From 67e5ecaa71a219da7d2bb4e12892c3b23836e59a Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 26 Sep 2023 15:49:51 +0200 Subject: master<->sat transfer: Prefer SSL --- .../bwlp/sat/fileserv/IncomingDataTransfer.java | 16 +++++++-------- .../bwlp/sat/fileserv/OutgoingDataTransfer.java | 23 +++++++++++----------- 2 files changed, 20 insertions(+), 19 deletions(-) diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/IncomingDataTransfer.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/IncomingDataTransfer.java index fe521691..2b1e3d18 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/IncomingDataTransfer.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/IncomingDataTransfer.java @@ -164,23 +164,23 @@ public class IncomingDataTransfer extends IncomingTransferBase { if (getActiveConnectionCount() >= 1) return; Downloader downloader = null; - if (masterTransferInfo.plainPort != 0) { + if (downloader == null && masterTransferInfo.sslPort != 0) { try { downloader = new Downloader(Configuration.getMasterServerAddress(), - masterTransferInfo.plainPort, Constants.TRANSFER_TIMEOUT, null, + masterTransferInfo.sslPort, Constants.TRANSFER_TIMEOUT, SSLContext.getDefault(), masterTransferInfo.token); - } catch (Exception e1) { - LOGGER.debug("Plain connect failed", e1); + } catch (Exception e2) { + LOGGER.debug("SSL connect failed", e2); downloader = null; } } - if (downloader == null && masterTransferInfo.sslPort != 0) { + if (downloader == null && masterTransferInfo.plainPort != 0) { try { downloader = new Downloader(Configuration.getMasterServerAddress(), - masterTransferInfo.sslPort, Constants.TRANSFER_TIMEOUT, SSLContext.getDefault(), // TODO: Use the TLSv1.2 one once the master is ready + masterTransferInfo.plainPort, Constants.TRANSFER_TIMEOUT, null, masterTransferInfo.token); - } catch (Exception e2) { - LOGGER.debug("SSL connect failed", e2); + } catch (Exception e1) { + LOGGER.debug("Plain connect failed", e1); downloader = null; } } diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/OutgoingDataTransfer.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/OutgoingDataTransfer.java index 0cc0e6ae..10bec0ac 100644 --- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/OutgoingDataTransfer.java +++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/fileserv/OutgoingDataTransfer.java @@ -2,10 +2,11 @@ package org.openslx.bwlp.sat.fileserv; import java.io.File; import java.io.IOException; -import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.util.concurrent.ExecutorService; +import javax.net.ssl.SSLContext; + import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.thrift.TException; @@ -73,7 +74,16 @@ public class OutgoingDataTransfer extends OutgoingTransferBase { return; Uploader uploader = null; Exception connectException = null; - if (masterTransferInfo.plainPort != 0) { + if (uploader == null && masterTransferInfo.sslPort != 0 && Configuration.getMasterServerSsl()) { + // Try SSL + try { + uploader = new Uploader(Configuration.getMasterServerAddress(), masterTransferInfo.sslPort, + 10000, SSLContext.getDefault(), masterTransferInfo.token); + } catch (NoSuchAlgorithmException | IOException e) { + connectException = e; + } + } + if (uploader == null && masterTransferInfo.plainPort != 0) { // Try plain try { uploader = new Uploader(Configuration.getMasterServerAddress(), masterTransferInfo.plainPort, @@ -83,15 +93,6 @@ public class OutgoingDataTransfer extends OutgoingTransferBase { connectException = e; } } - if (uploader == null && masterTransferInfo.sslPort != 0 && Configuration.getMasterServerSsl()) { - // Try SSL - try { - uploader = new Uploader(Configuration.getMasterServerAddress(), masterTransferInfo.sslPort, - 10000, Configuration.getMasterServerSslContext(), masterTransferInfo.token); - } catch (KeyManagementException | NoSuchAlgorithmException | IOException e) { - connectException = e; - } - } if (uploader == null) { LOGGER.debug("Cannot connect to master server for uploading", connectException); } else { -- cgit v1.2.3-55-g7522