activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jbert...@apache.org
Subject [1/2] activemq-artemis git commit: ARTEMIS-1074 Acceptors/Connectors now start up when configured to use SSL and a password codec
Date Wed, 29 Mar 2017 01:34:42 GMT
Repository: activemq-artemis
Updated Branches:
  refs/heads/1.x 4e8a98f2b -> 20f5554e8


ARTEMIS-1074 Acceptors/Connectors now start up when configured to use SSL and a password codec

(cherry picked from commit 3ceb3328664e3dfa1dbeb24bad45115e2f1970c4)


Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/9330fc85
Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/9330fc85
Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/9330fc85

Branch: refs/heads/1.x
Commit: 9330fc854687a0730dbceabcbc8afd6708acfd62
Parents: 4e8a98f
Author: Armand Roelens <armand.roelens@connexta.com>
Authored: Mon Mar 27 14:59:02 2017 -0700
Committer: Armand Roelens <armand.roelens@connexta.com>
Committed: Tue Mar 28 17:40:35 2017 -0700

----------------------------------------------------------------------
 .../artemis/utils/DefaultSensitiveStringCodec.java  | 16 ++++++++++++++--
 .../core/remoting/impl/netty/NettyConnector.java    |  4 ++--
 .../core/remoting/impl/netty/NettyAcceptor.java     |  4 ++--
 3 files changed, 18 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/9330fc85/artemis-commons/src/main/java/org/apache/activemq/artemis/utils/DefaultSensitiveStringCodec.java
----------------------------------------------------------------------
diff --git a/artemis-commons/src/main/java/org/apache/activemq/artemis/utils/DefaultSensitiveStringCodec.java
b/artemis-commons/src/main/java/org/apache/activemq/artemis/utils/DefaultSensitiveStringCodec.java
index d1e3682..c52cee6 100644
--- a/artemis-commons/src/main/java/org/apache/activemq/artemis/utils/DefaultSensitiveStringCodec.java
+++ b/artemis-commons/src/main/java/org/apache/activemq/artemis/utils/DefaultSensitiveStringCodec.java
@@ -20,6 +20,7 @@ import javax.crypto.Cipher;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.SecretKeySpec;
+
 import java.math.BigInteger;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
@@ -29,6 +30,8 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
 
+import org.jboss.logging.Logger;
+
 /**
  * A DefaultSensitiveDataCodec
  *
@@ -43,6 +46,8 @@ import java.util.Properties;
  */
 public class DefaultSensitiveStringCodec implements SensitiveDataCodec<String> {
 
+   private static final Logger logger = Logger.getLogger(DefaultSensitiveStringCodec.class);
+
    public static final String ALGORITHM = "algorithm";
    public static final String BLOWFISH_KEY = "key";
    public static final String ONE_WAY = "one-way";
@@ -139,8 +144,15 @@ public class DefaultSensitiveStringCodec implements SensitiveDataCodec<String>
{
       public String decode(String secret) throws Exception {
          SecretKeySpec key = new SecretKeySpec(internalKey, "Blowfish");
 
-         BigInteger n = new BigInteger((String) secret, 16);
-         byte[] encoding = n.toByteArray();
+         byte[] encoding;
+         try {
+            encoding = new BigInteger(secret, 16).toByteArray();
+         } catch (Exception ex) {
+            if (logger.isDebugEnabled()) {
+               logger.debug(ex.getMessage(), ex);
+            }
+            throw new IllegalArgumentException("Password must be encrypted.");
+         }
 
          if (encoding.length % 8 != 0) {
             int length = encoding.length;

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/9330fc85/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
----------------------------------------------------------------------
diff --git a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
index 38fb326..3f226ae 100644
--- a/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
+++ b/artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnector.java
@@ -299,13 +299,13 @@ public class NettyConnector extends AbstractConnector {
 
          keyStorePath = ConfigurationHelper.getStringProperty(TransportConstants.KEYSTORE_PATH_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PATH, configuration);
 
-         keyStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropMaskPassword());
+         keyStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropPasswordCodec());
 
          trustStoreProvider = ConfigurationHelper.getStringProperty(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PROVIDER, configuration);
 
          trustStorePath = ConfigurationHelper.getStringProperty(TransportConstants.TRUSTSTORE_PATH_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PATH, configuration);
 
-         trustStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropMaskPassword());
+         trustStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropPasswordCodec());
 
          enabledCipherSuites = ConfigurationHelper.getStringProperty(TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME,
TransportConstants.DEFAULT_ENABLED_CIPHER_SUITES, configuration);
 

http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/9330fc85/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
----------------------------------------------------------------------
diff --git a/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
index aaae108..9088e57 100644
--- a/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
+++ b/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
@@ -216,13 +216,13 @@ public class NettyAcceptor extends AbstractAcceptor {
 
          keyStorePath = ConfigurationHelper.getStringProperty(TransportConstants.KEYSTORE_PATH_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PATH, configuration);
 
-         keyStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropMaskPassword());
+         keyStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_KEYSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropPasswordCodec());
 
          trustStoreProvider = ConfigurationHelper.getStringProperty(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PROVIDER, configuration);
 
          trustStorePath = ConfigurationHelper.getStringProperty(TransportConstants.TRUSTSTORE_PATH_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PATH, configuration);
 
-         trustStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropMaskPassword());
+         trustStorePassword = ConfigurationHelper.getPasswordProperty(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME,
TransportConstants.DEFAULT_TRUSTSTORE_PASSWORD, configuration, ActiveMQDefaultConfiguration.getPropMaskPassword(),
ActiveMQDefaultConfiguration.getPropPasswordCodec());
 
          enabledCipherSuites = ConfigurationHelper.getStringProperty(TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME,
TransportConstants.DEFAULT_ENABLED_CIPHER_SUITES, configuration);
 


Mime
View raw message