You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2019/09/06 20:35:09 UTC
svn commit: r1866532 [3/3] - in /manifoldcf/trunk: ./
connectors/alfresco-webscript/ connectors/cmis/ connectors/csws/ framework/
framework/buildfiles/
framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/interfaces/
framework...
Modified: manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/interfaces/IKeystoreManager.java
URL: http://svn.apache.org/viewvc/manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/interfaces/IKeystoreManager.java?rev=1866532&r1=1866531&r2=1866532&view=diff
==============================================================================
--- manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/interfaces/IKeystoreManager.java (original)
+++ manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/interfaces/IKeystoreManager.java Fri Sep 6 20:35:08 2019
@@ -20,6 +20,7 @@
package org.apache.manifoldcf.connectorcommon.interfaces;
import org.apache.manifoldcf.core.interfaces.*;
+import javax.net.ssl.TrustManager;
import java.io.*;
/** This interface describes a class that manages keys and certificates in a secure manner.
@@ -80,4 +81,8 @@ public interface IKeystoreManager extend
public void addCertificate(String alias, java.security.cert.Certificate certificate)
throws ManifoldCFException;
+ /** Get the trust stores for this keystore manager.
+ */
+ public TrustManager[] getTrustManagers()
+ throws ManifoldCFException;
}
Modified: manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/keystore/KeystoreManager.java
URL: http://svn.apache.org/viewvc/manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/keystore/KeystoreManager.java?rev=1866532&r1=1866531&r2=1866532&view=diff
==============================================================================
--- manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/keystore/KeystoreManager.java (original)
+++ manifoldcf/trunk/framework/connector-common/src/main/java/org/apache/manifoldcf/connectorcommon/keystore/KeystoreManager.java Fri Sep 6 20:35:08 2019
@@ -22,6 +22,8 @@ import org.apache.manifoldcf.core.interf
import org.apache.manifoldcf.connectorcommon.interfaces.*;
import org.apache.manifoldcf.core.common.*;
import org.apache.manifoldcf.core.system.Logging;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
import java.security.*;
import java.security.cert.*;
import java.security.cert.Certificate;
@@ -317,11 +319,10 @@ public class KeystoreManager implements
}
}
- /** Build a secure socket factory based on this keystore.
+ /** Get the trust stores for this keystore manager.
*/
@Override
- public javax.net.ssl.SSLSocketFactory getSecureSocketFactory()
- throws ManifoldCFException
+ public TrustManager[] getTrustManagers() throws ManifoldCFException
{
try
{
@@ -330,7 +331,7 @@ public class KeystoreManager implements
// javax.net.ssl.KeyManagerFactory keyManagerFactory = javax.net.ssl.KeyManagerFactory.getInstance(javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm());
// keyManagerFactory.init(keystore,passcode);
- javax.net.ssl.TrustManagerFactory trustManagerFactory = javax.net.ssl.TrustManagerFactory.getInstance(javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm());
+ TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
Logging.keystore.debug("Contents of current trust keystore is:");
if (Logging.keystore.isDebugEnabled())
{
@@ -347,7 +348,7 @@ public class KeystoreManager implements
if (Logging.keystore.isDebugEnabled())
{
Logging.keystore.debug("...done");
- javax.net.ssl.TrustManager array[] = trustManagerFactory.getTrustManagers();
+ TrustManager array[] = trustManagerFactory.getTrustManagers();
Logging.keystore.debug("Found "+Integer.toString(array.length)+" trust managers");
int i = 0;
while (i < array.length)
@@ -372,11 +373,36 @@ public class KeystoreManager implements
Logging.keystore.debug("No more trust contents");
}
+ return (trustManagerFactory==null)?null:trustManagerFactory.getTrustManagers();
+ }
+ catch (java.security.NoSuchAlgorithmException e)
+ {
+ throw new ManifoldCFException("No such algorithm: "+e.getMessage(),e);
+ }
+ catch (java.security.KeyStoreException e)
+ {
+ throw new ManifoldCFException("Keystore exception: "+e.getMessage(),e);
+ }
+ }
+
+ /** Build a secure socket factory based on this keystore.
+ */
+ @Override
+ public javax.net.ssl.SSLSocketFactory getSecureSocketFactory()
+ throws ManifoldCFException
+ {
+ try
+ {
+ // Construct a key manager and a trust manager
+ javax.net.ssl.KeyManagerFactory keyManagerFactory = null;
+ // javax.net.ssl.KeyManagerFactory keyManagerFactory = javax.net.ssl.KeyManagerFactory.getInstance(javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm());
+ // keyManagerFactory.init(keystore,passcode);
+
java.security.SecureRandom secureRandom = java.security.SecureRandom.getInstance("SHA1PRNG");
// Create an SSL context
javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL");
- sslContext.init(((keyManagerFactory==null)?null:keyManagerFactory.getKeyManagers()),((trustManagerFactory==null)?null:trustManagerFactory.getTrustManagers()),
+ sslContext.init(((keyManagerFactory==null)?null:keyManagerFactory.getKeyManagers()),getTrustManagers(),
secureRandom);
return sslContext.getSocketFactory();
@@ -385,10 +411,6 @@ public class KeystoreManager implements
{
throw new ManifoldCFException("No such algorithm: "+e.getMessage(),e);
}
- catch (java.security.KeyStoreException e)
- {
- throw new ManifoldCFException("Keystore exception: "+e.getMessage(),e);
- }
catch (java.security.KeyManagementException e)
{
throw new ManifoldCFException("Key management exception: "+e.getMessage(),e);