You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by be...@apache.org on 2013/07/01 14:03:34 UTC

[5/8] git commit: allow for the SSLContext's default trust manager to be used.

allow for the SSLContext's default trust manager to be used.


Project: http://git-wip-us.apache.org/repos/asf/mina-vysper/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-vysper/commit/2f95d013
Tree: http://git-wip-us.apache.org/repos/asf/mina-vysper/tree/2f95d013
Diff: http://git-wip-us.apache.org/repos/asf/mina-vysper/diff/2f95d013

Branch: refs/heads/master
Commit: 2f95d01327e3033f45cbc24e4a2fdb64f295416c
Parents: 19fd1b6
Author: Bernd Fondermann <be...@brainlounge.de>
Authored: Mon Jul 1 12:47:44 2013 +0200
Committer: Bernd Fondermann <be...@brainlounge.de>
Committed: Mon Jul 1 12:47:44 2013 +0200

----------------------------------------------------------------------
 .../xmpp/cryptography/AbstractTLSContextFactory.java   | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mina-vysper/blob/2f95d013/server/core/src/main/java/org/apache/vysper/xmpp/cryptography/AbstractTLSContextFactory.java
----------------------------------------------------------------------
diff --git a/server/core/src/main/java/org/apache/vysper/xmpp/cryptography/AbstractTLSContextFactory.java b/server/core/src/main/java/org/apache/vysper/xmpp/cryptography/AbstractTLSContextFactory.java
index 4e92059..f26cc92 100644
--- a/server/core/src/main/java/org/apache/vysper/xmpp/cryptography/AbstractTLSContextFactory.java
+++ b/server/core/src/main/java/org/apache/vysper/xmpp/cryptography/AbstractTLSContextFactory.java
@@ -27,6 +27,7 @@ import java.security.Security;
 
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
 
 /**
  * derived from MINA's BogusSSLContextFactory.
@@ -57,9 +58,9 @@ public abstract class AbstractTLSContextFactory implements TLSContextFactory {
     
     private String keystoreType = DEFAULT_KEYSTORE_TYPE;
 
-    protected TrustManagerFactory trustManagerFactory = new BogusTrustManagerFactory();
+    protected TrustManagerFactory trustManagerFactory = null;
 
-    // NOTE: The keystore was generated using keytool:
+    // NOTE: The keystore 'bogus_mina_tls.cert' was generated using keytool:
     //   keytool -genkey -alias bogus -keysize 512 -validity 3650
     //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
     //               O=BogusTrustManagerFactory Inc, L=Stockholm, S=Stockholm, C=SE"
@@ -108,7 +109,13 @@ public abstract class AbstractTLSContextFactory implements TLSContextFactory {
 
         // Initialize the SSLContext to work with our key managers.
         SSLContext sslContext = SSLContext.getInstance(PROTOCOL);
-        sslContext.init(kmf.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
+        
+        TrustManager[] trustManagers = null; // this is the default
+        if  (trustManagerFactory != null) {
+            // override the default with configured ones 
+            trustManagers = trustManagerFactory.getTrustManagers();
+        }
+        sslContext.init(kmf.getKeyManagers(), trustManagers, null);
 
         return sslContext;
     }