Commit 43da2b45 authored by Hal Deadman's avatar Hal Deadman Committed by daryl herzmann

Avoid NullPointerException if peer certificates array is null

Treat null array the same as empty array
parent 3e10288f
......@@ -11,6 +11,7 @@ import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import java.nio.charset.StandardCharsets;
import java.security.cert.Certificate;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
......@@ -57,14 +58,15 @@ public class ExternalClientSaslServer implements SaslServer
complete = true;
final Connection connection = session.getConnection();
if ( connection.getPeerCertificates().length < 1 )
Certificate[] peerCertificates = connection.getPeerCertificates();
if ( peerCertificates == null || peerCertificates.length < 1 )
{
throw new SaslException( "No peer certificates." );
}
final KeyStore keyStore = connection.getConfiguration().getIdentityStore().getStore();
final KeyStore trustStore = connection.getConfiguration().getTrustStore().getStore();
final X509Certificate trusted = CertificateManager.getEndEntityCertificate( connection.getPeerCertificates(), keyStore, trustStore );
final X509Certificate trusted = CertificateManager.getEndEntityCertificate( peerCertificates, keyStore, trustStore );
if ( trusted == null )
{
throw new SaslException( "Certificate chain of peer is not trusted." );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment