• Guus der Kinderen's avatar
    OF-1373: Allow certificate changes to be applied without a restart. · 2f5191f0
    Guus der Kinderen authored
    This commit grew a little larger than anticipated - my apologies for the reviewer. The original intend
    for this was to allow changes in the java Keystore to be applied, without requiring a restart of Openfire.
    This is what allows outside processes to update the Keystores - think Let's Encrypt - but could also be
    useful for other purposes.
    
    In the process of writing this code, I've found that a restart of the Connection Acceptor would still cause
    all existing connections to be terminated. This is why a 'reload configuration' method was added.
    
    I've found that the old Certificate Event Listener methods were unuseful. They were pretty detailled, but
    all implementations used them in the same way: "reload everything". I've replaced those with one
    'something changed' event. Also, the event listeners are no longer triggered in various places in the code.
    Instead, the event listeners will now be triggered by the filesystem-based change of the keystore - the same
    event that's used to reload configuration when Let's Encrypt updates pop up.
    
    I've removed various bits of lengthy, unused code in the old CertificateManager (primarily code that
    interacts directly with KeyStores, as that caused timing issues during the reload).
    
    One functional change (that was marked as 'unsure why we do this' in code) is that after this commit, the
    content of the identity store is no longer merged with the content of the trust store, while determining if
    a particular end-entity certificate is to be trusted.
    2f5191f0
Name
Last commit
Last update
..
admin Loading commit data...
audit Loading commit data...
auth Loading commit data...
carbons Loading commit data...
cluster Loading commit data...
commands Loading commit data...
component Loading commit data...
container Loading commit data...
crowd Loading commit data...
disco Loading commit data...
entitycaps Loading commit data...
event Loading commit data...
filetransfer Loading commit data...
forms Loading commit data...
forward Loading commit data...
group Loading commit data...
handler Loading commit data...
http Loading commit data...
interceptor Loading commit data...
keystore Loading commit data...
launcher Loading commit data...
ldap Loading commit data...
lockout Loading commit data...
mediaproxy Loading commit data...
muc Loading commit data...
multiplex Loading commit data...
net Loading commit data...
nio Loading commit data...
pep Loading commit data...
privacy Loading commit data...
pubsub Loading commit data...
resultsetmanager Loading commit data...
roster Loading commit data...
sasl Loading commit data...
security Loading commit data...
server Loading commit data...
session Loading commit data...
spi Loading commit data...
starter Loading commit data...
stats Loading commit data...
streammanagement Loading commit data...
transport Loading commit data...
update Loading commit data...
user Loading commit data...
vcard Loading commit data...
webdav Loading commit data...
websocket Loading commit data...
Channel.java Loading commit data...
ChannelHandler.java Loading commit data...
ChannelNotFoundException.java Loading commit data...
Connection.java Loading commit data...
ConnectionCloseListener.java Loading commit data...
ConnectionManager.java Loading commit data...
FlashCrossDomainHandler.java Loading commit data...
IQHandlerInfo.java Loading commit data...
IQRouter.java Loading commit data...
JMXManager.java Loading commit data...
LocalSessionManager.java Loading commit data...
MessageRouter.java Loading commit data...
MulticastRouter.java Loading commit data...
OfflineMessage.java Loading commit data...
OfflineMessageListener.java Loading commit data...
OfflineMessageStore.java Loading commit data...
OfflineMessageStrategy.java Loading commit data...
PacketDeliverer.java Loading commit data...
PacketException.java Loading commit data...
PacketRouter.java Loading commit data...
PresenceManager.java Loading commit data...
PresenceRouter.java Loading commit data...
PrivateStorage.java Loading commit data...
RemoteConnectionFailedException.java Loading commit data...
RemotePacketRouter.java Loading commit data...
RoutableChannelHandler.java Loading commit data...
RoutingTable.java Loading commit data...
ServerPort.java Loading commit data...
SessionManager.java Loading commit data...
SessionNotFoundException.java Loading commit data...
SessionPacketRouter.java Loading commit data...
SessionResultFilter.java Loading commit data...
SharedGroupException.java Loading commit data...
StreamID.java Loading commit data...
StreamIDFactory.java Loading commit data...
XMPPContextListener.java Loading commit data...
XMPPServer.java Loading commit data...
XMPPServerInfo.java Loading commit data...
XMPPServerListener.java Loading commit data...