SSL now works and will use the default keystore and truststore if none are specified.

git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@137 b35dd754-fafc-0310-a699-88a17e54d16e

SSL now works and will use the default keystore and truststore if none are specified.
git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@137 b35dd754-fafc-0310-a699-88a17e54d16e
a37b2fe3 · Matt Tucker · matt · 642e027f · a37b2fe3
Commit a37b2fe3 authored Oct 26, 2004 by Matt Tucker Committed by matt Oct 26, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 66 deletions

SSLConfig.java src/java/org/jivesoftware/messenger/net/SSLConfig.java +25 -66

No files found.
--- a/src/java/org/jivesoftware/messenger/net/SSLConfig.java
+++ b/src/java/org/jivesoftware/messenger/net/SSLConfig.java
@@ -20,7 +20,6 @@ import java.io.IOException;
 import java.net.InetAddress;
 import java.net.ServerSocket;
 import java.security.KeyStore;
-import java.security.Security;
 /**
 * Configuration of Messenger's SSL settings.
@@ -34,75 +33,40 @@ public class SSLConfig {
    private static String keypass;
    private static KeyStore trustStore;
    private static String trustpass;
-    private static String keystore;
+    private static String keyStoreLocation;
-    private static String truststore;
+    private static String trustStoreLocation;
    private SSLConfig() {
    }
    static {
-        String algorithm = JiveGlobals.getProperty("xmpp.socket.ssl.algorithm");
+        String algorithm = JiveGlobals.getProperty("xmpp.socket.ssl.algorithm", "TLS");
-        if ("".equals(algorithm) || algorithm == null) {
+        String storeType = JiveGlobals.getProperty("xmpp.socket.ssl.storeType", "jks");
-            algorithm = "TLS";
+        // Get the keystore location. The default location is security/keystore
-        }
+        keyStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.keystore",
-        String storeType = JiveGlobals.getProperty("xmpp.socket.ssl.storeType");
+                JiveGlobals.getMessengerHome() + File.separator + "security" +
-        if ("".equals(storeType)) {
+                File.separator + "keystore");
-            storeType = null;
+        // Get the keystore password. The default password is "changeit".
-        }
+        keypass = JiveGlobals.getProperty("xmpp.socket.ssl.keypass", "changeit");
-        keystore = JiveGlobals.getProperty("xmpp.socket.ssl.keystore");
+        keypass = keypass.trim();
-        if ("".equals(keystore) || keystore == null) {
+        // Get the truststore location; default at security/truststore
-            keystore = null;
+        trustStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.truststore",
-        }
+                JiveGlobals.getMessengerHome() + File.separator + "security" +
-        else {
+                File.separator + "truststore");
-            keystore = JiveGlobals.getMessengerHome() + File.separator + keystore;
+        // Get the truststore passwprd; default is "changeit".
-        }
+        trustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass", "changeit");
-        keypass = JiveGlobals.getProperty("xmpp.socket.ssl.keypass");
+        trustpass = trustpass.trim();
-        if (keypass == null) {
-            keypass = "";
-        }
-        else {
-            keypass = keypass.trim();
-        }
-        truststore = JiveGlobals.getProperty("xmpp.socket.ssl.truststore");
-        if ("".equals(truststore) || truststore == null) {
-            truststore = null;
-        }
-        else {
-            truststore = JiveGlobals.getMessengerHome() + File.separator + truststore;
-        }
-        trustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass");
-        if (trustpass == null) {
-            trustpass = "";
-        }
-        else {
-            trustpass = trustpass.trim();
-        }
        try {
            keyStore = KeyStore.getInstance(storeType);
-            if (keystore == null) {
+            keyStore.load(new FileInputStream(keyStoreLocation), keypass.toCharArray());
-                keyStore.load(null, keypass.toCharArray());
-            }
-            else {
-                keyStore.load(new FileInputStream(keystore), keypass.toCharArray());
-            }
            trustStore = KeyStore.getInstance(storeType);
-            if (truststore == null) {
+            trustStore.load(new FileInputStream(trustStoreLocation), trustpass.toCharArray());
-                trustStore.load(null, trustpass.toCharArray());
-            }
-            else {
-                trustStore.load(new FileInputStream(truststore), trustpass.toCharArray());
-            }
-            // Install the jsse provider for jdk 1.3.x and the external jsse
-            // Not needed on jdk1.4.x but this implementation must support both platforms
-            Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
            sslFactory = (SSLJiveServerSocketFactory)
                    SSLJiveServerSocketFactory.getInstance(algorithm,
-                            keyStore,
+                    keyStore, trustStore);
-                            trustStore);
        }
        catch (Exception e) {
            Log.error(e);
@@ -158,13 +122,8 @@ public class SSLConfig {
    public static void saveStores() throws IOException {
        try {
-            if (keystore != null) {
+            keyStore.store(new FileOutputStream(keyStoreLocation), keypass.toCharArray());
-                keyStore.store(new FileOutputStream(keystore), keypass.toCharArray());
+            trustStore.store(new FileOutputStream(trustStoreLocation), trustpass.toCharArray());
-            }
-            if (truststore != null) {
-                trustStore.store(new FileOutputStream(truststore), trustpass.toCharArray());
-            }
        }
        catch (IOException e) {
            throw e;
@@ -183,4 +142,4 @@ public class SSLConfig {
            return sslFactory.createServerSocket(port, -1, ifAddress);
        }
    }
 }
\ No newline at end of file