mirror of https://github.com/rusefi/rusefi-1.git
jenkins has issues opening certificate :(
This commit is contained in:
parent
45066e2b57
commit
09d89c8c3f
|
@ -16,5 +16,6 @@
|
||||||
<orderEntry type="library" exported="" name="annotations" level="project" />
|
<orderEntry type="library" exported="" name="annotations" level="project" />
|
||||||
<orderEntry type="module" module-name="inifile" exported="" />
|
<orderEntry type="module" module-name="inifile" exported="" />
|
||||||
<orderEntry type="library" exported="" name="javax.json" level="project" />
|
<orderEntry type="library" exported="" name="javax.json" level="project" />
|
||||||
|
<orderEntry type="module" module-name="proxy_server" />
|
||||||
</component>
|
</component>
|
||||||
</module>
|
</module>
|
|
@ -7,8 +7,8 @@ import com.rusefi.binaryprotocol.*;
|
||||||
import com.rusefi.config.generated.Fields;
|
import com.rusefi.config.generated.Fields;
|
||||||
import com.rusefi.io.LinkManager;
|
import com.rusefi.io.LinkManager;
|
||||||
import com.rusefi.io.commands.HelloCommand;
|
import com.rusefi.io.commands.HelloCommand;
|
||||||
|
import com.rusefi.server.rusEFISSLContext;
|
||||||
|
|
||||||
import javax.net.ssl.SSLServerSocketFactory;
|
|
||||||
import java.io.*;
|
import java.io.*;
|
||||||
import java.net.ServerSocket;
|
import java.net.ServerSocket;
|
||||||
import java.net.Socket;
|
import java.net.Socket;
|
||||||
|
@ -18,7 +18,8 @@ import java.util.concurrent.atomic.AtomicInteger;
|
||||||
import java.util.function.Function;
|
import java.util.function.Function;
|
||||||
|
|
||||||
import static com.rusefi.binaryprotocol.IoHelper.swap16;
|
import static com.rusefi.binaryprotocol.IoHelper.swap16;
|
||||||
import static com.rusefi.config.generated.Fields.*;
|
import static com.rusefi.config.generated.Fields.TS_PROTOCOL;
|
||||||
|
import static com.rusefi.config.generated.Fields.TS_RESPONSE_BURN_OK;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This class makes rusEfi console a proxy for other tuning software, this way we can have two tools connected via same
|
* This class makes rusEfi console a proxy for other tuning software, this way we can have two tools connected via same
|
||||||
|
@ -35,13 +36,7 @@ public class BinaryProtocolServer implements BinaryProtocolCommands {
|
||||||
|
|
||||||
public AtomicInteger unknownCommands = new AtomicInteger();
|
public AtomicInteger unknownCommands = new AtomicInteger();
|
||||||
|
|
||||||
public static final Function<Integer, ServerSocket> SECURE_SOCKET_FACTORY = port -> {
|
public static final Function<Integer, ServerSocket> SECURE_SOCKET_FACTORY = rusEFISSLContext::getSSLServerSocket;
|
||||||
try {
|
|
||||||
return SSLServerSocketFactory.getDefault().createServerSocket(port);
|
|
||||||
} catch (IOException e) {
|
|
||||||
throw new IllegalStateException("Error binding secure server socket " + port, e);
|
|
||||||
}
|
|
||||||
};
|
|
||||||
|
|
||||||
public static final Function<Integer, ServerSocket> PLAIN_SOCKET_FACTORY = port -> {
|
public static final Function<Integer, ServerSocket> PLAIN_SOCKET_FACTORY = port -> {
|
||||||
try {
|
try {
|
||||||
|
|
|
@ -0,0 +1,108 @@
|
||||||
|
package com.rusefi.server;
|
||||||
|
|
||||||
|
import javax.net.ssl.*;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.net.MalformedURLException;
|
||||||
|
import java.net.ServerSocket;
|
||||||
|
import java.net.Socket;
|
||||||
|
import java.security.KeyStore;
|
||||||
|
import java.security.cert.X509Certificate;
|
||||||
|
|
||||||
|
public class rusEFISSLContext {
|
||||||
|
private static final String TLS = "TLS";
|
||||||
|
// private static KeyStore key;
|
||||||
|
|
||||||
|
// todo: one day once rusEFI has a proper commercial certificate this should be removed
|
||||||
|
private static TrustManager[] trustAllCerts = new TrustManager[]{
|
||||||
|
new X509TrustManager() {
|
||||||
|
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
|
||||||
|
return new X509Certificate[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
public void checkClientTrusted(
|
||||||
|
java.security.cert.X509Certificate[] certs, String authType) {
|
||||||
|
}
|
||||||
|
|
||||||
|
public void checkServerTrusted(
|
||||||
|
java.security.cert.X509Certificate[] certs, String authType) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
public static void init(String fileName, String password) throws MalformedURLException {
|
||||||
|
// system property setup does not work under Jenkins?
|
||||||
|
Backend.setupCertificates(new File(fileName), password);
|
||||||
|
|
||||||
|
//key = getFromPath(fileName, "PKCS12", password);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static ServerSocket getSSLServerSocket(int port) {
|
||||||
|
try {
|
||||||
|
return SSLServerSocketFactory.getDefault().createServerSocket(port);
|
||||||
|
} catch (IOException e) {
|
||||||
|
throw new IllegalStateException("Error binding secure server socket " + port, e);
|
||||||
|
}
|
||||||
|
// try {
|
||||||
|
// return getSSLServerSocketFactory(key, TLS).createServerSocket(port);
|
||||||
|
// } catch (Exception e) {
|
||||||
|
// throw new IllegalStateException(e);
|
||||||
|
// }
|
||||||
|
}
|
||||||
|
|
||||||
|
public static Socket getSSLSocket(String host, int port) {
|
||||||
|
try {
|
||||||
|
return getSSLSocketFactory(null /*key*/, TLS).createSocket(host, port);
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new IllegalStateException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
private static SSLServerSocketFactory getSSLServerSocketFactory(KeyStore trustKey, String sslAlgorithm) {
|
||||||
|
try {
|
||||||
|
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
|
||||||
|
tmf.init(trustKey);
|
||||||
|
|
||||||
|
SSLContext context = SSLContext.getInstance(sslAlgorithm);
|
||||||
|
context.init(null, tmf.getTrustManagers(), null);
|
||||||
|
|
||||||
|
return context.getServerSocketFactory();
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new IllegalStateException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
private static SSLSocketFactory getSSLSocketFactory(KeyStore trustKey, String sslAlgorithm) {
|
||||||
|
try {
|
||||||
|
// TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
|
||||||
|
// tmf.init(trustKey);
|
||||||
|
|
||||||
|
SSLContext context = SSLContext.getInstance(sslAlgorithm);
|
||||||
|
context.init(null, trustAllCerts/*tmf.getTrustManagers()*/, null);
|
||||||
|
|
||||||
|
return context.getSocketFactory();
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new IllegalStateException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
private static KeyStore getFromPath(String path, String algorithm, String filePassword) {
|
||||||
|
try {
|
||||||
|
File f = new File(path);
|
||||||
|
|
||||||
|
if (!f.exists())
|
||||||
|
throw new RuntimeException("File not found: " + path);
|
||||||
|
|
||||||
|
FileInputStream keyFile = new FileInputStream(f);
|
||||||
|
KeyStore keystore = KeyStore.getInstance(algorithm);
|
||||||
|
keystore.load(keyFile, filePassword.toCharArray());
|
||||||
|
keyFile.close();
|
||||||
|
|
||||||
|
return keystore;
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new IllegalStateException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
|
@ -15,7 +15,6 @@ import com.rusefi.tools.online.ProxyClient;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
|
||||||
import java.io.File;
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.net.MalformedURLException;
|
import java.net.MalformedURLException;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -43,8 +42,7 @@ public class ServerTest {
|
||||||
public void setTestCertificate() throws MalformedURLException {
|
public void setTestCertificate() throws MalformedURLException {
|
||||||
NetworkConnector.RUSEFI_PROXY_HOSTNAME = ProxyClient.LOCALHOST;
|
NetworkConnector.RUSEFI_PROXY_HOSTNAME = ProxyClient.LOCALHOST;
|
||||||
|
|
||||||
File certificate = new File("certificate/test_pkcs12.jks");
|
rusEFISSLContext.init("certificate/test_pkcs12.jks", "password");
|
||||||
Backend.setupCertificates(certificate, "password");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
@ -7,6 +7,7 @@ import com.rusefi.io.tcp.BinaryProtocolProxy;
|
||||||
import com.rusefi.io.tcp.TcpIoStream;
|
import com.rusefi.io.tcp.TcpIoStream;
|
||||||
import com.rusefi.proxy.NetworkConnector;
|
import com.rusefi.proxy.NetworkConnector;
|
||||||
import com.rusefi.server.ApplicationRequest;
|
import com.rusefi.server.ApplicationRequest;
|
||||||
|
import com.rusefi.server.rusEFISSLContext;
|
||||||
|
|
||||||
import javax.net.ssl.SSLSocketFactory;
|
import javax.net.ssl.SSLSocketFactory;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
@ -26,7 +27,7 @@ public class LocalApplicationProxy {
|
||||||
* @param authenticatorPort local port we would bind for TunerStudio to connect to
|
* @param authenticatorPort local port we would bind for TunerStudio to connect to
|
||||||
*/
|
*/
|
||||||
static void startAndRun(Logger logger, int serverPortForRemoteUsers, ApplicationRequest applicationRequest, int authenticatorPort) throws IOException {
|
static void startAndRun(Logger logger, int serverPortForRemoteUsers, ApplicationRequest applicationRequest, int authenticatorPort) throws IOException {
|
||||||
IoStream authenticatorToProxyStream = new TcpIoStream(logger, SSLSocketFactory.getDefault().createSocket(NetworkConnector.RUSEFI_PROXY_HOSTNAME, serverPortForRemoteUsers));
|
IoStream authenticatorToProxyStream = new TcpIoStream(logger, rusEFISSLContext.getSSLSocket(NetworkConnector.RUSEFI_PROXY_HOSTNAME, serverPortForRemoteUsers));
|
||||||
LocalApplicationProxy localApplicationProxy = new LocalApplicationProxy(logger, applicationRequest);
|
LocalApplicationProxy localApplicationProxy = new LocalApplicationProxy(logger, applicationRequest);
|
||||||
localApplicationProxy.run(authenticatorToProxyStream);
|
localApplicationProxy.run(authenticatorToProxyStream);
|
||||||
|
|
||||||
|
|
|
@ -5,12 +5,11 @@ import com.rusefi.io.IoStream;
|
||||||
import com.rusefi.io.commands.HelloCommand;
|
import com.rusefi.io.commands.HelloCommand;
|
||||||
import com.rusefi.io.tcp.BinaryProtocolServer;
|
import com.rusefi.io.tcp.BinaryProtocolServer;
|
||||||
import com.rusefi.io.tcp.TcpIoStream;
|
import com.rusefi.io.tcp.TcpIoStream;
|
||||||
import com.rusefi.proxy.BaseBroadcastingThread;
|
|
||||||
import com.rusefi.server.ControllerInfo;
|
import com.rusefi.server.ControllerInfo;
|
||||||
import com.rusefi.server.SessionDetails;
|
import com.rusefi.server.SessionDetails;
|
||||||
|
import com.rusefi.server.rusEFISSLContext;
|
||||||
import org.jetbrains.annotations.NotNull;
|
import org.jetbrains.annotations.NotNull;
|
||||||
|
|
||||||
import javax.net.ssl.SSLSocketFactory;
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -29,7 +28,7 @@ public class NetworkConnector {
|
||||||
|
|
||||||
SessionDetails deviceSessionDetails = new SessionDetails(ci, authToken, SessionDetails.createOneTimeCode());
|
SessionDetails deviceSessionDetails = new SessionDetails(ci, authToken, SessionDetails.createOneTimeCode());
|
||||||
|
|
||||||
BaseBroadcastingThread baseBroadcastingThread = new BaseBroadcastingThread(SSLSocketFactory.getDefault().createSocket(RUSEFI_PROXY_HOSTNAME, serverPortForControllers),
|
BaseBroadcastingThread baseBroadcastingThread = new BaseBroadcastingThread(rusEFISSLContext.getSSLSocket(RUSEFI_PROXY_HOSTNAME, serverPortForControllers),
|
||||||
deviceSessionDetails,
|
deviceSessionDetails,
|
||||||
logger) {
|
logger) {
|
||||||
@Override
|
@Override
|
||||||
|
|
Loading…
Reference in New Issue