Changeset 7349


Ignore:
Timestamp:
Apr 28, 2017, 1:18:19 PM (4 years ago)
Author:
Nicklas Nordborg
Message:

Fixes #2082: Fix problems with short-lived SSL certificate in TestFile?

Location:
branches/3.10-stable/src/test
Files:
1 deleted
1 edited

Legend:

Unmodified
Added
Removed
  • branches/3.10-stable/src/test/TestFileServer.java

    r7280 r7349  
    2626import java.io.ByteArrayOutputStream;
    2727import java.io.FileInputStream;
     28import java.io.FileWriter;
     29import java.security.SecureRandom;
     30import java.security.cert.Certificate;
    2831import java.security.cert.X509Certificate;
     32import java.util.Base64;
    2933import java.util.Set;
     34
     35import javax.net.ssl.SSLContext;
     36import javax.net.ssl.SSLSocket;
     37import javax.net.ssl.SSLSocketFactory;
     38import javax.net.ssl.TrustManager;
     39import javax.net.ssl.X509TrustManager;
    3040
    3141public class TestFileServer
     
    7585      if (serverCertificateFile != null)
    7686      {
     87        java.io.File certFile = new java.io.File(serverCertificateFile);
     88        if (!certFile.exists())
     89        {
     90          downloadCertificate(name, certFile);
     91        }
     92       
    7793        ByteArrayOutputStream out = new ByteArrayOutputStream();
    78         FileUtil.copy(new FileInputStream(serverCertificateFile), out);
     94        FileUtil.copy(new FileInputStream(certFile), out);
    7995        out.close();
    8096        fs.setServerCertificate(out.toByteArray());
     
    223239    System.out.println(message);
    224240  }
     241 
     242  private static void downloadCertificate(String host, java.io.File certFile)
     243    throws Exception
     244  {
     245    // TrustManager implemenation that trusts all certificates
     246   
     247    TrustManager trustAll = new X509TrustManager()
     248    {
     249      @Override
     250      public X509Certificate[] getAcceptedIssuers()
     251      {
     252        return null;
     253      }
     254      @Override
     255      public void checkClientTrusted(X509Certificate[] certs, String authType)
     256      {}
     257      @Override
     258      public void checkServerTrusted(X509Certificate[] certs, String authType)
     259      {}
     260    };
     261   
     262    SSLSocket socket = null;
     263    FileWriter out = null;
     264    try
     265    {
     266     
     267      // Creates a new SSL context and factory with our trust-all trust manager
     268      SSLContext sc = SSLContext.getInstance("SSL");
     269      sc.init(null, new TrustManager[] { trustAll }, new SecureRandom());
     270      SSLSocketFactory factory = sc.getSocketFactory();
     271     
     272      // Connect to the host
     273      socket = (SSLSocket) factory.createSocket(host, 443);
     274      socket.startHandshake();
     275     
     276      // And get the certificate
     277      Certificate[] certs = socket.getSession().getPeerCertificates();
     278      Certificate cert = certs[0];
     279     
     280      // Save it to the file
     281      out = new FileWriter(certFile);
     282      out.write("-----BEGIN CERTIFICATE-----\n");
     283      out.write(Base64.getEncoder().encodeToString(cert.getEncoded()));
     284      out.write("\n-----END CERTIFICATE-----\n");
     285      out.close();
     286    }
     287    finally
     288    {
     289      if (socket != null) socket.close();
     290      if (out != null) out.close();
     291    }
     292  }
    225293}
Note: See TracChangeset for help on using the changeset viewer.