Lines 87-92
Link Here
|
87 |
public static final String SSL_TRUSTSTORE_PWD_PROPERTY = |
87 |
public static final String SSL_TRUSTSTORE_PWD_PROPERTY = |
88 |
"org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD"; |
88 |
"org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD"; |
89 |
public static final String SSL_TRUSTSTORE_PWD_DEFAULT = "changeit"; |
89 |
public static final String SSL_TRUSTSTORE_PWD_DEFAULT = "changeit"; |
|
|
90 |
|
91 |
/** |
92 |
* Property name to set to configure used SSLContext. |
93 |
* The value should be an instance of SSLContext. |
94 |
*/ |
95 |
public static final String SSL_CONTEXT_PROPERTY = |
96 |
"org.apache.tomcat.websocket.SSL_CONTEXT"; |
90 |
|
97 |
|
91 |
/** |
98 |
/** |
92 |
* Property name to set to configure the timeout (in milliseconds) when |
99 |
* Property name to set to configure the timeout (in milliseconds) when |
Lines 671-712
Link Here
|
671 |
throws DeploymentException { |
678 |
throws DeploymentException { |
672 |
|
679 |
|
673 |
try { |
680 |
try { |
674 |
// Create the SSL Context |
681 |
// SSL Context |
675 |
SSLContext sslContext = SSLContext.getInstance("TLS"); |
682 |
SSLContext sslContextValue = (SSLContext) userProperties |
|
|
683 |
.get(SSL_CONTEXT_PROPERTY); |
684 |
|
685 |
SSLContext sslContext; |
676 |
|
686 |
|
677 |
// Trust store |
687 |
if (sslContextValue != null) { |
678 |
String sslTrustStoreValue = |
688 |
sslContext = sslContextValue; |
679 |
(String) userProperties.get(SSL_TRUSTSTORE_PROPERTY); |
689 |
} else { |
680 |
if (sslTrustStoreValue != null) { |
690 |
sslContext = SSLContext.getInstance("TLS"); |
681 |
String sslTrustStorePwdValue = (String) userProperties.get( |
|
|
682 |
SSL_TRUSTSTORE_PWD_PROPERTY); |
683 |
if (sslTrustStorePwdValue == null) { |
684 |
sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT; |
685 |
} |
686 |
|
691 |
|
687 |
File keyStoreFile = new File(sslTrustStoreValue); |
692 |
// Trust store |
688 |
KeyStore ks = KeyStore.getInstance("JKS"); |
693 |
String sslTrustStoreValue = (String) userProperties |
689 |
InputStream is = null; |
694 |
.get(SSL_TRUSTSTORE_PROPERTY); |
690 |
try { |
695 |
if (sslTrustStoreValue != null) { |
691 |
is = new FileInputStream(keyStoreFile); |
696 |
String sslTrustStorePwdValue = (String) userProperties |
692 |
ks.load(is, sslTrustStorePwdValue.toCharArray()); |
697 |
.get(SSL_TRUSTSTORE_PWD_PROPERTY); |
693 |
} finally { |
698 |
if (sslTrustStorePwdValue == null) { |
694 |
if (is != null) { |
699 |
sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT; |
695 |
try { |
700 |
} |
696 |
is.close(); |
701 |
|
697 |
} catch (IOException ioe) { |
702 |
File keyStoreFile = new File(sslTrustStoreValue); |
698 |
// Ignore |
703 |
KeyStore ks = KeyStore.getInstance("JKS"); |
|
|
704 |
InputStream is = null; |
705 |
try { |
706 |
is = new FileInputStream(keyStoreFile); |
707 |
ks.load(is, sslTrustStorePwdValue.toCharArray()); |
708 |
} finally { |
709 |
if (is != null) { |
710 |
try { |
711 |
is.close(); |
712 |
} catch (IOException ioe) { |
713 |
// Ignore |
714 |
} |
699 |
} |
715 |
} |
700 |
} |
716 |
} |
701 |
} |
|
|
702 |
|
717 |
|
703 |
TrustManagerFactory tmf = TrustManagerFactory.getInstance( |
718 |
TrustManagerFactory tmf = TrustManagerFactory |
704 |
TrustManagerFactory.getDefaultAlgorithm()); |
719 |
.getInstance(TrustManagerFactory |
705 |
tmf.init(ks); |
720 |
.getDefaultAlgorithm()); |
|
|
721 |
tmf.init(ks); |
706 |
|
722 |
|
707 |
sslContext.init(null, tmf.getTrustManagers(), null); |
723 |
sslContext.init(null, tmf.getTrustManagers(), null); |
708 |
} else { |
724 |
} else { |
709 |
sslContext.init(null, null, null); |
725 |
sslContext.init(null, null, null); |
|
|
726 |
} |
710 |
} |
727 |
} |
711 |
|
728 |
|
712 |
SSLEngine engine = sslContext.createSSLEngine(); |
729 |
SSLEngine engine = sslContext.createSSLEngine(); |