Keystore added

author: Christoph Schulthess 2017-03-30 16:02:01 +0200
committer: Christoph Schulthess 2017-03-30 16:02:01 +0200
commit: ab2a6d6d0352298fac40181f003d1457152f0e10 (patch)
tree: 58dd23d3819ccd9487210b5212bab7608ec5aefa
parent: renaming and comments (jipi) (diff)
download: tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.tar.gz
tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.tar.xz
tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.zip
1 files changed, 67 insertions, 8 deletions
diff --git a/src/main/java/org/openslx/taskmanager/tasks/RemoteDebug.java b/src/main/java/org/openslx/taskmanager/tasks/RemoteDebug.java
index 4a684e8..aee7c8c 100644
--- a/src/main/java/org/openslx/taskmanager/tasks/RemoteDebug.java
+++ b/src/main/java/org/openslx/taskmanager/tasks/RemoteDebug.java
@@ -1,12 +1,19 @@
 package org.openslx.taskmanager.tasks;
 
+import java.io.Closeable;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.Writer;
 import java.net.InetSocketAddress;
+import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.Date;
 
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
@@ -15,6 +22,7 @@ import javax.net.ssl.SSLSocket;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 
+import org.openslx.satserver.util.Util;
 import org.openslx.taskmanager.api.AbstractTask;
 
 import com.google.gson.annotations.Expose;
@@ -39,9 +47,13 @@ public class RemoteDebug extends AbstractTask
 	@Override
 	protected boolean execute()
 	{
+		status.addMessage( "INFO: Executing." );
 		SSLContext ctx = getSSLContext();
-		if ( ctx == null )
+		if ( ctx == null ) {
+			status.addMessage( "ERROR: SSLContext is null." );
 			return false;
+		}
+		status.addMessage( "INFO: SSLContext successfully created." );
 		
 		try ( SSLSocket dbgSock = getDbgSock( ctx );
 				SSLServerSocket srvSock = getSrvSock( ctx ) ) {
@@ -49,6 +61,21 @@ public class RemoteDebug extends AbstractTask
 			bindToPort( srvSock );
 			try ( SSLSocket poolSock = ( SSLSocket ) srvSock.accept() ) {
 				status.addMessage( "INFO: Connection from pool client established." );
+//				status.addMessage( "Enabled Cipher Suites Pool Socket" );
+//				for ( String cipher : poolSock.getEnabledCipherSuites() )
+//					status.addMessage( cipher );
+//				status.addMessage( "Enabled Cipher Suites Debug Socket" );
+//				for ( String cipher : dbgSock.getEnabledCipherSuites() )
+//					status.addMessage( cipher );
+//				
+//				status.addMessage( "Supported Cipher Suites Pool Socket" );
+//				for ( String cipher : poolSock.getSupportedCipherSuites() )
+//					status.addMessage( cipher );
+//				status.addMessage( "Supported Cipher Suites Debug Socket" );
+//				for ( String cipher : dbgSock.getSupportedCipherSuites() )
+//					status.addMessage( cipher );
+				
+				
 				relay( dbgSock, poolSock );
 			} catch ( Exception ex ) {
 				throw( ex );
@@ -57,6 +84,7 @@ public class RemoteDebug extends AbstractTask
 			status.addMessage( "ERROR: " + e.getMessage() );
 			return false;
 		}
+		status.addMessage( "INFO: Task finished properly." );
 		return true;		
 	}
 	
@@ -90,10 +118,11 @@ public class RemoteDebug extends AbstractTask
 	protected SSLContext getSSLContext() {
 		SSLContext ctx = null;
 		try {
+			//ctx = SSLContext.getDefault();
 			ctx = trustAll();
-			status.addMessage( "INFO: SSLContext created." );
 		} catch ( Exception e ) {
 			status.addMessage( "ERROR: Failed to create SSLContext." );
+			status.addMessage( "DEBUG: " + getStrStackTrace(e) );
 		}
 		return ctx;
 	}
@@ -110,6 +139,7 @@ public class RemoteDebug extends AbstractTask
 		toPool.setName( "DebugToPool" );
 		toDbg.start();
 		toPool.start();
+		status.addMessage( "INFO: Threads started." );
 		
 		try {
 			for ( Relay r : new Relay[]{ toDbg, toPool })
@@ -134,8 +164,17 @@ public class RemoteDebug extends AbstractTask
 				public void checkServerTrusted( X509Certificate[] certs, String authType ) {}
 			}
 		};
+		
+		KeyStore ks = KeyStore.getInstance( "JKS" );
+		try ( InputStream ksIs = new FileInputStream( "/opt/taskmanager/data/keystore.jks" ) ){
+			ks.load( ksIs, "password".toCharArray() );
+		}
+		KeyManagerFactory kmf = KeyManagerFactory.getInstance( 
+				KeyManagerFactory.getDefaultAlgorithm() );
+		kmf.init( ks, "password".toCharArray() );
+		
 		SSLContext ctx = SSLContext.getInstance( "SSL" );
-		ctx.init( null, trustAllMgr, new java.security.SecureRandom() );
+		ctx.init( kmf.getKeyManagers(), trustAllMgr, new java.security.SecureRandom() );
 		return ctx;
 	}
 
@@ -146,8 +185,12 @@ public class RemoteDebug extends AbstractTask
 	 */
 	private SSLServerSocket getSrvSock( SSLContext ctx ) throws IOException
 	{
+		status.addMessage( "INFO: Creating server socket." );
 		SSLServerSocketFactory sssf = ctx.getServerSocketFactory();
-		return ( SSLServerSocket ) sssf.createServerSocket();
+		status.addMessage( "INFO: Server socket factory created." );
+		SSLServerSocket s = ( SSLServerSocket ) sssf.createServerSocket();
+		status.addMessage( "INFO: Server socket created." );
+		return s;
 	}
 
 	/**
@@ -157,8 +200,12 @@ public class RemoteDebug extends AbstractTask
 	 */
 	private SSLSocket getDbgSock( SSLContext ctx ) throws IOException
 	{
+		status.addMessage( "INFO: Creating debug socket." );
 		SSLSocketFactory ssf = ctx.getSocketFactory();
-		return ( SSLSocket ) ssf.createSocket();
+		status.addMessage( "INFO: Socket factory created." );
+		SSLSocket s = ( SSLSocket ) ssf.createSocket();
+		status.addMessage( "INFO: Debug socket created." );
+		return s;
 	}
 	
 	
@@ -173,7 +220,6 @@ public class RemoteDebug extends AbstractTask
 		return true;
 	}
 	
-	
 	/**
 	 * Status class that holds information about the current debug task.
 	 * Most important is probably the listen port which is sent to the client to connect its VNC server in reverse mode.
@@ -184,7 +230,7 @@ public class RemoteDebug extends AbstractTask
 		protected String messages = null;
 		protected Date d = null;
 		protected InetSocketAddress dbgAddr = null;
-		protected int listenPort;
+		protected int listenPort = -1;
 		
 		public void setListenPort ( int port ) { listenPort = port; }
 		public int getListenPort ()	{ return listenPort; }
@@ -227,16 +273,29 @@ public class RemoteDebug extends AbstractTask
 			int readBytes;
 			try ( InputStream in = srcSock.getInputStream();
 					OutputStream out = destSock.getOutputStream() ) {
+				status.addMessage( "INFO: " + this.getName() );
 				while( active ) {
 					readBytes = in.read( buffer );
 					out.write( buffer, 0, readBytes );
-					if ( first )
+					if ( first ) {
 						status.addMessage( "INFO: Relay operating: " + this.getName() );
+						first = false;
+					}
 				}	
 			} catch ( Exception e ) {
+				status.addMessage( "DEBUG: " + this.getName() + " - " + getStrStackTrace( e ) );
 				active = false;
 				return;
 			}
 		}	
 	}
+
+	public static String getStrStackTrace(Throwable aThrowable) {
+		Writer result = new StringWriter();
+		PrintWriter printWriter = new PrintWriter(result);
+		aThrowable.printStackTrace(printWriter);
+		return result.toString();
+	}
 }
+
+
author	Christoph Schulthess	2017-03-30 16:02:01 +0200
committer	Christoph Schulthess	2017-03-30 16:02:01 +0200
commit	ab2a6d6d0352298fac40181f003d1457152f0e10 (patch)
tree	58dd23d3819ccd9487210b5212bab7608ec5aefa
parent	renaming and comments (jipi) (diff)
download	tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.tar.gz tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.tar.xz tmlite-bwlp-ab2a6d6d0352298fac40181f003d1457152f0e10.zip