361325 359292 Allow KeyStore to be set
This commit is contained in:
Greg Wilkins
parent
e9c398e86b
commit
d63577b4e9
|
|
@ -73,7 +73,7 @@ public class LikeJettyXml
|
||||||
SslSelectChannelConnector ssl_connector = new SslSelectChannelConnector();
|
SslSelectChannelConnector ssl_connector = new SslSelectChannelConnector();
|
||||||
ssl_connector.setPort(8443);
|
ssl_connector.setPort(8443);
|
||||||
SslContextFactory cf = ssl_connector.getSslContextFactory();
|
SslContextFactory cf = ssl_connector.getSslContextFactory();
|
||||||
cf.setKeyStore(jetty_home + "/etc/keystore");
|
cf.setKeyStorePath(jetty_home + "/etc/keystore");
|
||||||
cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||||
cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||||
cf.setTrustStore(jetty_home + "/etc/keystore");
|
cf.setTrustStore(jetty_home + "/etc/keystore");
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ public class ManyConnectors
|
||||||
System.setProperty("jetty.home",jetty_home);
|
System.setProperty("jetty.home",jetty_home);
|
||||||
ssl_connector.setPort(8443);
|
ssl_connector.setPort(8443);
|
||||||
SslContextFactory cf = ssl_connector.getSslContextFactory();
|
SslContextFactory cf = ssl_connector.getSslContextFactory();
|
||||||
cf.setKeyStore(jetty_home + "/etc/keystore");
|
cf.setKeyStorePath(jetty_home + "/etc/keystore");
|
||||||
cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
|
||||||
cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -698,14 +698,14 @@ public class HttpClient extends HttpBuffers implements Attributes, Dumpable
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public String getKeyStoreLocation()
|
public String getKeyStoreLocation()
|
||||||
{
|
{
|
||||||
return _sslContextFactory.getKeyStore();
|
return _sslContextFactory.getKeyStorePath();
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public void setKeyStoreLocation(String keyStoreLocation)
|
public void setKeyStoreLocation(String keyStoreLocation)
|
||||||
{
|
{
|
||||||
_sslContextFactory.setKeyStore(keyStoreLocation);
|
_sslContextFactory.setKeyStorePath(keyStoreLocation);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Deprecated
|
@Deprecated
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,7 @@ import org.eclipse.jetty.io.Buffers;
|
||||||
import org.eclipse.jetty.io.ByteArrayBuffer;
|
import org.eclipse.jetty.io.ByteArrayBuffer;
|
||||||
import org.eclipse.jetty.io.Connection;
|
import org.eclipse.jetty.io.Connection;
|
||||||
import org.eclipse.jetty.io.EndPoint;
|
import org.eclipse.jetty.io.EndPoint;
|
||||||
|
import org.eclipse.jetty.io.EofException;
|
||||||
import org.eclipse.jetty.io.View;
|
import org.eclipse.jetty.io.View;
|
||||||
import org.eclipse.jetty.io.nio.SslSelectChannelEndPoint;
|
import org.eclipse.jetty.io.nio.SslSelectChannelEndPoint;
|
||||||
import org.eclipse.jetty.util.component.AggregateLifeCycle;
|
import org.eclipse.jetty.util.component.AggregateLifeCycle;
|
||||||
|
|
@ -279,7 +280,7 @@ public class HttpConnection extends AbstractConnection implements Dumpable
|
||||||
io += filled;
|
io += filled;
|
||||||
|
|
||||||
if (_parser.isIdle() && (_endp.isInputShutdown() || !_endp.isOpen()))
|
if (_parser.isIdle() && (_endp.isInputShutdown() || !_endp.isOpen()))
|
||||||
throw new EOFException();
|
throw new EofException();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (io > 0)
|
if (io > 0)
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,7 @@ public class ProxyTunnellingTest
|
||||||
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
||||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keyStorePath);
|
cf.setKeyStorePath(keyStorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
startServer(connector, handler);
|
startServer(connector, handler);
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@ public class SslCertSecuredExchangeTest extends ContentExchangeTest
|
||||||
cf.setValidateCerts(true);
|
cf.setValidateCerts(true);
|
||||||
cf.setCrlPath(_crlpath);
|
cf.setCrlPath(_crlpath);
|
||||||
cf.setNeedClientAuth(true);
|
cf.setNeedClientAuth(true);
|
||||||
cf.setKeyStore(_keypath);
|
cf.setKeyStorePath(_keypath);
|
||||||
cf.setKeyStorePassword(_password);
|
cf.setKeyStorePassword(_password);
|
||||||
cf.setKeyManagerPassword(_password);
|
cf.setKeyManagerPassword(_password);
|
||||||
cf.setTrustStore(_trustpath);
|
cf.setTrustStore(_trustpath);
|
||||||
|
|
@ -159,7 +159,7 @@ public class SslCertSecuredExchangeTest extends ContentExchangeTest
|
||||||
cf.setCrlPath(_crlpath);
|
cf.setCrlPath(_crlpath);
|
||||||
|
|
||||||
cf.setCertAlias("client");
|
cf.setCertAlias("client");
|
||||||
cf.setKeyStore(_clientpath);
|
cf.setKeyStorePath(_clientpath);
|
||||||
cf.setKeyStorePassword(_password);
|
cf.setKeyStorePassword(_password);
|
||||||
cf.setKeyManagerPassword(_password);
|
cf.setKeyManagerPassword(_password);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -37,7 +37,7 @@ public class SslContentExchangeTest
|
||||||
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
||||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore.getAbsolutePath());
|
cf.setKeyStorePath(keystore.getAbsolutePath());
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setSessionCachingEnabled(true);
|
cf.setSessionCachingEnabled(true);
|
||||||
|
|
|
||||||
|
|
@ -63,7 +63,7 @@ extends ContentExchangeTest
|
||||||
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
||||||
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore.getAbsolutePath());
|
cf.setKeyStorePath(keystore.getAbsolutePath());
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
server.addConnector(connector);
|
server.addConnector(connector);
|
||||||
|
|
|
||||||
|
|
@ -165,7 +165,7 @@ public class SslSecurityListenerTest
|
||||||
|
|
||||||
connector.setPort(0);
|
connector.setPort(0);
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore);
|
cf.setKeyStorePath(keystore);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,7 @@ public abstract class SslValidationTestBase extends ContentExchangeTest
|
||||||
srvFactory.setCrlPath(_crlpath);
|
srvFactory.setCrlPath(_crlpath);
|
||||||
srvFactory.setNeedClientAuth(true);
|
srvFactory.setNeedClientAuth(true);
|
||||||
|
|
||||||
srvFactory.setKeyStore(_keypath);
|
srvFactory.setKeyStorePath(_keypath);
|
||||||
srvFactory.setKeyStorePassword(_password);
|
srvFactory.setKeyStorePassword(_password);
|
||||||
srvFactory.setKeyManagerPassword(_password);
|
srvFactory.setKeyManagerPassword(_password);
|
||||||
|
|
||||||
|
|
@ -88,7 +88,7 @@ public abstract class SslValidationTestBase extends ContentExchangeTest
|
||||||
cf.setValidateCerts(true);
|
cf.setValidateCerts(true);
|
||||||
cf.setCrlPath(_crlpath);
|
cf.setCrlPath(_crlpath);
|
||||||
|
|
||||||
cf.setKeyStore(_clientpath);
|
cf.setKeyStorePath(_clientpath);
|
||||||
cf.setKeyStorePassword(_password);
|
cf.setKeyStorePassword(_password);
|
||||||
cf.setKeyManagerPassword(_password);
|
cf.setKeyManagerPassword(_password);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ public abstract class AbstractSslServerAndClientCreator implements ServerAndClie
|
||||||
|
|
||||||
connector.setPort(0);
|
connector.setPort(0);
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore);
|
cf.setKeyStorePath(keystore);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
connector.setAllowRenegotiate(true);
|
connector.setAllowRenegotiate(true);
|
||||||
|
|
|
||||||
|
|
@ -306,7 +306,7 @@ public class HttpParser implements Parser
|
||||||
throw ex;
|
throw ex;
|
||||||
|
|
||||||
if (!isComplete() && !isIdle())
|
if (!isComplete() && !isIdle())
|
||||||
throw new EOFException();
|
throw new EofException();
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -177,6 +177,8 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
|
|
||||||
/** SSL context */
|
/** SSL context */
|
||||||
private SSLContext _context;
|
private SSLContext _context;
|
||||||
|
|
||||||
|
private boolean _trustAll;
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
/**
|
/**
|
||||||
|
|
@ -185,6 +187,17 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
*/
|
*/
|
||||||
public SslContextFactory()
|
public SslContextFactory()
|
||||||
{
|
{
|
||||||
|
_trustAll=true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ------------------------------------------------------------ */
|
||||||
|
/**
|
||||||
|
* Construct an instance of SslContextFactory
|
||||||
|
* Default constructor for use in XmlConfiguration files
|
||||||
|
*/
|
||||||
|
public SslContextFactory(boolean trustAll)
|
||||||
|
{
|
||||||
|
_trustAll=trustAll;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
|
@ -207,29 +220,36 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
{
|
{
|
||||||
if (_context == null)
|
if (_context == null)
|
||||||
{
|
{
|
||||||
if (_keyStoreInputStream == null && _keyStorePath == null &&
|
if (_keyStore==null && _keyStoreInputStream == null && _keyStorePath == null &&
|
||||||
_trustStoreInputStream == null && _trustStorePath == null )
|
_trustStore==null && _trustStoreInputStream == null && _trustStorePath == null )
|
||||||
{
|
{
|
||||||
LOG.debug("No keystore or trust store configured. ACCEPTING UNTRUSTED CERTIFICATES!!!!!");
|
TrustManager[] trust_managers=null;
|
||||||
// Create a trust manager that does not validate certificate chains
|
|
||||||
TrustManager trustAllCerts = new X509TrustManager()
|
if (_trustAll)
|
||||||
{
|
{
|
||||||
public java.security.cert.X509Certificate[] getAcceptedIssuers()
|
LOG.info("No keystore or trust store configured. ACCEPTING UNTRUSTED CERTIFICATES!!!!!");
|
||||||
|
// Create a trust manager that does not validate certificate chains
|
||||||
|
TrustManager trustAllCerts = new X509TrustManager()
|
||||||
{
|
{
|
||||||
return null;
|
public java.security.cert.X509Certificate[] getAcceptedIssuers()
|
||||||
}
|
{
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
|
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
|
|
||||||
{
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
|
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
};
|
||||||
|
trust_managers = new TrustManager[] { trustAllCerts };
|
||||||
|
}
|
||||||
|
|
||||||
|
SecureRandom secureRandom = (_secureRandomAlgorithm == null)?null:SecureRandom.getInstance(_secureRandomAlgorithm);
|
||||||
_context = SSLContext.getInstance(_sslProtocol);
|
_context = SSLContext.getInstance(_sslProtocol);
|
||||||
_context.init(null, new TrustManager[]{trustAllCerts}, null);
|
_context.init(null, trust_managers, secureRandom);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|
@ -402,16 +422,36 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
/**
|
/**
|
||||||
* @return The file or URL of the SSL Key store.
|
* @return The file or URL of the SSL Key store.
|
||||||
*/
|
*/
|
||||||
public String getKeyStore()
|
public String getKeyStorePath()
|
||||||
{
|
{
|
||||||
return _keyStorePath;
|
return _keyStorePath;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* ------------------------------------------------------------ */
|
||||||
|
@Deprecated
|
||||||
|
public String getKeyStore()
|
||||||
|
{
|
||||||
|
return _keyStorePath;
|
||||||
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
/**
|
/**
|
||||||
* @param keyStorePath
|
* @param keyStorePath
|
||||||
* The file or URL of the SSL Key store.
|
* The file or URL of the SSL Key store.
|
||||||
*/
|
*/
|
||||||
|
public void setKeyStorePath(String keyStorePath)
|
||||||
|
{
|
||||||
|
checkNotStarted();
|
||||||
|
|
||||||
|
_keyStorePath = keyStorePath;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ------------------------------------------------------------ */
|
||||||
|
/**
|
||||||
|
* @param keyStorePath
|
||||||
|
* @deprecated Use {@link #setKeyStorePath(String)}
|
||||||
|
*/
|
||||||
|
@Deprecated
|
||||||
public void setKeyStore(String keyStorePath)
|
public void setKeyStore(String keyStorePath)
|
||||||
{
|
{
|
||||||
checkNotStarted();
|
checkNotStarted();
|
||||||
|
|
@ -479,7 +519,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
/** Set the keyStoreInputStream.
|
/** Set the keyStoreInputStream.
|
||||||
* @param keyStoreInputStream the InputStream to the KeyStore
|
* @param keyStoreInputStream the InputStream to the KeyStore
|
||||||
*
|
*
|
||||||
* @deprecated
|
* @deprecated Use {@link #setKeyStore(KeyStore)}
|
||||||
*/
|
*/
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public void setKeyStoreInputStream(InputStream keyStoreInputStream)
|
public void setKeyStoreInputStream(InputStream keyStoreInputStream)
|
||||||
|
|
@ -842,7 +882,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
{
|
{
|
||||||
return (_keyManagerFactoryAlgorithm);
|
return (_keyManagerFactoryAlgorithm);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
/**
|
/**
|
||||||
* @param algorithm
|
* @param algorithm
|
||||||
|
|
@ -864,10 +904,29 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
return (_trustManagerFactoryAlgorithm);
|
return (_trustManagerFactoryAlgorithm);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* ------------------------------------------------------------ */
|
||||||
|
/**
|
||||||
|
* @return True if all certificates should be trusted if there is no KeyStore or TrustStore
|
||||||
|
*/
|
||||||
|
public boolean isTrustAll()
|
||||||
|
{
|
||||||
|
return _trustAll;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ------------------------------------------------------------ */
|
||||||
|
/**
|
||||||
|
* @param trustAll True if all certificates should be trusted if there is no KeyStore or TrustStore
|
||||||
|
*/
|
||||||
|
public void setTrustAll(boolean trustAll)
|
||||||
|
{
|
||||||
|
_trustAll = trustAll;
|
||||||
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
/**
|
/**
|
||||||
* @param algorithm
|
* @param algorithm
|
||||||
* The algorithm name (default "SunX509") used by the {@link TrustManagerFactory}
|
* The algorithm name (default "SunX509") used by the {@link TrustManagerFactory}
|
||||||
|
* Use the string "TrustAll" to install a trust manager that trusts all.
|
||||||
*/
|
*/
|
||||||
public void setTrustManagerFactoryAlgorithm(String algorithm)
|
public void setTrustManagerFactoryAlgorithm(String algorithm)
|
||||||
{
|
{
|
||||||
|
|
@ -1039,7 +1098,7 @@ public class SslContextFactory extends AbstractLifeCycle
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
protected TrustManager[] getTrustManagers(KeyStore trustStore, Collection<? extends CRL> crls) throws Exception
|
protected TrustManager[] getTrustManagers(KeyStore trustStore, Collection<? extends CRL> crls) throws Exception
|
||||||
{
|
{
|
||||||
TrustManager[] managers = null;
|
TrustManager[] managers = null;
|
||||||
if (trustStore != null)
|
if (trustStore != null)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,75 @@
|
||||||
|
package org.eclipse.jetty.http;
|
||||||
|
|
||||||
|
import static junit.framework.Assert.assertTrue;
|
||||||
|
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
|
||||||
|
import org.eclipse.jetty.http.ssl.SslContextFactory;
|
||||||
|
import org.junit.Test;
|
||||||
|
|
||||||
|
|
||||||
|
public class SslContextFactoryTest
|
||||||
|
{
|
||||||
|
@Test
|
||||||
|
public void testNoTsFileKs() throws Exception
|
||||||
|
{
|
||||||
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
|
SslContextFactory cf = new SslContextFactory(keystorePath);
|
||||||
|
cf.setKeyStorePassword("storepwd");
|
||||||
|
cf.setKeyManagerPassword("keypwd");
|
||||||
|
|
||||||
|
cf.start();
|
||||||
|
|
||||||
|
assertTrue(cf.getSslContext()!=null);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testNoTsStreamKs() throws Exception
|
||||||
|
{
|
||||||
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
|
|
||||||
|
SslContextFactory cf = new SslContextFactory();
|
||||||
|
|
||||||
|
cf.setKeyStoreInputStream(new FileInputStream(keystorePath));
|
||||||
|
cf.setKeyStorePassword("storepwd");
|
||||||
|
cf.setKeyManagerPassword("keypwd");
|
||||||
|
|
||||||
|
cf.start();
|
||||||
|
|
||||||
|
assertTrue(cf.getSslContext()!=null);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testNoTsSetKs() throws Exception
|
||||||
|
{
|
||||||
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
|
|
||||||
|
KeyStore ks = KeyStore.getInstance("JKS");
|
||||||
|
ks.load(new FileInputStream(keystorePath),"storepwd".toCharArray());
|
||||||
|
|
||||||
|
SslContextFactory cf = new SslContextFactory();
|
||||||
|
cf.setKeyStore(ks);
|
||||||
|
cf.setKeyManagerPassword("keypwd");
|
||||||
|
|
||||||
|
cf.start();
|
||||||
|
|
||||||
|
assertTrue(cf.getSslContext()!=null);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testNoTsNoKs() throws Exception
|
||||||
|
{
|
||||||
|
SslContextFactory cf = new SslContextFactory();
|
||||||
|
cf.start();
|
||||||
|
assertTrue(cf.getSslContext()!=null);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testTrustAll() throws Exception
|
||||||
|
{
|
||||||
|
SslContextFactory cf = new SslContextFactory();
|
||||||
|
cf.start();
|
||||||
|
assertTrue(cf.getSslContext()!=null);
|
||||||
|
}
|
||||||
|
}
|
||||||
Binary file not shown.
|
|
@ -561,7 +561,7 @@ public class SslSelectChannelEndPoint extends SelectChannelEndPoint
|
||||||
}
|
}
|
||||||
catch(SSLException e)
|
catch(SSLException e)
|
||||||
{
|
{
|
||||||
LOG.warn(getRemoteAddr() + ":" + getRemotePort() + " ",e);
|
LOG.debug(getRemoteAddr() + ":" + getRemotePort() + " ",e);
|
||||||
super.close();
|
super.close();
|
||||||
throw e;
|
throw e;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -262,7 +262,7 @@ public class SslSelectChannelConnector extends SelectChannelConnector implements
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public void setKeystore(String keystore)
|
public void setKeystore(String keystore)
|
||||||
{
|
{
|
||||||
_sslContextFactory.setKeyStore(keystore);
|
_sslContextFactory.setKeyStorePath(keystore);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
|
@ -273,7 +273,7 @@ public class SslSelectChannelConnector extends SelectChannelConnector implements
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public String getKeystore()
|
public String getKeystore()
|
||||||
{
|
{
|
||||||
return _sslContextFactory.getKeyStore();
|
return _sslContextFactory.getKeyStorePath();
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
|
|
||||||
|
|
@ -176,7 +176,7 @@ public class SslSocketConnector extends SocketConnector implements SslConnector
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public String getKeystore()
|
public String getKeystore()
|
||||||
{
|
{
|
||||||
return _sslContextFactory.getKeyStore();
|
return _sslContextFactory.getKeyStorePath();
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
|
@ -427,7 +427,7 @@ public class SslSocketConnector extends SocketConnector implements SslConnector
|
||||||
@Deprecated
|
@Deprecated
|
||||||
public void setKeystore(String keystore)
|
public void setKeystore(String keystore)
|
||||||
{
|
{
|
||||||
_sslContextFactory.setKeyStore(keystore);
|
_sslContextFactory.setKeyStorePath(keystore);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ------------------------------------------------------------ */
|
/* ------------------------------------------------------------ */
|
||||||
|
|
|
||||||
|
|
@ -43,7 +43,7 @@ public class ConnectHandlerSSLTest extends AbstractConnectHandlerTest
|
||||||
|
|
||||||
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
String keyStorePath = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keyStorePath);
|
cf.setKeyStorePath(keyStorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -112,7 +112,7 @@ public class SSLEngineTest
|
||||||
|
|
||||||
connector.setPort(0);
|
connector.setPort(0);
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore);
|
cf.setKeyStorePath(keystore);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
connector.setRequestBufferSize(512);
|
connector.setRequestBufferSize(512);
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,7 @@ public class SSLSelectChannelConnectorLoadTest
|
||||||
|
|
||||||
String keystorePath = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -95,7 +95,7 @@ public class SslRenegotiateTest
|
||||||
String keystore = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
String keystore = MavenTestingUtils.getTestResourceFile("keystore").getAbsolutePath();
|
||||||
connector.setPort(0);
|
connector.setPort(0);
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystore);
|
cf.setKeyStorePath(keystore);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setAllowRenegotiate(reneg);
|
cf.setAllowRenegotiate(reneg);
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,7 @@ public class SslSelectChannelServerTest extends HttpServerTestBase
|
||||||
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
SslSelectChannelConnector connector = new SslSelectChannelConnector();
|
||||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ public class SslSelectChannelTimeoutTest extends ConnectorTimeoutTest
|
||||||
connector.setMaxIdleTime(MAX_IDLE_TIME); //250 msec max idle
|
connector.setMaxIdleTime(MAX_IDLE_TIME); //250 msec max idle
|
||||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -51,7 +51,7 @@ public class SslSocketServerTest extends HttpServerTestBase
|
||||||
SslSocketConnector connector = new SslSocketConnector();
|
SslSocketConnector connector = new SslSocketConnector();
|
||||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,7 @@ public class SslSocketTimeoutTest extends ConnectorTimeoutTest
|
||||||
connector.setMaxIdleTime(MAX_IDLE_TIME); //250 msec max idle
|
connector.setMaxIdleTime(MAX_IDLE_TIME); //250 msec max idle
|
||||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -84,7 +84,7 @@ public class SslTruncationAttackTest
|
||||||
|
|
||||||
String keystorePath = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir", ".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory sslContextFactory = connector.getSslContextFactory();
|
SslContextFactory sslContextFactory = connector.getSslContextFactory();
|
||||||
sslContextFactory.setKeyStore(keystorePath);
|
sslContextFactory.setKeyStorePath(keystorePath);
|
||||||
sslContextFactory.setKeyStorePassword("storepwd");
|
sslContextFactory.setKeyStorePassword("storepwd");
|
||||||
sslContextFactory.setKeyManagerPassword("keypwd");
|
sslContextFactory.setKeyManagerPassword("keypwd");
|
||||||
sslContextFactory.setTrustStore(keystorePath);
|
sslContextFactory.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@ public class SslUploadTest
|
||||||
|
|
||||||
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
String keystorePath = System.getProperty("basedir",".") + "/src/test/resources/keystore";
|
||||||
SslContextFactory cf = connector.getSslContextFactory();
|
SslContextFactory cf = connector.getSslContextFactory();
|
||||||
cf.setKeyStore(keystorePath);
|
cf.setKeyStorePath(keystorePath);
|
||||||
cf.setKeyStorePassword("storepwd");
|
cf.setKeyStorePassword("storepwd");
|
||||||
cf.setKeyManagerPassword("keypwd");
|
cf.setKeyManagerPassword("keypwd");
|
||||||
cf.setTrustStore(keystorePath);
|
cf.setTrustStore(keystorePath);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue