From 6a2a1b9ee7bd0f5c72cdd09f1c5f6003ba03609a Mon Sep 17 00:00:00 2001
From: Jean-Noël Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Tue, 15 Nov 2016 09:57:27 +0000
Subject: [PATCH] Code cleanups related to SSL usage

---
 opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java                                      |   40 ++++++++++++++++++++--------------------
 opendj-server-legacy/src/main/java/org/opends/server/protocols/http/authz/HttpOAuth2AuthorizationMechanism.java |    4 ++--
 opendj-server-legacy/src/main/java/org/opends/server/protocols/http/HTTPConnectionHandler.java                  |    2 +-
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java b/opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java
index fbacf49..11255d8 100644
--- a/opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java
+++ b/opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java
@@ -99,29 +99,29 @@
      *             missing algorithms.
      */
     public SSLContext getSSLContext() throws GeneralSecurityException {
-        TrustManager[] tm = null;
-        if (trustManager != null) {
-            tm = new TrustManager[] { trustManager };
-        }
-
-        KeyManager[] km = null;
-        if (keyManager != null) {
-            km = new KeyManager[]{keyManager};
-        }
-
-        SSLContext sslContext;
-        if (provider != null) {
-            sslContext = SSLContext.getInstance(protocol, provider);
-        } else if (providerName != null) {
-            sslContext = SSLContext.getInstance(protocol, providerName);
-        } else {
-            sslContext = SSLContext.getInstance(protocol);
-        }
-        sslContext.init(km, tm, random);
-
+        SSLContext sslContext = getInstance();
+        sslContext.init(getKeyManagers(), getTrustManagers(), random);
         return sslContext;
     }
 
+    private SSLContext getInstance() throws GeneralSecurityException {
+        if (provider != null) {
+            return SSLContext.getInstance(protocol, provider);
+        } else if (providerName != null) {
+            return SSLContext.getInstance(protocol, providerName);
+        } else {
+            return SSLContext.getInstance(protocol);
+        }
+    }
+
+    private KeyManager[] getKeyManagers() {
+        return keyManager != null ? new KeyManager[] { keyManager } : null;
+    }
+
+    private TrustManager[] getTrustManagers() {
+        return trustManager != null ? new TrustManager[] { trustManager } : null;
+    }
+
     /**
      * Sets the key manager which the SSL context should use. By default, the JVM's key manager is used.
      *
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/HTTPConnectionHandler.java b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/HTTPConnectionHandler.java
index a50fc4d..e6495c3 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/HTTPConnectionHandler.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/HTTPConnectionHandler.java
@@ -887,7 +887,7 @@
         logger.warn(INFO_DISABLE_CONNECTION, friendlyName);
         enabled = false;
       }
-      keyManagers = SelectableCertificateKeyManager.wrap(keyManagerProvider.getKeyManagers(), aliases);
+      keyManagers = SelectableCertificateKeyManager.wrap(keyManagerProvider.getKeyManagers(), aliases, friendlyName);
     }
 
     DN trustMgrDN = config.getTrustManagerProviderDN();
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/authz/HttpOAuth2AuthorizationMechanism.java b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/authz/HttpOAuth2AuthorizationMechanism.java
index 72c7bf0..dfd8705 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/authz/HttpOAuth2AuthorizationMechanism.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/protocols/http/authz/HttpOAuth2AuthorizationMechanism.java
@@ -113,20 +113,20 @@
 
   static Options toHttpOptions(DN trustManagerDN, DN keyManagerDN) throws ConfigException
   {
-    final Options options = Options.defaultOptions();
     try
     {
+      final Options options = Options.defaultOptions();
       options.set(OPTION_TRUST_MANAGERS, trustManagerDN != null
           ? getTrustManagerProvider(trustManagerDN).getTrustManagers() : null);
       options.set(OPTION_KEY_MANAGERS, keyManagerDN != null
           ? getKeyManagerProvider(keyManagerDN).getKeyManagers() : null);
       options.set(OPTION_SSL_CIPHER_SUITES, new ArrayList<>(getCryptoManager().getSslCipherSuites()));
       options.set(OPTION_SSL_ENABLED_PROTOCOLS, new ArrayList<>(getCryptoManager().getSslProtocols()));
+      return options;
     }
     catch (DirectoryException e)
     {
       throw new ConfigException(e.getMessageObject(), e);
     }
-    return options;
   }
 }

--
Gitblit v1.10.0