diff options
Diffstat (limited to 'java')
8 files changed, 70 insertions, 36 deletions
diff --git a/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java b/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java index bf3ef61ea1..c8e9805cd9 100644 --- a/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java +++ b/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java @@ -74,9 +74,9 @@ public class AppInfo appInfoMap.put("port", sc.getPorts().toString()); appInfoMap.put("version", QpidProperties.getReleaseVersion()); appInfoMap.put("vhosts", "standalone"); - appInfoMap.put("KeystorePath", sc.getKeystorePath()); + appInfoMap.put("KeystorePath", sc.getConnectorKeyStorePath()); appInfoMap.put("PluginDirectory", sc.getPluginDirectory()); - appInfoMap.put("CertType", sc.getCertType()); + appInfoMap.put("CertType", sc.getConnectorCertType()); appInfoMap.put("QpidWork", sc.getQpidWork()); appInfoMap.put("Bind", sc.getBind()); } diff --git a/java/broker/etc/config.xml b/java/broker/etc/config.xml index 2752274155..d18e1392e6 100644 --- a/java/broker/etc/config.xml +++ b/java/broker/etc/config.xml @@ -35,8 +35,8 @@ <enabled>false</enabled> <port>5671</port> <sslOnly>false</sslOnly> - <keystorePath>/path/to/keystore.ks</keystorePath> - <keystorePassword>keystorepass</keystorePassword> + <keyStorePath>/path/to/keystore.ks</keyStorePath> + <keyStorePassword>keystorepass</keyStorePassword> </ssl> <port>5672</port> <socketReceiveBuffer>262144</socketReceiveBuffer> diff --git a/java/broker/src/main/java/org/apache/qpid/server/Broker.java b/java/broker/src/main/java/org/apache/qpid/server/Broker.java index 5dfd841434..1632effaf0 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/Broker.java +++ b/java/broker/src/main/java/org/apache/qpid/server/Broker.java @@ -210,9 +210,9 @@ public class Broker if (serverConfig.getEnableSSL()) { - final String keystorePath = serverConfig.getKeystorePath(); - final String keystorePassword = serverConfig.getKeystorePassword(); - final String certType = serverConfig.getCertType(); + final String keystorePath = serverConfig.getConnectorKeyStorePath(); + final String keystorePassword = serverConfig.getConnectorKeyStorePassword(); + final String certType = serverConfig.getConnectorCertType(); final SSLContext sslContext = SSLContextFactory.buildServerContext(keystorePath, keystorePassword, certType); for(int sslPort : sslPorts) diff --git a/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java b/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java index 9ca916a633..70fa39c71d 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java +++ b/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java @@ -123,7 +123,7 @@ public class ServerConfiguration extends ConfigurationPlugin * Configuration Manager to be initialised in the Application Registry. * <p> * If using this ServerConfiguration via an ApplicationRegistry there is no - * need to explictly call {@link #initialise()} as this is done via the + * need to explicitly call {@link #initialise()} as this is done via the * {@link ApplicationRegistry#initialise()} method. * * @param configurationURL @@ -169,7 +169,7 @@ public class ServerConfiguration extends ConfigurationPlugin * Configuration Manager to be initialised in the Application Registry. * <p> * If using this ServerConfiguration via an ApplicationRegistry there is no - * need to explictly call {@link #initialise()} as this is done via the + * need to explicitly call {@link #initialise()} as this is done via the * {@link ApplicationRegistry#initialise()} method. * * @param conf @@ -239,6 +239,22 @@ public class ServerConfiguration extends ConfigurationPlugin + (_configFile == null ? "" : " Configuration file : " + _configFile); throw new ConfigurationException(message); } + + // QPID-3517: Inconsistency in capitalisation in the SSL configuration keys used within the connector and management configuration + // sections. For the moment, continue to understand both but generate a deprecated warning if the less preferred keystore is used. + for (String key : new String[] {"management.ssl.keystorePath", + "management.ssl.keystorePassword," + + "connector.ssl.keystorePath", + "connector.ssl.keystorePassword"}) + { + if (contains(key)) + { + final String deprecatedXpath = key.replaceAll("\\.", "/"); + final String preferredXpath = deprecatedXpath.replaceAll("keystore", "keyStore"); + _logger.warn("Validation warning: " + deprecatedXpath + " is deprecated and must be replaced by " + preferredXpath + + (_configFile == null ? "" : " Configuration file : " + _configFile)); + } + } } /* @@ -404,7 +420,7 @@ public class ServerConfiguration extends ConfigurationPlugin public final static Configuration flatConfig(File file) throws ConfigurationException { // We have to override the interpolate methods so that - // interpolation takes place accross the entirety of the + // interpolation takes place across the entirety of the // composite configuration. Without doing this each // configuration object only interpolates variables defined // inside itself. @@ -551,7 +567,8 @@ public class ServerConfiguration extends ConfigurationPlugin public String getManagementKeyStorePath() { - return getStringValue("management.ssl.keyStorePath"); + final String fallback = getStringValue("management.ssl.keystorePath"); + return getStringValue("management.ssl.keyStorePath", fallback); } public boolean getManagementSSLEnabled() @@ -561,7 +578,8 @@ public class ServerConfiguration extends ConfigurationPlugin public String getManagementKeyStorePassword() { - return getStringValue("management.ssl.keyStorePassword"); + final String fallback = getStringValue("management.ssl.keystorePassword"); + return getStringValue("management.ssl.keyStorePassword", fallback); } public boolean getQueueAutoRegister() @@ -699,17 +717,19 @@ public class ServerConfiguration extends ConfigurationPlugin return getListValue("connector.ssl.port", Collections.<Integer>singletonList(DEFAULT_SSL_PORT)); } - public String getKeystorePath() + public String getConnectorKeyStorePath() { - return getStringValue("connector.ssl.keystorePath"); + final String fallback = getStringValue("connector.ssl.keystorePath"); // pre-0.13 broker supported this name. + return getStringValue("connector.ssl.keyStorePath", fallback); } - public String getKeystorePassword() + public String getConnectorKeyStorePassword() { - return getStringValue("connector.ssl.keystorePassword"); + final String fallback = getStringValue("connector.ssl.keystorePassword"); // pre-0.13 brokers supported this name. + return getStringValue("connector.ssl.keyStorePassword", fallback); } - public String getCertType() + public String getConnectorCertType() { return getStringValue("connector.ssl.certType", "SunX509"); } diff --git a/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java b/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java index d368a2d1ee..d22f1e6e94 100644 --- a/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java +++ b/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java @@ -256,7 +256,7 @@ public class ServerConfigurationTest extends QpidTestCase assertEquals(false, _serverConfig.getManagementSSLEnabled()); } - public void testGetManagementKeyStorePassword() throws ConfigurationException + public void testGetManagementKeystorePassword() throws ConfigurationException { // Check default _serverConfig.initialise(); @@ -534,43 +534,57 @@ public class ServerConfigurationTest extends QpidTestCase assertEquals("10", _serverConfig.getSSLPorts().get(0)); } - public void testGetKeystorePath() throws ConfigurationException + public void testGetConnectorKeystorePath() throws ConfigurationException { // Check default _serverConfig.initialise(); - assertNull(_serverConfig.getKeystorePath()); + assertNull(_serverConfig.getConnectorKeyStorePath()); // Check value we set - _config.setProperty("connector.ssl.keystorePath", "a"); + _config.setProperty("connector.ssl.keyStorePath", "a"); _serverConfig = new ServerConfiguration(_config); _serverConfig.initialise(); - assertEquals("a", _serverConfig.getKeystorePath()); + assertEquals("a", _serverConfig.getConnectorKeyStorePath()); + + // Ensure we continue to support the old name keystorePath + _config.clearProperty("connector.ssl.keyStorePath"); + _config.setProperty("connector.ssl.keystorePath", "b"); + _serverConfig = new ServerConfiguration(_config); + _serverConfig.initialise(); + assertEquals("b", _serverConfig.getConnectorKeyStorePath()); } - public void testGetKeystorePassword() throws ConfigurationException + public void testGetConnectorKeystorePassword() throws ConfigurationException { // Check default _serverConfig.initialise(); - assertNull(_serverConfig.getKeystorePassword()); + assertNull(_serverConfig.getConnectorKeyStorePassword()); // Check value we set - _config.setProperty("connector.ssl.keystorePassword", "a"); + _config.setProperty("connector.ssl.keyStorePassword", "a"); + _serverConfig = new ServerConfiguration(_config); + _serverConfig.initialise(); + assertEquals("a", _serverConfig.getConnectorKeyStorePassword()); + + // Ensure we continue to support the old name keystorePassword + _config.clearProperty("connector.ssl.keyStorePassword"); + _config.setProperty("connector.ssl.keystorePassword", "b"); _serverConfig = new ServerConfiguration(_config); _serverConfig.initialise(); - assertEquals("a", _serverConfig.getKeystorePassword()); + assertEquals("b", _serverConfig.getConnectorKeyStorePassword()); } - public void testGetCertType() throws ConfigurationException + public void testGetConnectorCertType() throws ConfigurationException { // Check default _serverConfig.initialise(); - assertEquals("SunX509", _serverConfig.getCertType()); + assertEquals("SunX509", _serverConfig.getConnectorCertType()); // Check value we set _config.setProperty("connector.ssl.certType", "a"); _serverConfig = new ServerConfiguration(_config); _serverConfig.initialise(); - assertEquals("a", _serverConfig.getCertType()); + assertEquals("a", _serverConfig.getConnectorCertType()); } public void testGetUseBiasedWrites() throws ConfigurationException diff --git a/java/systests/etc/config-systests-firewall-2.xml b/java/systests/etc/config-systests-firewall-2.xml index 2549a7e6c4..a9fd86b8e5 100644 --- a/java/systests/etc/config-systests-firewall-2.xml +++ b/java/systests/etc/config-systests-firewall-2.xml @@ -32,8 +32,8 @@ <ssl> <enabled>false</enabled> <sslOnly>false</sslOnly> - <keystorePath>/path/to/keystore.ks</keystorePath> - <keystorePassword>keystorepass</keystorePassword> + <keyStorePath>/path/to/keystore.ks</keyStorePath> + <keyStorePassword>keystorepass</keyStorePassword> </ssl> <port>5672</port> <sslport>8672</sslport> diff --git a/java/systests/etc/config-systests-firewall-3.xml b/java/systests/etc/config-systests-firewall-3.xml index 0cafb6d70a..f0f3423f43 100644 --- a/java/systests/etc/config-systests-firewall-3.xml +++ b/java/systests/etc/config-systests-firewall-3.xml @@ -28,12 +28,12 @@ <connector> <!-- To enable SSL edit the keystorePath and keystorePassword and set enabled to true. - To disasble Non-SSL port set sslOnly to true --> + To disable Non-SSL port set sslOnly to true --> <ssl> <enabled>false</enabled> <sslOnly>false</sslOnly> - <keystorePath>/path/to/keystore.ks</keystorePath> - <keystorePassword>keystorepass</keystorePassword> + <keyStorePath>/path/to/keystore.ks</keyStorePath> + <keyStorePassword>keystorepass</keyStorePassword> </ssl> <port>5672</port> <sslport>8672</sslport> diff --git a/java/systests/etc/config-systests-settings.xml b/java/systests/etc/config-systests-settings.xml index 5ed208bfe7..88533400d3 100644 --- a/java/systests/etc/config-systests-settings.xml +++ b/java/systests/etc/config-systests-settings.xml @@ -25,8 +25,8 @@ <port>15671</port> <enabled>false</enabled> <sslOnly>false</sslOnly> - <keystorePath>${QPID_HOME}/../test-profiles/test_resources/ssl/java_broker_keystore.jks</keystorePath> - <keystorePassword>password</keystorePassword> + <keyStorePath>${QPID_HOME}/../test-profiles/test_resources/ssl/java_broker_keystore.jks</keyStorePath> + <keyStorePassword>password</keyStorePassword> </ssl> </connector> <management> |