# HG changeset patch # User redestad # Date 1461604383 -7200 # Mon Apr 25 19:13:03 2016 +0200 # Node ID 4ec64ac0c57ec4fb0b236419fce0f909f1875658 # Parent beac9a439d0fd80d6f1b7ddd7927bfa5b3b3a42f 8155039: Simplify code to setup SSLContextImpl and TrustManagerFactoryImpl Reviewed-by: TBD diff --git a/src/java.base/share/classes/sun/security/action/OpenFileInputStreamAction.java b/src/java.base/share/classes/sun/security/action/OpenFileInputStreamAction.java --- a/src/java.base/share/classes/sun/security/action/OpenFileInputStreamAction.java +++ b/src/java.base/share/classes/sun/security/action/OpenFileInputStreamAction.java @@ -39,15 +39,37 @@ private final File file; + // Return null if the file doesn't exist + private final boolean graceful; + public OpenFileInputStreamAction(File file) { + this(file, false); + } + + public OpenFileInputStreamAction(File file, boolean graceful) { this.file = file; + this.graceful = graceful; } public OpenFileInputStreamAction(String filename) { this.file = new File(filename); + this.graceful = false; } public FileInputStream run() throws Exception { - return new FileInputStream(file); + if (graceful) { + try { + if (file.exists()) { + return new FileInputStream(file); + } else { + return null; + } + } catch (FileNotFoundException e) { + // couldn't find it, oh well. + return null; + } + } else { + return new FileInputStream(file); + } } } diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java --- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java @@ -37,6 +37,7 @@ import sun.security.provider.certpath.AlgorithmChecker; import sun.security.action.GetPropertyAction; +import sun.security.action.OpenFileInputStreamAction; public abstract class SSLContextImpl extends SSLContextSpi { @@ -838,27 +839,15 @@ private static KeyManager[] getKeyManagers() throws Exception { - final Map props = new HashMap<>(); - AccessController.doPrivileged( - new PrivilegedExceptionAction() { - @Override - public Object run() throws Exception { - props.put("keyStore", System.getProperty( - "javax.net.ssl.keyStore", "")); - props.put("keyStoreType", System.getProperty( - "javax.net.ssl.keyStoreType", - KeyStore.getDefaultType())); - props.put("keyStoreProvider", System.getProperty( - "javax.net.ssl.keyStoreProvider", "")); - props.put("keyStorePasswd", System.getProperty( - "javax.net.ssl.keyStorePassword", "")); - return null; - } - }); + final Properties props = GetPropertyAction.getProperties(); - final String defaultKeyStore = props.get("keyStore"); - String defaultKeyStoreType = props.get("keyStoreType"); - String defaultKeyStoreProvider = props.get("keyStoreProvider"); + final String defaultKeyStore = props.getProperty( + "javax.net.ssl.keyStore", ""); + String defaultKeyStoreType = props + .getProperty("javax.net.ssl.keyStoreType", + KeyStore.getDefaultType()); + String defaultKeyStoreProvider = props + .getProperty("javax.net.ssl.keyStoreProvider", ""); if (debug != null && Debug.isOn("defaultctx")) { System.out.println("keyStore is : " + defaultKeyStore); System.out.println("keyStore type is : " + @@ -880,15 +869,11 @@ if (defaultKeyStore.length() != 0 && !NONE.equals(defaultKeyStore)) { fs = AccessController.doPrivileged( - new PrivilegedExceptionAction() { - @Override - public FileInputStream run() throws Exception { - return new FileInputStream(defaultKeyStore); - } - }); + new OpenFileInputStreamAction(defaultKeyStore)); } - String defaultKeyStorePassword = props.get("keyStorePasswd"); + String defaultKeyStorePassword = props.getProperty( + "javax.net.ssl.keyStorePassword", ""); if (defaultKeyStorePassword.length() != 0) { passwd = defaultKeyStorePassword.toCharArray(); } diff --git a/src/java.base/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java b/src/java.base/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java --- a/src/java.base/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java +++ b/src/java.base/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java @@ -30,7 +30,8 @@ import java.security.*; import java.security.cert.*; import javax.net.ssl.*; - +import sun.security.action.GetPropertyAction; +import sun.security.action.OpenFileInputStreamAction; import sun.security.validator.Validator; abstract class TrustManagerFactoryImpl extends TrustManagerFactorySpi { @@ -109,54 +110,18 @@ private static FileInputStream getFileInputStream(final File file) throws Exception { return AccessController.doPrivileged( - new PrivilegedExceptionAction() { - @Override - public FileInputStream run() throws Exception { - try { - if (file.exists()) { - return new FileInputStream(file); - } else { - return null; - } - } catch (FileNotFoundException e) { - // couldn't find it, oh well. - return null; - } - } - }); + new OpenFileInputStreamAction(file, true)); } /** * Returns the keystore with the configured CA certificates. */ - static KeyStore getCacertsKeyStore(String dbgname) throws Exception - { - String storeFileName = null; - File storeFile = null; + static KeyStore getCacertsKeyStore(String dbgname) throws Exception { FileInputStream fis = null; - String defaultTrustStoreType; - String defaultTrustStoreProvider; - final HashMap props = new HashMap<>(); final String sep = File.separator; KeyStore ks = null; - AccessController.doPrivileged(new PrivilegedExceptionAction() { - @Override - public Void run() throws Exception { - props.put("trustStore", System.getProperty( - "javax.net.ssl.trustStore")); - props.put("javaHome", System.getProperty( - "java.home")); - props.put("trustStoreType", System.getProperty( - "javax.net.ssl.trustStoreType", - KeyStore.getDefaultType())); - props.put("trustStoreProvider", System.getProperty( - "javax.net.ssl.trustStoreProvider", "")); - props.put("trustStorePasswd", System.getProperty( - "javax.net.ssl.trustStorePassword", "")); - return null; - } - }); + final Properties props = GetPropertyAction.getProperties(); /* * Try: @@ -168,13 +133,15 @@ */ try { - storeFileName = props.get("trustStore"); + File storeFile; + String storeFileName = props + .getProperty("javax.net.ssl.trustStore"); if (!"NONE".equals(storeFileName)) { if (storeFileName != null) { storeFile = new File(storeFileName); fis = getFileInputStream(storeFile); } else { - String javaHome = props.get("javaHome"); + String javaHome = props.getProperty("java.home"); storeFile = new File(javaHome + sep + "lib" + sep + "security" + sep + "jssecacerts"); @@ -193,8 +160,11 @@ } } - defaultTrustStoreType = props.get("trustStoreType"); - defaultTrustStoreProvider = props.get("trustStoreProvider"); + String defaultTrustStoreType = props.getProperty( + "javax.net.ssl.trustStoreType", + KeyStore.getDefaultType()); + String defaultTrustStoreProvider = props.getProperty( + "javax.net.ssl.trustStoreProvider", ""); if (debug != null && Debug.isOn(dbgname)) { System.out.println("trustStore is: " + storeFileName); System.out.println("trustStore type is : " + @@ -217,8 +187,8 @@ defaultTrustStoreProvider); } char[] passwd = null; - String defaultTrustStorePassword = - props.get("trustStorePasswd"); + String defaultTrustStorePassword = props + .getProperty("javax.net.ssl.trustStorePassword", ""); if (defaultTrustStorePassword.length() != 0) passwd = defaultTrustStorePassword.toCharArray(); @@ -253,7 +223,7 @@ ("SunX509 TrustManagerFactory does not use " + "ManagerFactoryParameters"); } - } + } public static final class PKIXFactory extends TrustManagerFactoryImpl { @Override