You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2019/05/10 20:11:23 UTC
[qpid-jms-amqp-0-x] branch 6.3.x updated: QPID-8255: [JMS AMQ 0-x]
Stop using non-ASCII characters in internal passwords
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 6.3.x
in repository https://gitbox.apache.org/repos/asf/qpid-jms-amqp-0-x.git
The following commit(s) were added to refs/heads/6.3.x by this push:
new a8672ab QPID-8255: [JMS AMQ 0-x] Stop using non-ASCII characters in internal passwords
a8672ab is described below
commit a8672ab66e8885532c19bae6943c3f833840015d
Author: Alex Rudyy <or...@apache.org>
AuthorDate: Fri May 10 20:50:55 2019 +0100
QPID-8255: [JMS AMQ 0-x] Stop using non-ASCII characters in internal passwords
(cherry picked from commit 5ec0a566a465f7e249d750157b68c99b7789c490)
---
.../apache/qpid/transport/ConnectionSettings.java | 23 ++++++++--------------
.../main/java/org/apache/qpid/util/Strings.java | 17 ++++++++++++++++
2 files changed, 25 insertions(+), 15 deletions(-)
diff --git a/client/src/main/java/org/apache/qpid/transport/ConnectionSettings.java b/client/src/main/java/org/apache/qpid/transport/ConnectionSettings.java
index b8e9737..16021e4 100644
--- a/client/src/main/java/org/apache/qpid/transport/ConnectionSettings.java
+++ b/client/src/main/java/org/apache/qpid/transport/ConnectionSettings.java
@@ -20,32 +20,29 @@
*/
package org.apache.qpid.transport;
-import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_HEARTBEAT_DELAY;
-import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_HEARTBEAT_TIMEOUT_FACTOR;
-import static org.apache.qpid.transport.LegacyClientProperties.IDLE_TIMEOUT_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.QPID_HEARTBEAT_INTERVAL;
import static org.apache.qpid.configuration.ClientProperties.QPID_HEARTBEAT_INTERVAL_010_DEFAULT;
import static org.apache.qpid.configuration.ClientProperties.QPID_HEARTBEAT_TIMEOUT_FACTOR;
import static org.apache.qpid.configuration.ClientProperties.QPID_HEARTBEAT_TIMEOUT_FACTOR_DEFAULT;
-import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_TCP_NODELAY_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.QPID_SSL_KEY_MANAGER_FACTORY_ALGORITHM_PROP_NAME;
-import static org.apache.qpid.transport.LegacyClientProperties.QPID_SSL_KEY_STORE_CERT_TYPE_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.QPID_SSL_TRUST_MANAGER_FACTORY_ALGORITHM_PROP_NAME;
-import static org.apache.qpid.transport.LegacyClientProperties.QPID_SSL_TRUST_STORE_CERT_TYPE_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.QPID_TCP_NODELAY_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.RECEIVE_BUFFER_SIZE_PROP_NAME;
import static org.apache.qpid.configuration.ClientProperties.SEND_BUFFER_SIZE_PROP_NAME;
+import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_HEARTBEAT_DELAY;
+import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_HEARTBEAT_TIMEOUT_FACTOR;
+import static org.apache.qpid.transport.LegacyClientProperties.AMQJ_TCP_NODELAY_PROP_NAME;
+import static org.apache.qpid.transport.LegacyClientProperties.IDLE_TIMEOUT_PROP_NAME;
import static org.apache.qpid.transport.LegacyClientProperties.LEGACY_RECEIVE_BUFFER_SIZE_PROP_NAME;
import static org.apache.qpid.transport.LegacyClientProperties.LEGACY_SEND_BUFFER_SIZE_PROP_NAME;
+import static org.apache.qpid.transport.LegacyClientProperties.QPID_SSL_KEY_STORE_CERT_TYPE_PROP_NAME;
+import static org.apache.qpid.transport.LegacyClientProperties.QPID_SSL_TRUST_STORE_CERT_TYPE_PROP_NAME;
import java.io.FileInputStream;
import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
-import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -62,6 +59,7 @@ import org.apache.qpid.configuration.QpidProperty;
import org.apache.qpid.ssl.SSLContextFactory;
import org.apache.qpid.transport.network.security.ssl.QpidClientX509KeyManager;
import org.apache.qpid.transport.network.security.ssl.SSLUtil;
+import org.apache.qpid.util.Strings;
/**
@@ -74,8 +72,6 @@ public class ConnectionSettings
{
public static final String WILDCARD_ADDRESS = "*";
- private static final SecureRandom RANDOM = new SecureRandom();
-
private String _transport = "tcp";
private String host = "localhost";
private String vhost;
@@ -658,10 +654,7 @@ public class ConnectionSettings
java.security.KeyStore inMemoryKeyStore =
java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
- byte[] bytes = new byte[64];
- char[] chars = new char[64];
- RANDOM.nextBytes(bytes);
- StandardCharsets.US_ASCII.decode(ByteBuffer.wrap(bytes)).get(chars);
+ char[] chars = Strings.randomAlphaNumericString(64).toCharArray();
inMemoryKeyStore.load(null, chars);
inMemoryKeyStore.setKeyEntry("1", privateKey, chars, certs);
diff --git a/client/src/main/java/org/apache/qpid/util/Strings.java b/client/src/main/java/org/apache/qpid/util/Strings.java
index b491d0d..d4d587d 100644
--- a/client/src/main/java/org/apache/qpid/util/Strings.java
+++ b/client/src/main/java/org/apache/qpid/util/Strings.java
@@ -28,6 +28,7 @@ import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
+import java.util.Random;
import java.util.Set;
import java.util.Stack;
import java.util.regex.Matcher;
@@ -41,10 +42,26 @@ import java.util.regex.Pattern;
public final class Strings
{
+ private static final String NUMBERS = "0123456789";
+ private static final String LETTERS = "abcdefghijklmnopqrstuvwxwy";
+ private static final String OTHERS = "_-";
+ private static final char[] CHARACTERS = (NUMBERS + LETTERS + LETTERS.toUpperCase() + OTHERS).toCharArray();
+ private static final Random RANDOM = new Random();
+
private Strings()
{
}
+ public static String randomAlphaNumericString(int maxLength)
+ {
+ char[] result = new char[maxLength];
+ for (int i = 0; i < maxLength; i++)
+ {
+ result[i] = CHARACTERS[RANDOM.nextInt(CHARACTERS.length)];
+ }
+ return new String(result);
+ }
+
private static final byte[] EMPTY = new byte[0];
private static final ThreadLocal<char[]> charbuf = new ThreadLocal<char[]>()
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org