svn commit: r1751040 - in /ofbiz/trunk: framework/base/src/org/ofbiz/b
Locked
svn commit: r1751040 - in /ofbiz/trunk: framework/base/src/org/ofbiz/b
 
|
Author: arunpatidar
Date: Sat Jul 2 08:50:31 2016 New Revision: 1751040 URL: http://svn.apache.org/viewvc?rev=1751040&view=rev Log: Applied patch from jira issue - OFBIZ-7551 - Enforce noninstantiability to SSLUtil class. Thanks Rishi solanki and Rohit Koushal for your contribution. Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/HttpClient.java ofbiz/trunk/framework/base/src/org/ofbiz/base/util/SSLUtil.java ofbiz/trunk/framework/base/src/org/ofbiz/base/util/URLConnector.java ofbiz/trunk/framework/service/src/org/ofbiz/service/xmlrpc/AliasSupportedTransportFactory.java ofbiz/trunk/framework/widget/src/org/ofbiz/widget/test/WidgetMacroLibraryTests.java ofbiz/trunk/specialpurpose/oagis/src/org/ofbiz/oagis/OagisServices.java Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/HttpClient.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/HttpClient.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/HttpClient.java (original) +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/HttpClient.java Sat Jul 2 08:50:31 2016 @@ -40,7 +40,7 @@ public class HttpClient { public static final String module = HttpClient.class.getName(); - private int hostVerification = SSLUtil.HOSTCERT_NORMAL_CHECK; + private int hostVerification = SSLUtil.getHostCertNormalCheck(); private int timeout = 30000; private boolean debug = false; private boolean lineFeed = true; Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/SSLUtil.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/SSLUtil.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/SSLUtil.java (original) +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/SSLUtil.java Sat Jul 2 08:50:31 2016 @@ -49,20 +49,57 @@ import org.ofbiz.base.config.GenericConf * KeyStoreUtil - Utilities for setting up SSL connections with specific client certificates * */ -public class SSLUtil { +public final class SSLUtil { public static final String module = SSLUtil.class.getName(); - public static final int HOSTCERT_NO_CHECK = 0; - public static final int HOSTCERT_MIN_CHECK = 1; - public static final int HOSTCERT_NORMAL_CHECK = 2; + private static final int HOSTCERT_NO_CHECK = 0; + private static final int HOSTCERT_MIN_CHECK = 1; + private static final int HOSTCERT_NORMAL_CHECK = 2; private static boolean loadedProps = false; + private SSLUtil () {} + static { SSLUtil.loadJsseProperties(); } + private static class TrustAnyManager implements X509TrustManager { + + public void checkClientTrusted(X509Certificate[] certs, String string) throws CertificateException { + Debug.logImportant("Trusting (un-trusted) client certificate chain:", module); + for (X509Certificate cert: certs) { + Debug.logImportant("---- " + cert.getSubjectX500Principal().getName() + " valid: " + cert.getNotAfter(), module); + + } + } + + public void checkServerTrusted(X509Certificate[] certs, String string) throws CertificateException { + Debug.logImportant("Trusting (un-trusted) server certificate chain:", module); + for (X509Certificate cert: certs) { + Debug.logImportant("---- " + cert.getSubjectX500Principal().getName() + " valid: " + cert.getNotAfter(), module); + } + } + + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[0]; + } + } + + + public static int getHostCertNoCheck() { + return HOSTCERT_NO_CHECK; + } + + public static int getHostCertMinCheck() { + return HOSTCERT_MIN_CHECK; + } + + public static int getHostCertNormalCheck() { + return HOSTCERT_NORMAL_CHECK; + } + public static boolean isClientTrusted(X509Certificate[] chain, String authType) { TrustManager[] mgrs = new TrustManager[0]; try { @@ -278,26 +315,4 @@ public class SSLUtil { loadedProps = true; } } - - static class TrustAnyManager implements X509TrustManager { - - public void checkClientTrusted(X509Certificate[] certs, String string) throws CertificateException { - Debug.logImportant("Trusting (un-trusted) client certificate chain:", module); - for (X509Certificate cert: certs) { - Debug.logImportant("---- " + cert.getSubjectX500Principal().getName() + " valid: " + cert.getNotAfter(), module); - - } - } - - public void checkServerTrusted(X509Certificate[] certs, String string) throws CertificateException { - Debug.logImportant("Trusting (un-trusted) server certificate chain:", module); - for (X509Certificate cert: certs) { - Debug.logImportant("---- " + cert.getSubjectX500Principal().getName() + " valid: " + cert.getNotAfter(), module); - } - } - - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } - } } Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/URLConnector.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/URLConnector.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/URLConnector.java (original) +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/URLConnector.java Sat Jul 2 08:50:31 2016 @@ -81,11 +81,11 @@ public class URLConnector { } public static URLConnection openConnection(URL url, int timeout) throws IOException { - return openConnection(url, timeout, null, SSLUtil.HOSTCERT_NORMAL_CHECK); + return openConnection(url, timeout, null, SSLUtil.getHostCertNormalCheck()); } public static URLConnection openConnection(URL url, String clientCertAlias) throws IOException { - return openConnection(url, 30000, clientCertAlias, SSLUtil.HOSTCERT_NORMAL_CHECK); + return openConnection(url, 30000, clientCertAlias, SSLUtil.getHostCertNormalCheck()); } public static URLConnection openConnection(URL url, int timeout, String clientCertAlias, int hostCertLevel) throws IOException { @@ -99,11 +99,11 @@ public class URLConnector { } public static URLConnection openUntrustedConnection(URL url, int timeout) throws IOException { - return openConnection(url, timeout, null, SSLUtil.HOSTCERT_NORMAL_CHECK); + return openConnection(url, timeout, null, SSLUtil.getHostCertNormalCheck()); } public static URLConnection openUntrustedConnection(URL url, String clientCertAlias) throws IOException { - return openConnection(url, 30000, clientCertAlias, SSLUtil.HOSTCERT_NORMAL_CHECK); + return openConnection(url, 30000, clientCertAlias, SSLUtil.getHostCertNormalCheck()); } public static URLConnection openUntrustedConnection(URL url, int timeout, String clientCertAlias, int hostCertLevel) throws IOException { Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/xmlrpc/AliasSupportedTransportFactory.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/xmlrpc/AliasSupportedTransportFactory.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/framework/service/src/org/ofbiz/service/xmlrpc/AliasSupportedTransportFactory.java (original) +++ ofbiz/trunk/framework/service/src/org/ofbiz/service/xmlrpc/AliasSupportedTransportFactory.java Sat Jul 2 08:50:31 2016 @@ -98,7 +98,7 @@ public class AliasSupportedTransportFact HttpsURLConnection scon = (HttpsURLConnection) con; try { scon.setSSLSocketFactory(SSLUtil.getSSLSocketFactory(ks, password, alias)); - scon.setHostnameVerifier(SSLUtil.getHostnameVerifier(SSLUtil.HOSTCERT_MIN_CHECK)); + scon.setHostnameVerifier(SSLUtil.getHostnameVerifier(SSLUtil.getHostCertMinCheck())); } catch (GeneralException e) { throw new IOException(e.getMessage()); } catch (GeneralSecurityException e) { Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/test/WidgetMacroLibraryTests.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/test/WidgetMacroLibraryTests.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/test/WidgetMacroLibraryTests.java (original) +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/test/WidgetMacroLibraryTests.java Sat Jul 2 08:50:31 2016 @@ -50,7 +50,7 @@ public class WidgetMacroLibraryTests ext HttpClient http = new HttpClient(); http.followRedirects(true); http.setAllowUntrusted(true); - http.setHostVerificationLevel(SSLUtil.HOSTCERT_NO_CHECK); + http.setHostVerificationLevel(SSLUtil.getHostCertNoCheck()); return http; } Modified: ofbiz/trunk/specialpurpose/oagis/src/org/ofbiz/oagis/OagisServices.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/oagis/src/org/ofbiz/oagis/OagisServices.java?rev=1751040&r1=1751039&r2=1751040&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/oagis/src/org/ofbiz/oagis/OagisServices.java (original) +++ ofbiz/trunk/specialpurpose/oagis/src/org/ofbiz/oagis/OagisServices.java Sat Jul 2 08:50:31 2016 @@ -703,7 +703,7 @@ public class OagisServices { HttpClient http = new HttpClient(sendToUrl); // test parameters - http.setHostVerificationLevel(SSLUtil.HOSTCERT_NO_CHECK); + http.setHostVerificationLevel(SSLUtil.getHostCertNoCheck()); http.setAllowUntrusted(true); http.setDebug(true); |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |