Skip to content

O
Openfire
Commit eb9144d7 authored by ='s avatar =
Browse files
Options

Resolve exception 

		org.jivesoftware.util.CertificateManager - Error decoding subjectAltName
		java.lang.ClassCastException: org.bouncycastle.asn1.DERTaggedObject
		cannot be cast to org.bouncycastle.asn1.ASN1Sequence
parent 6bc0ac29
Show whitespace changes
Inline Side-by-side
Showing with 10 additions and 4 deletions
src/java/org/jivesoftware/util/CertificateManager.java
View file @ eb9144d7
...@@ -377,15 +377,20 @@ public class CertificateManager { ...@@ -377,15 +377,20 @@ public class CertificateManager {
return Collections.emptyList(); return Collections.emptyList();
} }
// Use the type OtherName to search for the certified server name // Use the type OtherName to search for the certified server name
for (List item : altNames) { for (List<?> item : altNames) {
Integer type = (Integer) item.get(0); Integer type = (Integer) item.get(0);
if (type == 0) { if (type == 0) {
// Type OtherName found so return the associated value // Type OtherName found so return the associated value
try { try {
// Value is encoded using ASN.1 so decode it to get the server's identity // Value is encoded using ASN.1 so decode it to get the server's identity
ASN1InputStream decoder = new ASN1InputStream((byte[]) item.get(1)); ASN1InputStream decoder = new ASN1InputStream((byte[]) item.get(1));
ASN1Sequence otherNameSeq = (ASN1Sequence) decoder.readObject(); Object object = decoder.readObject();
ASN1Sequence otherNameSeq = null;
if (object != null && object instanceof ASN1Sequence) {
otherNameSeq = (ASN1Sequence) object;
} else {
continue;
}
// Check the object identifier // Check the object identifier
ASN1ObjectIdentifier objectId = (ASN1ObjectIdentifier) otherNameSeq.getObjectAt(0); ASN1ObjectIdentifier objectId = (ASN1ObjectIdentifier) otherNameSeq.getObjectAt(0);
Log.debug("Parsing otherName for subject alternative names: " + objectId.toString() ); Log.debug("Parsing otherName for subject alternative names: " + objectId.toString() );
...@@ -413,6 +418,7 @@ public class CertificateManager { ...@@ -413,6 +418,7 @@ public class CertificateManager {
// Add the decoded server name to the list of identities // Add the decoded server name to the list of identities
identities.add(identity); identities.add(identity);
} }
decoder.close();
} catch (IllegalArgumentException ex) { } catch (IllegalArgumentException ex) {
// OF-517: othername formats are extensible. If we don't recognize the format, skip it. // OF-517: othername formats are extensible. If we don't recognize the format, skip it.
Log.debug("Cannot parse altName, likely because of unknown record format.", ex); Log.debug("Cannot parse altName, likely because of unknown record format.", ex);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023