From 942124d7038c11d0a4c292e02e8a4899b351fd91 Mon Sep 17 00:00:00 2001
From: Violette Roche-Montane <violette.roche-montane@forgerock.com>
Date: Wed, 05 Mar 2014 15:02:26 +0000
Subject: [PATCH] Minor code cleanup.
---
opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java | 84 ++++++++++------------------
opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java | 60 ++++++-------------
2 files changed, 49 insertions(+), 95 deletions(-)
diff --git a/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java b/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java
index d634277..9072efc 100644
--- a/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java
+++ b/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationKeyManager.java
@@ -59,7 +59,7 @@
* it cannot be retrieved this class will only accept the certificates
* explicitly accepted by the user (and specified by calling acceptCertificate).
*
- * NOTE: this class is not aimed to be used when we have connections in paralel.
+ * NOTE: this class is not aimed to be used when we have connections in parallel.
*/
public class ApplicationKeyManager implements X509KeyManager
{
@@ -86,28 +86,24 @@
//Handle IBM specific cases if the user did not specify a algorithm and/or
//provider.
if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
+ {
userSpecifiedAlgo = "IbmX509";
+ }
if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
+ {
userSpecifiedProvider = "IBMJSSE2";
+ }
// Have some fallbacks to choose the provider and algorith of the key
// manager. First see if the user wanted to use something specific,
// then try with the SunJSSE provider and SunX509 algorithm. Finally,
// fallback to the default algorithm of the JVM.
String[] preferredProvider =
- {
- userSpecifiedProvider,
- "SunJSSE",
- null,
- null
- };
+ { userSpecifiedProvider, "SunJSSE", null, null };
String[] preferredAlgo =
- {
- userSpecifiedAlgo,
- "SunX509",
- "SunX509",
- TrustManagerFactory.getDefaultAlgorithm()
- };
+ { userSpecifiedAlgo, "SunX509", "SunX509",
+ TrustManagerFactory.getDefaultAlgorithm() };
+
for (int i=0; i<preferredProvider.length && keyManager == null; i++)
{
String provider = preferredProvider[i];
@@ -145,25 +141,25 @@
catch (NoSuchAlgorithmException e)
{
// Nothing to do. Maybe we should avoid this and be strict, but we are
- // in a best effor mode.
+ // in a best effort mode.
logger.warn(LocalizableMessage.raw("Error with the algorithm", e));
}
catch (KeyStoreException e)
{
// Nothing to do. Maybe we should avoid this and be strict, but we are
- // in a best effor mode..
+ // in a best effort mode.
logger.warn(LocalizableMessage.raw("Error with the keystore", e));
}
catch (UnrecoverableKeyException e)
{
// Nothing to do. Maybe we should avoid this and be strict, but we are
- // in a best effor mode.
+ // in a best effort mode.
logger.warn(LocalizableMessage.raw("Error with the key", e));
}
catch (NoSuchProviderException e)
{
// Nothing to do. Maybe we should avoid this and be strict, but we are
- // in a best effor mode.
+ // in a best effort mode.
logger.warn(LocalizableMessage.raw("Error with the provider", e));
}
}
@@ -195,10 +191,7 @@
{
return keyManager.chooseClientAlias(keyType, issuers, socket);
}
- else
- {
- return null ;
- }
+ return null;
}
/**
@@ -226,10 +219,7 @@
{
return keyManager.chooseServerAlias(keyType, issuers, socket);
}
- else
- {
- return null;
- }
+ return null;
}
/**
@@ -247,10 +237,7 @@
{
return keyManager.getCertificateChain(alias);
}
- else
- {
- return null;
- }
+ return null;
}
/**
@@ -272,10 +259,7 @@
{
return keyManager.getClientAliases(keyType, issuers);
}
- else
- {
- return null;
- }
+ return null;
}
/**
@@ -291,10 +275,7 @@
{
return keyManager.getPrivateKey(alias);
}
- else
- {
- return null;
- }
+ return null;
}
/**
@@ -316,9 +297,6 @@
{
return keyManager.getServerAliases(keyType, issuers);
}
- else
- {
- return null;
- }
+ return null;
}
}
diff --git a/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java b/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
index b6b2b4a..bbeaffe 100644
--- a/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
+++ b/opendj3-server-dev/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
@@ -86,7 +86,7 @@
private Cause lastRefusedCause = null;
private KeyStore keystore = null;
- /*
+ /**
* The following ArrayList contain information about the certificates
* explicitly accepted by the user.
*/
@@ -115,28 +115,24 @@
//Handle IBM specific cases if the user did not specify a algorithm and/or
//provider.
if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
+ {
userSpecifiedAlgo = "IbmX509";
+ }
if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
+ {
userSpecifiedProvider = "IBMJSSE2";
+ }
// Have some fallbacks to choose the provider and algorith of the key
// manager. First see if the user wanted to use something specific,
// then try with the SunJSSE provider and SunX509 algorithm. Finally,
// fallback to the default algorithm of the JVM.
String[] preferredProvider =
- {
- userSpecifiedProvider,
- "SunJSSE",
- null,
- null
- };
+ { userSpecifiedProvider, "SunJSSE", null, null };
String[] preferredAlgo =
- {
- userSpecifiedAlgo,
- "SunX509",
- "SunX509",
- TrustManagerFactory.getDefaultAlgorithm()
- };
+ { userSpecifiedAlgo, "SunX509", "SunX509",
+ TrustManagerFactory.getDefaultAlgorithm() };
+
for (int i=0; i<preferredProvider.length && trustManager == null; i++)
{
String provider = preferredProvider[i];
@@ -181,9 +177,7 @@
}
}
- /**
- * {@inheritDoc}
- */
+ /** {@inheritDoc} */
public void checkClientTrusted(X509Certificate[] chain, String authType)
throws CertificateException
{
@@ -210,13 +204,7 @@
}
catch (CertificateException ce)
{
- lastRefusedChain = chain;
- lastRefusedAuthType = authType;
- lastRefusedCause = Cause.NOT_TRUSTED;
- OpendsCertificateException e = new OpendsCertificateException(
- chain);
- e.initCause(ce);
- throw e;
+ manageException(chain, authType, ce, Cause.NOT_TRUSTED);
}
if (!explicitlyAccepted)
@@ -227,20 +215,12 @@
}
catch (CertificateException ce)
{
- lastRefusedChain = chain;
- lastRefusedAuthType = authType;
- lastRefusedCause = Cause.HOST_NAME_MISMATCH;
- OpendsCertificateException e = new OpendsCertificateException(
- chain);
- e.initCause(ce);
- throw e;
+ manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
}
}
}
- /**
- * {@inheritDoc}
- */
+ /** {@inheritDoc} */
public void checkServerTrusted(X509Certificate[] chain,
String authType) throws CertificateException
{
@@ -267,12 +247,7 @@
}
catch (CertificateException ce)
{
- lastRefusedChain = chain;
- lastRefusedAuthType = authType;
- lastRefusedCause = Cause.NOT_TRUSTED;
- OpendsCertificateException e = new OpendsCertificateException(chain);
- e.initCause(ce);
- throw e;
+ manageException(chain, authType, ce, Cause.NOT_TRUSTED);
}
if (!explicitlyAccepted)
@@ -283,30 +258,31 @@
}
catch (CertificateException ce)
{
- lastRefusedChain = chain;
- lastRefusedAuthType = authType;
- lastRefusedCause = Cause.HOST_NAME_MISMATCH;
- OpendsCertificateException e = new OpendsCertificateException(
- chain);
- e.initCause(ce);
- throw e;
+ manageException(chain, authType, ce, Cause.HOST_NAME_MISMATCH);
}
}
}
- /**
- * {@inheritDoc}
- */
+ private void manageException(final X509Certificate[] chain,
+ final String authType, final CertificateException ce, final Cause cause)
+ throws OpendsCertificateException
+ {
+ lastRefusedChain = chain;
+ lastRefusedAuthType = authType;
+ lastRefusedCause = cause;
+ final OpendsCertificateException e = new OpendsCertificateException(chain);
+ e.initCause(ce);
+ throw e;
+ }
+
+ /** {@inheritDoc} */
public X509Certificate[] getAcceptedIssuers()
{
if (trustManager != null)
{
return trustManager.getAcceptedIssuers();
}
- else
- {
- return new X509Certificate[0];
- }
+ return new X509Certificate[0];
}
/**
@@ -506,7 +482,7 @@
boolean hostMatch = h1.length == h2.length;
for (int i=0; i<h1.length && hostMatch; i++)
{
- if (!h1[i].equals("*") && !h2[i].equals("*"))
+ if (!"*".equals(h1[i]) && !"*".equals(h2[i]))
{
hostMatch = h1[i].equalsIgnoreCase(h2[i]);
}
--
Gitblit v1.10.0