THRIFT-4337: Able to set keyStore and trustStore as InputStream in the
TSSLTransportFactory.TSSLTransportParameters
Client: java
This closes #1486
diff --git a/lib/java/src/org/apache/thrift/transport/TSSLTransportFactory.java b/lib/java/src/org/apache/thrift/transport/TSSLTransportFactory.java
index 9c60ed1..14b49e9 100644
--- a/lib/java/src/org/apache/thrift/transport/TSSLTransportFactory.java
+++ b/lib/java/src/org/apache/thrift/transport/TSSLTransportFactory.java
@@ -186,7 +186,11 @@
if (params.isTrustStoreSet) {
tmf = TrustManagerFactory.getInstance(params.trustManagerType);
KeyStore ts = KeyStore.getInstance(params.trustStoreType);
- in = getStoreAsStream(params.trustStore);
+ if (params.trustStoreStream != null) {
+ in = params.trustStoreStream;
+ } else {
+ in = getStoreAsStream(params.trustStore);
+ }
ts.load(in,
(params.trustPass != null ? params.trustPass.toCharArray() : null));
tmf.init(ts);
@@ -195,7 +199,11 @@
if (params.isKeyStoreSet) {
kmf = KeyManagerFactory.getInstance(params.keyManagerType);
KeyStore ks = KeyStore.getInstance(params.keyStoreType);
- is = getStoreAsStream(params.keyStore);
+ if (params.keyStoreStream != null) {
+ is = params.keyStoreStream;
+ } else {
+ is = getStoreAsStream(params.keyStore);
+ }
ks.load(is, params.keyPass.toCharArray());
kmf.init(ks, params.keyPass.toCharArray());
}
@@ -273,10 +281,12 @@
public static class TSSLTransportParameters {
protected String protocol = "TLS";
protected String keyStore;
+ protected InputStream keyStoreStream;
protected String keyPass;
protected String keyManagerType = KeyManagerFactory.getDefaultAlgorithm();
protected String keyStoreType = "JKS";
protected String trustStore;
+ protected InputStream trustStoreStream;
protected String trustPass;
protected String trustManagerType = TrustManagerFactory.getDefaultAlgorithm();
protected String trustStoreType = "JKS";
@@ -332,7 +342,20 @@
}
isKeyStoreSet = true;
}
-
+
+ /**
+ * Set the keystore, password, certificate type and the store type
+ *
+ * @param keyStoreStream Keystore content input stream
+ * @param keyPass Keystore password
+ * @param keyManagerType The default is X509
+ * @param keyStoreType The default is JKS
+ */
+ public void setKeyStore(InputStream keyStoreStream, String keyPass, String keyManagerType, String keyStoreType) {
+ this.keyStoreStream = keyStoreStream;
+ setKeyStore("", keyPass, keyManagerType, keyStoreType);
+ }
+
/**
* Set the keystore and password
*
@@ -342,7 +365,17 @@
public void setKeyStore(String keyStore, String keyPass) {
setKeyStore(keyStore, keyPass, null, null);
}
-
+
+ /**
+ * Set the keystore and password
+ *
+ * @param keyStore Keystore content input stream
+ * @param keyPass Keystore password
+ */
+ public void setKeyStore(InputStream keyStoreStream, String keyPass) {
+ setKeyStore(keyStoreStream, keyPass, null, null);
+ }
+
/**
* Set the truststore, password, certificate type and the store type
*
@@ -362,6 +395,19 @@
}
isTrustStoreSet = true;
}
+
+ /**
+ * Set the truststore, password, certificate type and the store type
+ *
+ * @param trustStoreStream Truststore content input stream
+ * @param trustPass Truststore password
+ * @param trustManagerType The default is X509
+ * @param trustStoreType The default is JKS
+ */
+ public void setTrustStore(InputStream trustStoreStream, String trustPass, String trustManagerType, String trustStoreType) {
+ this.trustStoreStream = trustStoreStream;
+ setTrustStore("", trustPass, trustManagerType, trustStoreType);
+ }
/**
* Set the truststore and password
@@ -372,6 +418,16 @@
public void setTrustStore(String trustStore, String trustPass) {
setTrustStore(trustStore, trustPass, null, null);
}
+
+ /**
+ * Set the truststore and password
+ *
+ * @param trustStore Truststore content input stream
+ * @param trustPass Truststore password
+ */
+ public void setTrustStore(InputStream trustStoreStream, String trustPass) {
+ setTrustStore(trustStoreStream, trustPass, null, null);
+ }
/**
* Set if client authentication is required
@@ -380,6 +436,6 @@
*/
public void requireClientAuth(boolean clientAuth) {
this.clientAuth = clientAuth;
- }
- }
+ }
+ }
}
diff --git a/lib/java/test/org/apache/thrift/Fixtures.java b/lib/java/test/org/apache/thrift/Fixtures.java
index 9f28124..81671d8 100644
--- a/lib/java/test/org/apache/thrift/Fixtures.java
+++ b/lib/java/test/org/apache/thrift/Fixtures.java
@@ -277,7 +277,7 @@
nesting = new Nesting(bonk, oneOfEach);
holyMoley = new HolyMoley();
- ArrayList big = new ArrayList<OneOfEach>();
+ List<OneOfEach> big = new ArrayList<OneOfEach>();
big.add(new OneOfEach(oneOfEach));
big.add(nesting.my_ooe);
holyMoley.setBig(big);
diff --git a/lib/java/test/org/apache/thrift/TestReuse.java b/lib/java/test/org/apache/thrift/TestReuse.java
index db16c74..b44abd0 100644
--- a/lib/java/test/org/apache/thrift/TestReuse.java
+++ b/lib/java/test/org/apache/thrift/TestReuse.java
@@ -21,10 +21,7 @@
import java.util.HashSet;
-import junit.framework.TestCase;
-
import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.protocol.TType;
import thrift.test.Reuse;
diff --git a/lib/java/test/org/apache/thrift/protocol/TestTProtocolUtil.java b/lib/java/test/org/apache/thrift/protocol/TestTProtocolUtil.java
index 199c707..89cf536 100644
--- a/lib/java/test/org/apache/thrift/protocol/TestTProtocolUtil.java
+++ b/lib/java/test/org/apache/thrift/protocol/TestTProtocolUtil.java
@@ -18,24 +18,10 @@
*/
package org.apache.thrift.protocol;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import java.util.List;
-
import junit.framework.TestCase;
-import org.apache.thrift.Fixtures;
-import org.apache.thrift.TBase;
-import org.apache.thrift.TDeserializer;
-import org.apache.thrift.TException;
import org.apache.thrift.TSerializer;
-import org.apache.thrift.transport.TMemoryBuffer;
-import thrift.test.CompactProtoTestStruct;
-import thrift.test.HolyMoley;
-import thrift.test.Nesting;
-import thrift.test.OneOfEach;
-import thrift.test.Srv;
import thrift.test.GuessProtocolStruct;
public class TestTProtocolUtil extends TestCase {
diff --git a/lib/java/test/org/apache/thrift/server/ServerTestBase.java b/lib/java/test/org/apache/thrift/server/ServerTestBase.java
index e245963..1dee22d 100644
--- a/lib/java/test/org/apache/thrift/server/ServerTestBase.java
+++ b/lib/java/test/org/apache/thrift/server/ServerTestBase.java
@@ -267,7 +267,7 @@
System.out.println("testOneway(" + Integer.toString(sleepFor) +
") => sleeping...");
try {
- Thread.sleep(sleepFor * 1000);
+ Thread.sleep(sleepFor * SLEEP_DELAY);
System.out.println("Done sleeping!");
} catch (InterruptedException ie) {
throw new RuntimeException(ie);
@@ -282,6 +282,7 @@
public static final String HOST = "localhost";
public static final int PORT = Integer.valueOf(
System.getProperty("test.port", "9090"));
+ protected static final int SLEEP_DELAY = 1000;
protected static final int SOCKET_TIMEOUT = 1500;
private static final Xtruct XSTRUCT = new Xtruct("Zero", (byte) 1, -3, -5);
private static final Xtruct2 XSTRUCT2 = new Xtruct2((byte)1, XSTRUCT, 5);
@@ -388,7 +389,7 @@
public void testIt() throws Exception {
for (TProtocolFactory protoFactory : getProtocols()) {
- TProcessor processor = useAsyncProcessor() ? new ThriftTest.AsyncProcessor(new AsyncTestHandler()) : new ThriftTest.Processor(new TestHandler());
+ TProcessor processor = useAsyncProcessor() ? new ThriftTest.AsyncProcessor<AsyncTestHandler>(new AsyncTestHandler()) : new ThriftTest.Processor<TestHandler>(new TestHandler());
startServer(processor, protoFactory);
@@ -537,7 +538,7 @@
public void testTransportFactory() throws Exception {
for (TProtocolFactory protoFactory : getProtocols()) {
TestHandler handler = new TestHandler();
- ThriftTest.Processor processor = new ThriftTest.Processor(handler);
+ ThriftTest.Processor<TestHandler> processor = new ThriftTest.Processor<TestHandler>(handler);
final CallCountingTransportFactory factory = new CallCountingTransportFactory(new TFramedTransport.Factory());
diff --git a/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactory.java b/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactory.java
index 478407a..032c2eb 100644
--- a/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactory.java
+++ b/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactory.java
@@ -45,6 +45,10 @@
throws Exception {
return TSSLTransportFactory.getClientSocket(HOST, PORT);
}
+
+ protected TServerSocket getServerTransport() throws Exception {
+ return TSSLTransportFactory.getServerSocket(PORT);
+ }
@Override
public void startServer(final TProcessor processor, final TProtocolFactory protoFactory, final TTransportFactory factory)
@@ -52,11 +56,11 @@
serverThread = new Thread() {
public void run() {
try {
- TServerTransport serverTransport = TSSLTransportFactory.getServerSocket(PORT);
+ TServerTransport serverTransport = getServerTransport();
final Args args = new Args(serverTransport).processor(processor);
server = new TSimpleServer(args);
server.serve();
- } catch (TTransportException e) {
+ } catch (Exception e) {
e.printStackTrace();
assert false;
}
@@ -64,7 +68,7 @@
};
serverThread.start();
- Thread.sleep(1000);
+ Thread.sleep(SLEEP_DELAY);
}
@Override
diff --git a/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactoryStreamedStore.java b/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactoryStreamedStore.java
new file mode 100644
index 0000000..25bf5ce
--- /dev/null
+++ b/lib/java/test/org/apache/thrift/transport/TestTSSLTransportFactoryStreamedStore.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.thrift.transport;
+
+import java.io.FileInputStream;
+import java.net.InetAddress;
+
+public class TestTSSLTransportFactoryStreamedStore extends TestTSSLTransportFactory {
+ private static String keyStoreLocation = System.getProperty("javax.net.ssl.keyStore");
+ private static String trustStoreLocation = System.getProperty("javax.net.ssl.trustStore");
+
+ public TestTSSLTransportFactoryStreamedStore() {
+ super();
+
+ /**
+ * Override system properties to be able to test passing
+ * the trustStore and keyStore as input stream
+ */
+ System.setProperty("javax.net.ssl.trustStore", "");
+ System.setProperty("javax.net.ssl.keyStore", "");
+ }
+
+ @Override
+ public TTransport getClientTransport(TTransport underlyingTransport)
+ throws Exception {
+ TSSLTransportFactory.TSSLTransportParameters params = new
+ TSSLTransportFactory.TSSLTransportParameters();
+
+ params.setTrustStore(new FileInputStream(trustStoreLocation),
+ System.getProperty("javax.net.ssl.trustStorePassword"));
+
+ return TSSLTransportFactory.getClientSocket(HOST, PORT, 0/*timeout*/, params);
+ }
+
+ @Override
+ protected TServerSocket getServerTransport() throws Exception {
+ TSSLTransportFactory.TSSLTransportParameters params = new
+ TSSLTransportFactory.TSSLTransportParameters();
+
+ params.setKeyStore(new FileInputStream(keyStoreLocation),
+ System.getProperty("javax.net.ssl.keyStorePassword"));
+
+ return TSSLTransportFactory.getServerSocket(PORT, 0/*timeout*/, InetAddress.getByName(HOST), params);
+ }
+}
\ No newline at end of file