cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject git commit: updated refs/heads/4.9-bountycastle-daan to 68217c2 [Forced Update!]
Date Wed, 04 May 2016 21:14:07 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/4.9-bountycastle-daan a001d75c8 -> 68217c226 (forced update)


use more safe getCertifacte(s) call


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/68217c22
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/68217c22
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/68217c22

Branch: refs/heads/4.9-bountycastle-daan
Commit: 68217c2261703c21949d64682b6620caef96d4ec
Parents: 956fd5d
Author: Daan Hoogland <daan@onecht.net>
Authored: Mon Apr 25 14:05:40 2016 +0200
Committer: Daan Hoogland <daan@onecht.net>
Committed: Wed May 4 23:11:45 2016 +0200

----------------------------------------------------------------------
 .../cloud/utils/security/CertificateHelper.java | 33 +++++++++++++-------
 1 file changed, 21 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68217c22/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
----------------------------------------------------------------------
diff --git a/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java b/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
index fd05459..e1ec80c 100644
--- a/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
+++ b/utils/src/main/java/com/cloud/utils/security/CertificateHelper.java
@@ -38,6 +38,8 @@ import java.security.cert.X509Certificate;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
 import java.util.List;
 
 import org.apache.commons.codec.binary.Base64;
@@ -121,20 +123,27 @@ public class CertificateHelper {
     public static List<Certificate> parseChain(String chain) throws IOException, CertificateException
{
 
         final List<Certificate> certs = new ArrayList<Certificate>();
-        final PemReader pemReader = new PemReader(new StringReader(chain));
-
-        Certificate crt = null;
-        final PemObject pemObject = pemReader.readPemObject();
-        final ByteArrayInputStream bais = new ByteArrayInputStream(pemObject.getContent());
-        final CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
-
-        while ((crt = certificateFactory.generateCertificate(bais)) != null) {
-            if (crt instanceof X509Certificate) {
-                certs.add(crt);
+        try(final PemReader pemReader = new PemReader(new StringReader(chain));)
+        {
+            Certificate cert = null;
+            final PemObject pemObject = pemReader.readPemObject();
+            final ByteArrayInputStream bais = new ByteArrayInputStream(pemObject.getContent());
+            final CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
+
+            Collection<? extends Certificate> c = certificateFactory.generateCertificates(bais);
+            Iterator<? extends Certificate> i = c.iterator();
+            while (i.hasNext()) {
+                cert = i.next();
+                if (cert instanceof X509Certificate) {
+                    certs.add(cert);
+                }
+            }
+            if (certs.size() == 0) {
+                throw new IllegalArgumentException("Unable to decode certificate chain");
             }
         }
-        if (certs.size() == 0) {
-            throw new IllegalArgumentException("Unable to decode certificate chain");
+        finally {
+            // just close the pemReader
         }
 
         return certs;


Mime
View raw message