# HG changeset patch # User Severin Gehwolf # Date 1365067473 -7200 # Node ID f82c6b24dcbd97c271596d99a0ec6a199b4e42c2 # Parent 92699ccfadca9a98bc5fab39f8b00854babcbf5b Rename SSLKeystoreConfiguration and public methods mentioning mongo. Reviewed-by: neugens Review-thread: http://icedtea.classpath.org/pipermail/thermostat/2013-April/006275.html diff -r 92699ccfadca -r f82c6b24dcbd agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContext.java --- a/agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContext.java Thu Apr 04 12:42:39 2013 +0200 +++ b/agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContext.java Thu Apr 04 11:24:33 2013 +0200 @@ -58,7 +58,7 @@ import com.redhat.thermostat.common.command.ConfigurationCommandContext; import com.redhat.thermostat.common.config.InvalidConfigurationException; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.ssl.SslInitException; import com.redhat.thermostat.common.utils.LoggingUtils; @@ -108,7 +108,7 @@ @Override public ChannelPipeline getPipeline() throws Exception { ChannelPipeline pipeline = Channels.pipeline(); - if (SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()) { + if (SSLConfiguration.enableForCmdChannel()) { SSLEngine engine = null; try { SSLContext ctxt = SSLContextFactory.getServerContext(); diff -r 92699ccfadca -r f82c6b24dcbd agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ServerHandler.java --- a/agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ServerHandler.java Thu Apr 04 12:42:39 2013 +0200 +++ b/agent/command/src/main/java/com/redhat/thermostat/agent/command/internal/ServerHandler.java Thu Apr 04 11:24:33 2013 +0200 @@ -59,7 +59,7 @@ import com.redhat.thermostat.common.command.Request; import com.redhat.thermostat.common.command.Response; import com.redhat.thermostat.common.command.Response.ResponseType; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.utils.LoggingUtils; import com.redhat.thermostat.storage.core.AuthToken; import com.redhat.thermostat.storage.core.SecureStorage; @@ -86,7 +86,7 @@ @Override public void channelConnected( ChannelHandlerContext ctx, ChannelStateEvent e) throws Exception { - if (SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()) { + if (SSLConfiguration.enableForCmdChannel()) { // Get the SslHandler in the current pipeline. // We added it in ConfigurationServerContext$ServerPipelineFactory. final SslHandler sslHandler = ctx.getPipeline().get( diff -r 92699ccfadca -r f82c6b24dcbd agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContextTest.java --- a/agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContextTest.java Thu Apr 04 12:42:39 2013 +0200 +++ b/agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ConfigurationServerContextTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -61,10 +61,10 @@ import org.powermock.modules.junit4.PowerMockRunner; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; @RunWith(PowerMockRunner.class) -@PrepareForTest({ SSLKeystoreConfiguration.class, SSLContextFactory.class, +@PrepareForTest({ SSLConfiguration.class, SSLContextFactory.class, SSLEngine.class, SSLContext.class }) public class ConfigurationServerContextTest { @@ -113,8 +113,8 @@ @Test public void testBootstrapSSL() throws Exception { - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()).thenReturn(true); + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.enableForCmdChannel()).thenReturn(true); PowerMockito.mockStatic(SSLContextFactory.class); // SSL classes need to be mocked with PowerMockito SSLContext context = PowerMockito.mock(SSLContext.class); diff -r 92699ccfadca -r f82c6b24dcbd agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ServerHandlerTest.java --- a/agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ServerHandlerTest.java Thu Apr 04 12:42:39 2013 +0200 +++ b/agent/command/src/test/java/com/redhat/thermostat/agent/command/internal/ServerHandlerTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -52,10 +52,10 @@ import org.powermock.modules.junit4.PowerMockRunner; import com.redhat.thermostat.agent.command.internal.ServerHandler.SSLHandshakeDoneListener; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; @RunWith(PowerMockRunner.class) -@PrepareForTest({ SSLKeystoreConfiguration.class}) +@PrepareForTest({ SSLConfiguration.class}) public class ServerHandlerTest { @Test @@ -63,8 +63,8 @@ ServerHandler handler = new ServerHandler(null); // enable ssl - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()).thenReturn(true); + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.enableForCmdChannel()).thenReturn(true); ChannelHandlerContext ctx = mock(ChannelHandlerContext.class); ChannelPipeline pipeline = mock(ChannelPipeline.class); diff -r 92699ccfadca -r f82c6b24dcbd client/command/src/main/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContext.java --- a/client/command/src/main/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContext.java Thu Apr 04 12:42:39 2013 +0200 +++ b/client/command/src/main/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContext.java Thu Apr 04 11:24:33 2013 +0200 @@ -53,7 +53,7 @@ import com.redhat.thermostat.common.command.ConfigurationCommandContext; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.utils.LoggingUtils; public class ConfigurationRequestContext implements ConfigurationCommandContext { @@ -95,7 +95,7 @@ @Override public ChannelPipeline getPipeline() throws Exception { ChannelPipeline pipeline = Channels.pipeline(); - if (SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()) { + if (SSLConfiguration.enableForCmdChannel()) { SSLContext ctxt = SSLContextFactory.getClientContext(); SSLEngine engine = ctxt.createSSLEngine(); engine.setUseClientMode(true); diff -r 92699ccfadca -r f82c6b24dcbd client/command/src/main/java/com/redhat/thermostat/client/command/internal/RequestQueueImpl.java --- a/client/command/src/main/java/com/redhat/thermostat/client/command/internal/RequestQueueImpl.java Thu Apr 04 12:42:39 2013 +0200 +++ b/client/command/src/main/java/com/redhat/thermostat/client/command/internal/RequestQueueImpl.java Thu Apr 04 11:24:33 2013 +0200 @@ -57,7 +57,7 @@ import com.redhat.thermostat.common.command.RequestResponseListener; import com.redhat.thermostat.common.command.Response; import com.redhat.thermostat.common.command.Response.ResponseType; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.utils.LoggingUtils; import com.redhat.thermostat.storage.core.AuthToken; import com.redhat.thermostat.storage.core.SecureStorage; @@ -145,7 +145,7 @@ if (f.isSuccess()) { Channel c = f.getChannel(); ChannelPipeline pipeline = c.getPipeline(); - if (SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()) { + if (SSLConfiguration.enableForCmdChannel()) { doSSLHandShake(pipeline, request); } pipeline.addLast("responseHandler", new ResponseHandler(request)); @@ -177,7 +177,7 @@ // Register a future listener, since it gives us a way to // report an error on client side and to perform (optional) host name verification. - boolean performHostnameCheck = !SSLKeystoreConfiguration.disableHostnameVerification(); + boolean performHostnameCheck = !SSLConfiguration.disableHostnameVerification(); future.addListener(new SSLHandshakeFinishedListener(request, performHostnameCheck, sslHandler, this)); } } diff -r 92699ccfadca -r f82c6b24dcbd client/command/src/test/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContextTest.java --- a/client/command/src/test/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContextTest.java Thu Apr 04 12:42:39 2013 +0200 +++ b/client/command/src/test/java/com/redhat/thermostat/client/command/internal/ConfigurationRequestContextTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -59,10 +59,10 @@ import org.powermock.modules.junit4.PowerMockRunner; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; @RunWith(PowerMockRunner.class) -@PrepareForTest({ SSLKeystoreConfiguration.class, SSLContextFactory.class, +@PrepareForTest({ SSLConfiguration.class, SSLContextFactory.class, SSLContext.class, SSLEngine.class }) public class ConfigurationRequestContextTest { @@ -80,8 +80,8 @@ @Test public void testSSLHandlersAdded() throws Exception { - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()).thenReturn( + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.enableForCmdChannel()).thenReturn( true); PowerMockito.mockStatic(SSLContextFactory.class); // SSL classes need to be mocked with PowerMockito diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/main/java/com/redhat/thermostat/common/internal/CustomX509TrustManager.java --- a/common/core/src/main/java/com/redhat/thermostat/common/internal/CustomX509TrustManager.java Thu Apr 04 12:42:39 2013 +0200 +++ b/common/core/src/main/java/com/redhat/thermostat/common/internal/CustomX509TrustManager.java Thu Apr 04 11:24:33 2013 +0200 @@ -53,7 +53,7 @@ import javax.net.ssl.TrustManagerFactory; import javax.net.ssl.X509TrustManager; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.utils.LoggingUtils; /** @@ -99,7 +99,7 @@ * Main constructor, which uses ssl.properties as config if present. */ CustomX509TrustManager() { - this(SSLKeystoreConfiguration.getKeystoreFile(), SSLKeystoreConfiguration.getKeyStorePassword()); + this(SSLConfiguration.getKeystoreFile(), SSLConfiguration.getKeyStorePassword()); } private X509TrustManager getDefaultTrustManager() { diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLConfiguration.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLConfiguration.java Thu Apr 04 11:24:33 2013 +0200 @@ -0,0 +1,170 @@ +/* + * Copyright 2012, 2013 Red Hat, Inc. + * + * This file is part of Thermostat. + * + * Thermostat is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation; either version 2, or (at your + * option) any later version. + * + * Thermostat is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Thermostat; see the file COPYING. If not see + * . + * + * Linking this code with other modules is making a combined work + * based on this code. Thus, the terms and conditions of the GNU + * General Public License cover the whole combination. + * + * As a special exception, the copyright holders of this code give + * you permission to link this code with independent modules to + * produce an executable, regardless of the license terms of these + * independent modules, and to copy and distribute the resulting + * executable under terms of your choice, provided that you also + * meet, for each linked independent module, the terms and conditions + * of the license of that module. An independent module is a module + * which is not derived from or based on this code. If you modify + * this code, you may extend this exception to your version of the + * library, but you are not obligated to do so. If you do not wish + * to do so, delete this exception statement from your version. + */ + +package com.redhat.thermostat.common.ssl; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.util.Properties; +import java.util.logging.Level; +import java.util.logging.Logger; + +import com.redhat.thermostat.common.config.Configuration; +import com.redhat.thermostat.common.config.InvalidConfigurationException; +import com.redhat.thermostat.common.utils.LoggingUtils; + +public class SSLConfiguration { + + private static Properties clientProps = null; + private static final String KEYSTORE_FILE_KEY = "KEYSTORE_FILE"; + private static final String KEYSTORE_FILE_PWD_KEY = "KEYSTORE_PASSWORD"; + private static final String CMD_CHANNEL_SSL_KEY = "COMMAND_CHANNEL_USE_SSL"; + private static final String BACKING_STORAGE_USE_SSL_KEY = "BACKING_STORAGE_CONNECTION_USE_SSL"; + private static final String DISABLE_HOSTNAME_VERIFICATION = "DISABLE_HOSTNAME_VERIFICATION"; + private static final Logger logger = LoggingUtils.getLogger(SSLConfiguration.class); + + /** + * + * @return The keystore file as specified in $THERMOSTAT_HOME/etc/ssl.properties + * if any. null otherwise. + */ + public static File getKeystoreFile() { + try { + loadClientProperties(); + } catch (InvalidConfigurationException e) { + // Thermostat home not set? Should have failed earlier. Do something + // reasonable. + return null; + } + String path = clientProps.getProperty(KEYSTORE_FILE_KEY); + if (path != null) { + File file = new File(path); + return file; + } + return null; + } + + /** + * + * @return The keystore file as specified in $THERMOSTAT_HOME/etc/ssl.properties + * if any. The empty string otherwise. + */ + public static String getKeyStorePassword() { + try { + loadClientProperties(); + } catch (InvalidConfigurationException e) { + // Thermostat home not set? Do something reasonable + return ""; + } + String pwd = clientProps.getProperty(KEYSTORE_FILE_PWD_KEY); + if (pwd == null) { + return ""; + } else { + return pwd; + } + } + + /** + * + * @return true if and only if SSL should be enabled for command channel + * communication between agent and client. I.e. if + * $THERMOSTAT_HOME/etc/ssl.properties exists and proper config has + * been added. false otherwise. + */ + public static boolean enableForCmdChannel() { + return readBooleanProperty(CMD_CHANNEL_SSL_KEY); + } + + /** + * + * @return true if and only if SSL should be used for backing storage + * connections. I.e. if $THERMOSTAT_HOME/etc/ssl.properties exists + * and proper config has been added. false otherwise. + */ + public static boolean enableForBackingStorage() { + return readBooleanProperty(BACKING_STORAGE_USE_SSL_KEY); + } + + /** + * + * @return true if and only if host name verification should not be + * performed during SSL handshake. In other words if + * $THERMOSTAT_HOME/etc/ssl.properties exists and proper config has + * been added. false otherwise. + */ + public static boolean disableHostnameVerification() { + return readBooleanProperty(DISABLE_HOSTNAME_VERIFICATION); + } + + // testing hook + static void initClientProperties(File clientPropertiesFile) { + clientProps = new Properties(); + try { + clientProps.load(new FileInputStream(clientPropertiesFile)); + } catch (IOException | IllegalArgumentException e) { + // Could not load ssl properties file. This is fine as it's + // an optional config. + } + } + + private static boolean readBooleanProperty(final String property) { + boolean result = false; + try { + loadClientProperties(); + } catch (InvalidConfigurationException e) { + logger.log(Level.WARNING, + "THERMOSTAT_HOME not set and config file attempted to be " + + "read from there! Returning false."); + return result; + } + String token = clientProps.getProperty(property); + if (token != null) { + result = Boolean.parseBoolean(token); + } + return result; + } + + private static void loadClientProperties() + throws InvalidConfigurationException { + if (clientProps == null) { + File clientPropertiesFile = new File(new Configuration().getConfigurationDir(), + "ssl.properties"); + initClientProperties(clientPropertiesFile); + } + } +} + diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLContextFactory.java --- a/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLContextFactory.java Thu Apr 04 12:42:39 2013 +0200 +++ b/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLContextFactory.java Thu Apr 04 11:24:33 2013 +0200 @@ -146,8 +146,8 @@ private static void initServerContext() throws SslInitException, InvalidConfigurationException { SSLContext serverCtxt = null; - File trustStoreFile = SSLKeystoreConfiguration.getKeystoreFile(); - String keyStorePassword = SSLKeystoreConfiguration + File trustStoreFile = SSLConfiguration.getKeystoreFile(); + String keyStorePassword = SSLConfiguration .getKeyStorePassword(); KeyStore ks = KeyStoreProvider.getKeyStore(trustStoreFile, keyStorePassword); diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLKeystoreConfiguration.java --- a/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLKeystoreConfiguration.java Thu Apr 04 12:42:39 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,170 +0,0 @@ -/* - * Copyright 2012, 2013 Red Hat, Inc. - * - * This file is part of Thermostat. - * - * Thermostat is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2, or (at your - * option) any later version. - * - * Thermostat is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Thermostat; see the file COPYING. If not see - * . - * - * Linking this code with other modules is making a combined work - * based on this code. Thus, the terms and conditions of the GNU - * General Public License cover the whole combination. - * - * As a special exception, the copyright holders of this code give - * you permission to link this code with independent modules to - * produce an executable, regardless of the license terms of these - * independent modules, and to copy and distribute the resulting - * executable under terms of your choice, provided that you also - * meet, for each linked independent module, the terms and conditions - * of the license of that module. An independent module is a module - * which is not derived from or based on this code. If you modify - * this code, you may extend this exception to your version of the - * library, but you are not obligated to do so. If you do not wish - * to do so, delete this exception statement from your version. - */ - -package com.redhat.thermostat.common.ssl; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.util.Properties; -import java.util.logging.Level; -import java.util.logging.Logger; - -import com.redhat.thermostat.common.config.Configuration; -import com.redhat.thermostat.common.config.InvalidConfigurationException; -import com.redhat.thermostat.common.utils.LoggingUtils; - -public class SSLKeystoreConfiguration { - - private static Properties clientProps = null; - private static final String KEYSTORE_FILE_KEY = "KEYSTORE_FILE"; - private static final String KEYSTORE_FILE_PWD_KEY = "KEYSTORE_PASSWORD"; - private static final String CMD_CHANNEL_SSL_KEY = "COMMAND_CHANNEL_USE_SSL"; - private static final String MONGO_CONNECTION_USE_SSL_KEY = "MONGODB_CONNECTION_USE_SSL"; - private static final String DISABLE_HOSTNAME_VERIFICATION = "DISABLE_HOSTNAME_VERIFICATION"; - private static final Logger logger = LoggingUtils.getLogger(SSLKeystoreConfiguration.class); - - /** - * - * @return The keystore file as specified in $THERMOSTAT_HOME/etc/ssl.properties - * if any. null otherwise. - */ - public static File getKeystoreFile() { - try { - loadClientProperties(); - } catch (InvalidConfigurationException e) { - // Thermostat home not set? Should have failed earlier. Do something - // reasonable. - return null; - } - String path = clientProps.getProperty(KEYSTORE_FILE_KEY); - if (path != null) { - File file = new File(path); - return file; - } - return null; - } - - /** - * - * @return The keystore file as specified in $THERMOSTAT_HOME/etc/ssl.properties - * if any. The empty string otherwise. - */ - public static String getKeyStorePassword() { - try { - loadClientProperties(); - } catch (InvalidConfigurationException e) { - // Thermostat home not set? Do something reasonable - return ""; - } - String pwd = clientProps.getProperty(KEYSTORE_FILE_PWD_KEY); - if (pwd == null) { - return ""; - } else { - return pwd; - } - } - - /** - * - * @return true if and only if SSL should be enabled for command channel - * communication between agent and client. I.e. if - * $THERMOSTAT_HOME/etc/ssl.properties exists and proper config has - * been added. false otherwise. - */ - public static boolean shouldSSLEnableCmdChannel() { - return readBooleanProperty(CMD_CHANNEL_SSL_KEY); - } - - /** - * - * @return true if and only if SSL should be used for mongodb connections on - * client side. I.e. if $THERMOSTAT_HOME/etc/ssl.properties exists - * and proper config has been added. false otherwise. - */ - public static boolean useSslForMongodb() { - return readBooleanProperty(MONGO_CONNECTION_USE_SSL_KEY); - } - - /** - * - * @return true if and only if host name verification should not be - * performed during SSL handshake. In other words if - * $THERMOSTAT_HOME/etc/ssl.properties exists and proper config has - * been added. false otherwise. - */ - public static boolean disableHostnameVerification() { - return readBooleanProperty(DISABLE_HOSTNAME_VERIFICATION); - } - - // testing hook - static void initClientProperties(File clientPropertiesFile) { - clientProps = new Properties(); - try { - clientProps.load(new FileInputStream(clientPropertiesFile)); - } catch (IOException | IllegalArgumentException e) { - // Could not load ssl properties file. This is fine as it's - // an optional config. - } - } - - private static boolean readBooleanProperty(final String property) { - boolean result = false; - try { - loadClientProperties(); - } catch (InvalidConfigurationException e) { - logger.log(Level.WARNING, - "THERMOSTAT_HOME not set and config file attempted to be " + - "read from there! Returning false."); - return result; - } - String token = clientProps.getProperty(property); - if (token != null) { - result = Boolean.parseBoolean(token); - } - return result; - } - - private static void loadClientProperties() - throws InvalidConfigurationException { - if (clientProps == null) { - File clientPropertiesFile = new File(new Configuration().getConfigurationDir(), - "ssl.properties"); - initClientProperties(clientPropertiesFile); - } - } -} - diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLConfigurationTest.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLConfigurationTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -0,0 +1,83 @@ +/* + * Copyright 2012, 2013 Red Hat, Inc. + * + * This file is part of Thermostat. + * + * Thermostat is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation; either version 2, or (at your + * option) any later version. + * + * Thermostat is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Thermostat; see the file COPYING. If not see + * . + * + * Linking this code with other modules is making a combined work + * based on this code. Thus, the terms and conditions of the GNU + * General Public License cover the whole combination. + * + * As a special exception, the copyright holders of this code give + * you permission to link this code with independent modules to + * produce an executable, regardless of the license terms of these + * independent modules, and to copy and distribute the resulting + * executable under terms of your choice, provided that you also + * meet, for each linked independent module, the terms and conditions + * of the license of that module. An independent module is a module + * which is not derived from or based on this code. If you modify + * this code, you may extend this exception to your version of the + * library, but you are not obligated to do so. If you do not wish + * to do so, delete this exception statement from your version. + */ + +package com.redhat.thermostat.common.ssl; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.io.File; + +import org.junit.Test; + +import com.redhat.thermostat.common.ssl.SSLConfiguration; + +public class SSLConfigurationTest { + + @Test + public void canGetKeystoreFileFromProps() throws Exception { + File clientProps = new File(this.getClass().getResource("/client.properties").getFile()); + SSLConfiguration.initClientProperties(clientProps); + String keystorePath = "/path/to/thermostat.keystore"; + String keystorePwd = "some password"; + assertEquals(keystorePath, SSLConfiguration.getKeystoreFile().getAbsolutePath()); + assertEquals(keystorePwd, SSLConfiguration.getKeyStorePassword()); + } + + @Test + public void notExistingPropertiesFileReturnsNull() throws Exception { + File clientProps = new File("i/am/not/there/file.txt"); + SSLConfiguration.initClientProperties(clientProps); + assertTrue(SSLConfiguration.getKeystoreFile() == null); + assertEquals("", SSLConfiguration.getKeyStorePassword()); + } + + @Test + public void canGetSSLEnabledConfigs() { + File clientProps = new File(this.getClass().getResource("/client.properties").getFile()); + SSLConfiguration.initClientProperties(clientProps); + assertTrue(SSLConfiguration.enableForCmdChannel()); + assertTrue(SSLConfiguration.enableForBackingStorage()); + assertTrue(SSLConfiguration.disableHostnameVerification()); + clientProps = new File(this.getClass().getResource("/ssl.properties").getFile()); + SSLConfiguration.initClientProperties(clientProps); + assertFalse(SSLConfiguration.enableForCmdChannel()); + assertFalse(SSLConfiguration.enableForBackingStorage()); + assertFalse(SSLConfiguration.disableHostnameVerification()); + } +} + diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLContextFactoryTest.java --- a/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLContextFactoryTest.java Thu Apr 04 12:42:39 2013 +0200 +++ b/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLContextFactoryTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -65,7 +65,7 @@ @RunWith(PowerMockRunner.class) -@PrepareForTest({ SSLKeystoreConfiguration.class, SSLContext.class, KeyManagerFactory.class }) +@PrepareForTest({ SSLConfiguration.class, SSLContext.class, KeyManagerFactory.class }) public class SSLContextFactoryTest { /* @@ -84,10 +84,10 @@ File keystoreFile = new File(this.getClass() .getResource("/cmdChanServer.keystore").getFile()); - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.getKeystoreFile()).thenReturn( + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.getKeystoreFile()).thenReturn( keystoreFile); - when(SSLKeystoreConfiguration.getKeyStorePassword()).thenReturn( + when(SSLConfiguration.getKeyStorePassword()).thenReturn( "testpassword"); PowerMockito.mockStatic(SSLContext.class); @@ -124,10 +124,10 @@ File keystoreFile = new File(this.getClass() .getResource("/cmdChanServer.keystore").getFile()); - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.getKeystoreFile()).thenReturn( + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.getKeystoreFile()).thenReturn( keystoreFile); - when(SSLKeystoreConfiguration.getKeyStorePassword()).thenReturn( + when(SSLConfiguration.getKeyStorePassword()).thenReturn( "testpassword"); PowerMockito.mockStatic(SSLContext.class); diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLKeystoreConfigurationTest.java --- a/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLKeystoreConfigurationTest.java Thu Apr 04 12:42:39 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,83 +0,0 @@ -/* - * Copyright 2012, 2013 Red Hat, Inc. - * - * This file is part of Thermostat. - * - * Thermostat is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published - * by the Free Software Foundation; either version 2, or (at your - * option) any later version. - * - * Thermostat is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with Thermostat; see the file COPYING. If not see - * . - * - * Linking this code with other modules is making a combined work - * based on this code. Thus, the terms and conditions of the GNU - * General Public License cover the whole combination. - * - * As a special exception, the copyright holders of this code give - * you permission to link this code with independent modules to - * produce an executable, regardless of the license terms of these - * independent modules, and to copy and distribute the resulting - * executable under terms of your choice, provided that you also - * meet, for each linked independent module, the terms and conditions - * of the license of that module. An independent module is a module - * which is not derived from or based on this code. If you modify - * this code, you may extend this exception to your version of the - * library, but you are not obligated to do so. If you do not wish - * to do so, delete this exception statement from your version. - */ - -package com.redhat.thermostat.common.ssl; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import java.io.File; - -import org.junit.Test; - -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; - -public class SSLKeystoreConfigurationTest { - - @Test - public void canGetKeystoreFileFromProps() throws Exception { - File clientProps = new File(this.getClass().getResource("/client.properties").getFile()); - SSLKeystoreConfiguration.initClientProperties(clientProps); - String keystorePath = "/path/to/thermostat.keystore"; - String keystorePwd = "some password"; - assertEquals(keystorePath, SSLKeystoreConfiguration.getKeystoreFile().getAbsolutePath()); - assertEquals(keystorePwd, SSLKeystoreConfiguration.getKeyStorePassword()); - } - - @Test - public void notExistingPropertiesFileReturnsNull() throws Exception { - File clientProps = new File("i/am/not/there/file.txt"); - SSLKeystoreConfiguration.initClientProperties(clientProps); - assertTrue(SSLKeystoreConfiguration.getKeystoreFile() == null); - assertEquals("", SSLKeystoreConfiguration.getKeyStorePassword()); - } - - @Test - public void canGetSSLEnabledConfigs() { - File clientProps = new File(this.getClass().getResource("/client.properties").getFile()); - SSLKeystoreConfiguration.initClientProperties(clientProps); - assertTrue(SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()); - assertTrue(SSLKeystoreConfiguration.useSslForMongodb()); - assertTrue(SSLKeystoreConfiguration.disableHostnameVerification()); - clientProps = new File(this.getClass().getResource("/ssl.properties").getFile()); - SSLKeystoreConfiguration.initClientProperties(clientProps); - assertFalse(SSLKeystoreConfiguration.shouldSSLEnableCmdChannel()); - assertFalse(SSLKeystoreConfiguration.useSslForMongodb()); - assertFalse(SSLKeystoreConfiguration.disableHostnameVerification()); - } -} - diff -r 92699ccfadca -r f82c6b24dcbd common/core/src/test/resources/client.properties --- a/common/core/src/test/resources/client.properties Thu Apr 04 12:42:39 2013 +0200 +++ b/common/core/src/test/resources/client.properties Thu Apr 04 11:24:33 2013 +0200 @@ -2,5 +2,5 @@ KEYSTORE_FILE=/path/to/thermostat.keystore KEYSTORE_PASSWORD=some password COMMAND_CHANNEL_USE_SSL=true -MONGODB_CONNECTION_USE_SSL=true +BACKING_STORAGE_CONNECTION_USE_SSL=true DISABLE_HOSTNAME_VERIFICATION=true \ No newline at end of file diff -r 92699ccfadca -r f82c6b24dcbd distribution/config/ssl.properties --- a/distribution/config/ssl.properties Thu Apr 04 12:42:39 2013 +0200 +++ b/distribution/config/ssl.properties Thu Apr 04 11:24:33 2013 +0200 @@ -19,7 +19,7 @@ # enable this if you are configuring a thermostat client component which # needs to do a SSL handshake with mongodb storage. See SSL_ENABLE in # $THERMOSTAT_HOME/storage/db.properties). -#MONGODB_CONNECTION_USE_SSL=true +#BACKING_STORAGE_CONNECTION_USE_SSL=true # Uncomment the following line if host name checking should be disabled during # SSL handshakes. It is not recommended to turn this off. NOTE: Host names will diff -r 92699ccfadca -r f82c6b24dcbd storage/mongo/src/main/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnection.java --- a/storage/mongo/src/main/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnection.java Thu Apr 04 12:42:39 2013 +0200 +++ b/storage/mongo/src/main/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnection.java Thu Apr 04 11:24:33 2013 +0200 @@ -51,7 +51,7 @@ import com.mongodb.MongoOptions; import com.mongodb.ServerAddress; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.common.ssl.SslInitException; import com.redhat.thermostat.common.utils.HostPortPair; import com.redhat.thermostat.common.utils.HostPortsParser; @@ -122,7 +122,7 @@ } private void createConnection() throws MongoException, UnknownHostException { - if (SSLKeystoreConfiguration.useSslForMongodb()) { + if (SSLConfiguration.enableForBackingStorage()) { logger.log(Level.FINE, "Using SSL socket for mongodb:// protocol"); this.m = getSSLMongo(); } else { @@ -143,7 +143,7 @@ } SSLParameters params = SSLContextFactory.getSSLParameters(ctxt); // Perform HTTPS compatible host name checking. - if (!SSLKeystoreConfiguration.disableHostnameVerification()) { + if (!SSLConfiguration.disableHostnameVerification()) { params.setEndpointIdentificationAlgorithm("HTTPS"); } SSLSocketFactory factory = SSLContextFactory.wrapSSLFactory( diff -r 92699ccfadca -r f82c6b24dcbd storage/mongo/src/test/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnectionTest.java --- a/storage/mongo/src/test/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnectionTest.java Thu Apr 04 12:42:39 2013 +0200 +++ b/storage/mongo/src/test/java/com/redhat/thermostat/storage/mongodb/internal/MongoConnectionTest.java Thu Apr 04 11:24:33 2013 +0200 @@ -72,7 +72,7 @@ import com.mongodb.MongoURI; import com.mongodb.ServerAddress; import com.redhat.thermostat.common.ssl.SSLContextFactory; -import com.redhat.thermostat.common.ssl.SSLKeystoreConfiguration; +import com.redhat.thermostat.common.ssl.SSLConfiguration; import com.redhat.thermostat.storage.config.StartupConfiguration; import com.redhat.thermostat.storage.core.Connection.ConnectionListener; import com.redhat.thermostat.storage.core.Connection.ConnectionStatus; @@ -165,12 +165,12 @@ assertTrue(exceptionThrown); } - @PrepareForTest({ MongoConnection.class, SSLKeystoreConfiguration.class, + @PrepareForTest({ MongoConnection.class, SSLConfiguration.class, SSLContextFactory.class, SSLContext.class, SSLSocketFactory.class }) @Test public void verifySSLSocketFactoryUsedIfSSLEnabled() throws Exception { - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.useSslForMongodb()).thenReturn(true); + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.enableForBackingStorage()).thenReturn(true); PowerMockito.mockStatic(SSLContextFactory.class); // SSL classes need to be mocked with PowerMockito @@ -198,12 +198,12 @@ assertEquals(factory, opts.socketFactory); } - @PrepareForTest({ SSLKeystoreConfiguration.class, + @PrepareForTest({ SSLConfiguration.class, SSLContextFactory.class, SSLContext.class, SSLSocketFactory.class }) @Test public void verifyNoSSLSocketFactoryUsedIfSSLDisabled() throws Exception { - PowerMockito.mockStatic(SSLKeystoreConfiguration.class); - when(SSLKeystoreConfiguration.useSslForMongodb()).thenReturn(false); + PowerMockito.mockStatic(SSLConfiguration.class); + when(SSLConfiguration.enableForBackingStorage()).thenReturn(false); MongoConnection connection = mock(MongoConnection.class); connection.connect();