summaryrefslogtreecommitdiff
path: root/java/src/IceSSL/Instance.java
diff options
context:
space:
mode:
authorMark Spruiell <mes@zeroc.com>2009-02-04 15:51:57 -0800
committerMark Spruiell <mes@zeroc.com>2009-02-04 15:51:57 -0800
commit5c25edf9ad2e769bf89c19f42fa33c6f0ee48a00 (patch)
tree387ca686956dec7f86383efeb64c03e465db83c5 /java/src/IceSSL/Instance.java
parentadding eclipse plugin (diff)
downloadice-5c25edf9ad2e769bf89c19f42fa33c6f0ee48a00.tar.bz2
ice-5c25edf9ad2e769bf89c19f42fa33c6f0ee48a00.tar.xz
ice-5c25edf9ad2e769bf89c19f42fa33c6f0ee48a00.zip
bug 3689 - add support for Java resources in IceSSL
Diffstat (limited to 'java/src/IceSSL/Instance.java')
-rw-r--r--java/src/IceSSL/Instance.java196
1 files changed, 126 insertions, 70 deletions
diff --git a/java/src/IceSSL/Instance.java b/java/src/IceSSL/Instance.java
index afddf43071a..b4eec68879d 100644
--- a/java/src/IceSSL/Instance.java
+++ b/java/src/IceSSL/Instance.java
@@ -209,22 +209,22 @@ class Instance
final String[] arr = seedFiles.split(java.io.File.pathSeparator);
for(int i = 0; i < arr.length; ++i)
{
- Ice.StringHolder seedFile = new Ice.StringHolder(arr[i]);
- if(!checkPath(seedFile, false))
- {
- Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: random seed file not found:\n" + arr[i];
- throw e;
- }
- java.io.File f = new java.io.File(seedFile.value);
try
{
- _seeds.add(new java.io.FileInputStream(f));
+ java.io.InputStream seedStream = openResource(arr[i]);
+ if(seedStream == null)
+ {
+ Ice.PluginInitializationException e = new Ice.PluginInitializationException();
+ e.reason = "IceSSL: random seed file not found:\n" + arr[i];
+ throw e;
+ }
+
+ _seeds.add(seedStream);
}
catch(java.io.IOException ex)
{
Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: error while reading random seed file:\n" + arr[i];
+ e.reason = "IceSSL: unable to access random seed file:\n" + arr[i];
e.initCause(ex);
throw e;
}
@@ -275,7 +275,7 @@ class Instance
//
// The keystore holds private keys and associated certificates.
//
- Ice.StringHolder keystorePath = new Ice.StringHolder(properties.getProperty(prefix + "Keystore"));
+ String keystorePath = properties.getProperty(prefix + "Keystore");
//
// The password for the keys.
@@ -302,7 +302,7 @@ class Instance
//
// The truststore holds the certificates of trusted CAs.
//
- Ice.StringHolder truststorePath = new Ice.StringHolder(properties.getProperty(prefix + "Truststore"));
+ String truststorePath = properties.getProperty(prefix + "Truststore");
//
// The password for the truststore.
@@ -322,17 +322,27 @@ class Instance
//
javax.net.ssl.KeyManager[] keyManagers = null;
java.security.KeyStore keys = null;
- if(_keystoreStream != null || keystorePath.value.length() > 0)
+ if(_keystoreStream != null || keystorePath.length() > 0)
{
- if(_keystoreStream == null && !checkPath(keystorePath, false))
- {
- Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: keystore file not found:\n" + keystorePath.value;
- throw e;
- }
- keys = java.security.KeyStore.getInstance(keystoreType);
+ java.io.InputStream keystoreStream = null;
try
{
+ if(_keystoreStream != null)
+ {
+ keystoreStream = _keystoreStream;
+ }
+ else
+ {
+ keystoreStream = openResource(keystorePath);
+ if(keystoreStream == null)
+ {
+ Ice.PluginInitializationException e = new Ice.PluginInitializationException();
+ e.reason = "IceSSL: keystore not found:\n" + keystorePath;
+ throw e;
+ }
+ }
+
+ keys = java.security.KeyStore.getInstance(keystoreType);
char[] passwordChars = null;
if(keystorePassword.length() > 0)
{
@@ -348,16 +358,7 @@ class Instance
passwordChars = new char[0];
}
- java.io.InputStream bis;
- if(_keystoreStream != null)
- {
- bis = _keystoreStream;
- }
- else
- {
- bis = new java.io.BufferedInputStream(new java.io.FileInputStream(keystorePath.value));
- }
- keys.load(bis, passwordChars);
+ keys.load(keystoreStream, passwordChars);
if(passwordChars != null)
{
@@ -368,10 +369,24 @@ class Instance
catch(java.io.IOException ex)
{
Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: unable to load keystore:\n" + keystorePath.value;
+ e.reason = "IceSSL: unable to load keystore:\n" + keystorePath;
e.initCause(ex);
throw e;
}
+ finally
+ {
+ if(keystoreStream != null)
+ {
+ try
+ {
+ keystoreStream.close();
+ }
+ catch(java.io.IOException e)
+ {
+ // Ignore.
+ }
+ }
+ }
String algorithm = javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm();
javax.net.ssl.KeyManagerFactory kmf = javax.net.ssl.KeyManagerFactory.getInstance(algorithm);
@@ -416,31 +431,41 @@ class Instance
// Collect the trust managers.
//
javax.net.ssl.TrustManager[] trustManagers = null;
- if(_truststoreStream != null || truststorePath.value.length() > 0)
+ if(_truststoreStream != null || truststorePath.length() > 0)
{
- if(_truststoreStream == null && !checkPath(truststorePath, false))
- {
- Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: truststore file not found:\n" + truststorePath.value;
- throw e;
- }
-
//
// If the trust store and the key store are the same input
// stream or file, don't create another key store.
//
java.security.KeyStore ts;
if((_truststoreStream != null && _truststoreStream == _keystoreStream) ||
- (truststorePath.value.length() > 0 && truststorePath.value.equals(keystorePath.value)))
+ (truststorePath.length() > 0 && truststorePath.equals(keystorePath)))
{
assert keys != null;
ts = keys;
}
else
{
- ts = java.security.KeyStore.getInstance(truststoreType);
+ java.io.InputStream truststoreStream = null;
try
{
+ if(_truststoreStream != null)
+ {
+ truststoreStream = _truststoreStream;
+ }
+ else
+ {
+ truststoreStream = openResource(truststorePath);
+ if(truststoreStream == null)
+ {
+ Ice.PluginInitializationException e = new Ice.PluginInitializationException();
+ e.reason = "IceSSL: truststore not found:\n" + truststorePath;
+ throw e;
+ }
+ }
+
+ ts = java.security.KeyStore.getInstance(truststoreType);
+
char[] passwordChars = null;
if(truststorePassword.length() > 0)
{
@@ -456,17 +481,7 @@ class Instance
passwordChars = new char[0];
}
- java.io.InputStream bis;
- if(_truststoreStream != null)
- {
- bis = _truststoreStream;
- }
- else
- {
- bis = new java.io.BufferedInputStream(
- new java.io.FileInputStream(truststorePath.value));
- }
- ts.load(bis, passwordChars);
+ ts.load(truststoreStream, passwordChars);
if(passwordChars != null)
{
@@ -477,10 +492,24 @@ class Instance
catch(java.io.IOException ex)
{
Ice.PluginInitializationException e = new Ice.PluginInitializationException();
- e.reason = "IceSSL: unable to load truststore:\n" + truststorePath.value;
+ e.reason = "IceSSL: unable to load truststore:\n" + truststorePath;
e.initCause(ex);
throw e;
}
+ finally
+ {
+ if(truststoreStream != null)
+ {
+ try
+ {
+ truststoreStream.close();
+ }
+ catch(java.io.IOException e)
+ {
+ // Ignore.
+ }
+ }
+ }
}
String algorithm = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm();
@@ -1057,33 +1086,60 @@ class Instance
cipherList.toArray(_ciphers);
}
- private boolean
- checkPath(Ice.StringHolder path, boolean dir)
+ private java.io.InputStream
+ openResource(String path)
+ throws java.io.IOException
{
//
- // Check if file exists. If not, try prepending the default
- // directory and check again. If the file is found, the
- // string argument is modified and true is returned. Otherwise
- // false is returned.
+ // We resolve the path as follows:
+ //
+ // 1. Try to open it as a class path resource
+ // 2. Try to open it in the file system
+ // 3. Prepend the value of IceSSL.DefaultDir (if defined) and try to open
+ // it in the file system
+ //
+
+ //
+ // Calling getResourceAsStream on the class loader means all paths are absolute,
+ // whereas calling it on the class requires you to prepend "/" to the path in
+ // order to make it absolute, otherwise the path is interpreted relative to the
+ // class.
+ //
+ // getResourceAsStream returns null if the resource can't be found.
//
- java.io.File f = new java.io.File(path.value);
- if(f.exists())
+ java.io.InputStream stream = getClass().getClassLoader().getResourceAsStream(path);
+ if(stream != null)
{
- return dir ? f.isDirectory() : f.isFile();
+ stream = new java.io.BufferedInputStream(stream);
}
-
- if(_defaultDir.length() > 0)
+ else
{
- String s = _defaultDir + java.io.File.separator + path.value;
- f = new java.io.File(s);
- if(f.exists() && ((!dir && f.isFile()) || (dir && f.isDirectory())))
+ try
+ {
+ java.io.File f = new java.io.File(path);
+ if(f.exists())
+ {
+ stream = new java.io.BufferedInputStream(new java.io.FileInputStream(f));
+ }
+ else
+ {
+ if(_defaultDir.length() > 0)
+ {
+ f = new java.io.File(_defaultDir + java.io.File.separator + path);
+ if(f.exists())
+ {
+ stream = new java.io.BufferedInputStream(new java.io.FileInputStream(f));
+ }
+ }
+ }
+ }
+ catch(java.lang.SecurityException ex)
{
- path.value = s;
- return true;
+ // Ignore - a security manager may forbid access to the local file system.
}
}
- return false;
+ return stream;
}
private static class CipherExpression
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 19:51:47 +0000