Mercurial > hg > release > thermostat-0.9

changeset 1094:51540fc0849c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix handling of keystores with no password The previous commit causes some tests in CustomX509TrustManagerTest to fail that involve keystores that are not password-protected. It appears these tests were silently ignoring password errors, which were corrected in the previous commit. The problem is that KeyStore.load expects a null password if the keystore is not password-protected, and we were supplying the empty string. This commit changes all instances where we pass the empty string to KeyStore.load. This also replaces empty.keystore used in tests. The keystore we have now actually has an entry, this new keystore is in fact empty. Reviewed-by: jerboaa Review-thread: http://icedtea.classpath.org/pipermail/thermostat/2013-May/006582.html
author Elliott Baron <ebaron@redhat.com>
date Fri, 17 May 2013 14:08:07 -0400
parents c2982ec31c62
children 8b19c4771db1
files common/core/src/main/java/com/redhat/thermostat/common/internal/KeyStoreProvider.java common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLConfiguration.java common/core/src/test/java/com/redhat/thermostat/common/internal/CustomX509TrustManagerTest.java common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLConfigurationTest.java common/core/src/test/resources/empty.keystore
diffstat 5 files changed, 12 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/common/core/src/main/java/com/redhat/thermostat/common/internal/KeyStoreProvider.java	Fri May 17 14:06:04 2013 -0400
+++ b/common/core/src/main/java/com/redhat/thermostat/common/internal/KeyStoreProvider.java	Fri May 17 14:08:07 2013 -0400
@@ -55,7 +55,12 @@
             try (InputStream is = new FileInputStream(trustStoreFile)) {
                 KeyStore trustStore = KeyStore.getInstance(KeyStore
                         .getDefaultType());
-                trustStore.load(is, keyStorePassword.toCharArray());
+                if (keyStorePassword == null) {
+                    trustStore.load(is, null);
+                }
+                else {
+                    trustStore.load(is, keyStorePassword.toCharArray());
+                }
                 return trustStore;
             } catch (IOException | CertificateException
                     | NoSuchAlgorithmException | KeyStoreException e) {
--- a/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLConfiguration.java	Fri May 17 14:06:04 2013 -0400
+++ b/common/core/src/main/java/com/redhat/thermostat/common/ssl/SSLConfiguration.java	Fri May 17 14:08:07 2013 -0400
@@ -81,21 +81,17 @@
     /**
      * 
      * @return The keystore file as specified in $THERMOSTAT_HOME/etc/ssl.properties
-     *         if any. The empty string otherwise.
+     *         if any, null otherwise.
      */
     public static String getKeyStorePassword() {
         try {
             loadClientProperties();
         } catch (InvalidConfigurationException e) {
             // Thermostat home not set? Do something reasonable
-            return "";
+            return null;
         }
         String pwd = clientProps.getProperty(KEYSTORE_FILE_PWD_KEY);
-        if (pwd == null) {
-            return "";
-        } else {
-            return pwd;
-        }
+        return pwd;
     }
     
     /**
--- a/common/core/src/test/java/com/redhat/thermostat/common/internal/CustomX509TrustManagerTest.java	Fri May 17 14:06:04 2013 -0400
+++ b/common/core/src/test/java/com/redhat/thermostat/common/internal/CustomX509TrustManagerTest.java	Fri May 17 14:08:07 2013 -0400
@@ -93,7 +93,7 @@
         File emptyKeyStore = new File(this.getClass()
                 .getResource("/empty.keystore").getFile());
         X509TrustManager tm = new CustomX509TrustManager(null, emptyKeyStore,
-                "");
+                null);
         assertEquals(0, tm.getAcceptedIssuers().length);
         try {
             tm.checkClientTrusted(null, null);
@@ -113,7 +113,7 @@
     public void testLoadEmptyTrustStoreForOurDefaultAsUsual() throws Exception {
         File emptyKeyStore = new File(this.getClass()
                 .getResource("/empty.keystore").getFile());
-        X509TrustManager tm = new CustomX509TrustManager(emptyKeyStore, "");
+        X509TrustManager tm = new CustomX509TrustManager(emptyKeyStore, null);
         // Default list should not be empty
         assertTrue(tm.getAcceptedIssuers().length > 0);
         try {
--- a/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLConfigurationTest.java	Fri May 17 14:06:04 2013 -0400
+++ b/common/core/src/test/java/com/redhat/thermostat/common/ssl/SSLConfigurationTest.java	Fri May 17 14:08:07 2013 -0400
@@ -63,7 +63,7 @@
         File clientProps = new File("i/am/not/there/file.txt");
         SSLConfiguration.initClientProperties(clientProps);
         assertTrue(SSLConfiguration.getKeystoreFile() == null);
-        assertEquals("", SSLConfiguration.getKeyStorePassword());
+        assertEquals(null, SSLConfiguration.getKeyStorePassword());
     }
     
     @Test
Binary file common/core/src/test/resources/empty.keystore has changed