hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Oleg Kalnichevski (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HTTPCLIENT-641) Resource Leakage when loading keystore in AuthSSLProtocolSocketFactory
Date Sun, 04 Mar 2007 12:28:50 GMT

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12477777
] 

Oleg Kalnichevski commented on HTTPCLIENT-641:
----------------------------------------------

Hi Odi
I think there is no need to re-vote on 3.1 RC1 because both classes are not a part of the
official release package.  

Hanson,
If you are already a Jakarta committer, you should have commit rights for Commons HttpClient.
Just go ahead and apply the fixes.

Oleg

> Resource Leakage when loading keystore in AuthSSLProtocolSocketFactory
> ----------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-641
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-641
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: Contrib
>    Affects Versions: 3.0.1
>         Environment: All
>            Reporter: Hanson Char
>         Assigned To: Ortwin Gl├╝ck
>             Fix For: 3.1 RC1
>
>         Attachments: patch.txt
>
>
> Opened stream not closed after keystore is loaded, resulting in resource leakage:
> private static KeyStore createKeyStore(final URL url, final String password) 
>         throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
>     {
>         if (url == null) {
>             throw new IllegalArgumentException("Keystore url may not be null");
>         }
>         LOG.debug("Initializing key store");
>         KeyStore keystore  = KeyStore.getInstance("jks");
>         keystore.load(url.openStream(), password != null ? password.toCharArray(): null);
>         return keystore;
>     }
> Should be changed to something like:
> private static KeyStore createKeyStore(final URL url, final String password) 
>         throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException
>     {
>         if (url == null) {
>             throw new IllegalArgumentException("Keystore url may not be null");
>         }
>         LOG.debug("Initializing key store");
>         KeyStore keystore  = KeyStore.getInstance("jks");
>         InputStream is = ulr.openStream();
>         try {
>           keystore.load(is, password != null ? password.toCharArray(): null);
>         } finally {
>            is.close();
>         }
>         return keystore;
>     }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpcomponents-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpcomponents-dev-help@jakarta.apache.org


Mime
View raw message