Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More fixes for #327183 (Allow better configurability of HttpClient for TLS/SSL). 

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@2332 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Simone Bordet 2010-10-08 10:38:34 +00:00
parent be09b1831e
commit 88bfdf504c
2 changed files with 73 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
jetty-client/src/main/java/org/eclipse/jetty/client/HttpClient.java
View File

@ -13,6 +13,8 @@
package org.eclipse.jetty.client;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.UnknownHostException;
@ -100,11 +102,13 @@ public class HttpClient extends HttpBuffers implements Attributes
private LinkedList<String> _registeredListeners;
private String _keyStoreLocation;
private InputStream _keyStoreInputStream;
private String _keyStoreType = "JKS";
private String _keyStorePassword;
private String _keyManagerAlgorithm = (Security.getProperty("ssl.KeyManagerFactory.algorithm")==null?"SunX509":Security.getProperty("ssl.KeyManagerFactory.algorithm"));
private String _keyManagerPassword;
private String _trustStoreLocation;
private InputStream _trustStoreInputStream;
private String _trustStoreType = "JKS";
private String _trustStorePassword;
private String _trustManagerAlgorithm = (Security.getProperty("ssl.TrustManagerFactory.algorithm")==null?"SunX509":Security.getProperty("ssl.TrustManagerFactory.algorithm"));
@ -530,7 +534,7 @@ public class HttpClient extends HttpBuffers implements Attributes
{
if (_sslContext == null)
{
if (_keyStoreLocation == null)
if (_keyStoreInputStream == null && _keyStoreLocation == null)
{
_sslContext = getLooseSSLContext();
}
@ -546,23 +550,45 @@ public class HttpClient extends HttpBuffers implements Attributes
{
try
{
if (_trustStoreLocation == null)
if (_trustStoreInputStream == null && _trustStoreLocation == null)
{
_trustStoreLocation = _keyStoreLocation;
_trustStoreInputStream = _keyStoreInputStream;
_trustStoreType = _keyStoreType;
}
InputStream keyStoreInputStream = Resource.newResource(_keyStoreLocation).getInputStream();
InputStream keyStoreInputStream = null;
InputStream trustStoreInputStream = null;
// It's the same stream and we cannot read it twice, so we read it once in memory
if (_keyStoreInputStream != null && _keyStoreInputStream == _trustStoreInputStream)
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int read;
while ((read = _keyStoreInputStream.read(buffer)) >= 0)
baos.write(buffer, 0, read);
_keyStoreInputStream.close();
keyStoreInputStream = new ByteArrayInputStream(baos.toByteArray());
trustStoreInputStream = new ByteArrayInputStream(baos.toByteArray());
}
if (keyStoreInputStream == null)
keyStoreInputStream = _keyStoreInputStream == null ? Resource.newResource(_keyStoreLocation).getInputStream() : _keyStoreInputStream;
KeyStore keyStore = KeyStore.getInstance(_keyStoreType);
keyStore.load(keyStoreInputStream, _keyStorePassword == null ? null : _keyStorePassword.toCharArray());
keyStoreInputStream.close();
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(_keyManagerAlgorithm);
keyManagerFactory.init(keyStore, _keyManagerPassword == null ? null : _keyManagerPassword.toCharArray());
KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
InputStream trustStoreInputStream = Resource.newResource(_trustStoreLocation).getInputStream();
if (trustStoreInputStream == null)
trustStoreInputStream = _trustStoreInputStream == null ? Resource.newResource(_trustStoreLocation).getInputStream() : _trustStoreInputStream;
KeyStore trustStore = KeyStore.getInstance(_trustStoreType);
trustStore.load(trustStoreInputStream, _trustStorePassword == null ? null : _trustStorePassword.toCharArray());
trustStoreInputStream.close();
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(_trustManagerAlgorithm);
trustManagerFactory.init(trustStore);
@ -761,6 +787,16 @@ public class HttpClient extends HttpBuffers implements Attributes
this._trustStoreLocation = trustStoreLocation;
}
public InputStream getTrustStoreInputStream()
{
return _trustStoreInputStream;
}
public void setTrustStoreInputStream(InputStream trustStoreInputStream)
{
this._trustStoreInputStream = trustStoreInputStream;
}
/* ------------------------------------------------------------ */
public String getKeyStoreLocation()
{
@ -773,6 +809,16 @@ public class HttpClient extends HttpBuffers implements Attributes
this._keyStoreLocation = keyStoreLocation;
}
public InputStream getKeyStoreInputStream()
{
return _keyStoreInputStream;
}
public void setKeyStoreInputStream(InputStream keyStoreInputStream)
{
this._keyStoreInputStream = keyStoreInputStream;
}
/* ------------------------------------------------------------ */
public void setKeyStorePassword(String keyStorePassword)
{

8
jetty-client/src/test/java/org/eclipse/jetty/client/ExternalKeyStoreAsyncSslHttpExchangeTest.java
View File

@ -14,6 +14,7 @@
package org.eclipse.jetty.client;
import java.io.File;
import java.io.FileInputStream;
public class ExternalKeyStoreAsyncSslHttpExchangeTest extends SslHttpExchangeTest
{
@ -26,10 +27,13 @@ public class ExternalKeyStoreAsyncSslHttpExchangeTest extends SslHttpExchangeTes
_httpClient.setConnectorType(HttpClient.CONNECTOR_SELECT_CHANNEL);
_httpClient.setMaxConnectionsPerAddress(2);
String keystore = System.getProperty("user.dir") + File.separator + "src" + File.separator + "test" + File.separator + "resources" + File.separator
String keystore = System.getProperty("user.dir") + File.separator +
"src" + File.separator +
"test" + File.separator +
"resources" + File.separator
+ "keystore";
_httpClient.setKeyStoreLocation( keystore );
_httpClient.setKeyStoreInputStream(new FileInputStream(keystore));
_httpClient.setKeyStorePassword("storepwd");
_httpClient.setKeyManagerPassword("keypwd");
_httpClient.start();