}
@Override
@@ -217,21 +221,22 @@ public class SiteSpecificTrustStoreImpl
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(new KeyManager[0], new TrustManager[] {new AlwaysTrustManager()}, null);
- SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(url.getHost(), url.getPort());
- socket.startHandshake();
- final Certificate[] certificateChain =
- socket.getSession().getPeerCertificates();
- if(certificateChain != null && certificateChain.length != 0 && certificateChain[0] instanceof X509Certificate)
+ try(SSLSocket socket = (SSLSocket) sslContext.getSocketFactory().createSocket(url.getHost(), url.getPort()))
{
- _x509Certificate = (X509Certificate) certificateChain[0];
+ socket.startHandshake();
+ final Certificate[] certificateChain = socket.getSession().getPeerCertificates();
+ if (certificateChain != null && certificateChain.length != 0 && certificateChain[0] instanceof X509Certificate)
+ {
+ _x509Certificate = (X509Certificate) certificateChain[0];
- final String certificate = getCertificate();
- attributeSet(CERTIFICATE, certificate, certificate);
+ final String certificate = getCertificate();
+ attributeSet(CERTIFICATE, certificate, certificate);
- }
- else
- {
- LOGGER.info("No valid certificates available from " + getSiteUrl());
+ }
+ else
+ {
+ LOGGER.info("No valid certificates available from " + getSiteUrl());
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org