powered by Jive Software

Minor bug in SSLConfig.java

(Sorry, I had trouble with the bugtracker)

While tracking down a problem with paths during setting up a temporary SSL key, I was a bit frustrated about the dearth of debug information coming from SSLConfig.java. I increased the amount of dumped information, and did find two minor bugs in the path names for ‘‘keystore’’ and ‘‘truststore’’.

On the calls to

keyStoreLocation = JiveGlobals.getProperty(“xmpp.socket.ssl.keystore”,“blah”)

and

trustStoreLocation = JiveGlobals.getProperty(“xmpp.socket.ssl.truststore”,“blah”)

the defaults have JiveGlobals.getMessengerHome() prepended to them (as specified in the docs), while the fetched values do not.

The following lines fix this, and provide more debug info:

(I hope I don’'t lose the formatting)

================== Line 42:


static {

String algorithm = JiveGlobals.getProperty("xmpp.socket.ssl.algorithm", "TLS");

String storeType = JiveGlobals.getProperty("xmpp.socket.ssl.storeType", "jks");

// Get the keystore location. The default location is security/keystore

keyStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.keystore",

"resources" + File.separator +

"security"  + File.separator +

"keystore");

keyStoreLocation = JiveGlobals.getMessengerHome() +

File.separator +

keyStoreLocation;

// Get the keystore password. The default password is "changeit".

keypass = JiveGlobals.getProperty("xmpp.socket.ssl.keypass", "changeit");

keypass = keypass.trim();

// Get the truststore location; default at security/truststore

trustStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.truststore",

"resources" + File.separator +

"security"  + File.separator +

"truststore");

trustStoreLocation = JiveGlobals.getMessengerHome() +

File.separator +

trustStoreLocation;

// Get the truststore passwprd; default is "changeit".

trustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass", "changeit");

trustpass = trustpass.trim();

try {

keyStore = KeyStore.getInstance(storeType);

keyStore.load(new FileInputStream(keyStoreLocation), keypass.toCharArray());

trustStore = KeyStore.getInstance(storeType);

trustStore.load(new FileInputStream(trustStoreLocation), trustpass.toCharArray());

sslFactory = (SSLJiveServerSocketFactory)

SSLJiveServerSocketFactory.getInstance(algorithm,

keyStore, trustStore);

}

catch (Exception e) {

Log.error("SSLConfig startup problem.\n"            +

"storeType:["          +storeType         + "]\n" +

"keyStoreLocation:["   +keyStoreLocation  + "]\n" +

"keypass:["            +keypass           + "]\n" +

"trustStoreLocation:[" *trustStoreLocation* "]\n" +

"trustpass:["          +trustpass         + "]\n" +

"Exception:["          +e                 + "]\n"

);

keyStore = null;

trustStore = null;

sslFactory = null;

}

}

Oh. Almost forgot.

It looks like the xmpp.socket.ssl.* settings in the config file, as described by the docs, are not read at input time. Are the docs, or the way it is working, correct?

Anyway, thanks a bunch. Cool software, BTW.

Bob (ishmal)

Thanks for the bug report and patch – these look like good changes. I’'ll file an issue to incorporate your changes in the 2.0.2 release.

Best Regards,

Matt