diff options
author | clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2009-06-25 12:07:39 +0000 |
---|---|---|
committer | clemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2009-06-25 12:07:39 +0000 |
commit | 69e0dbee3567fc3a710d7bffad4d03e64edd7daa (patch) | |
tree | bae70dc305f577693a591658db904314a6bdeda5 /BKUWebStart/src/main/java | |
parent | baa86c0bbcd5509ac70cc318547632c9ad4d9fde (diff) | |
download | mocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.tar.gz mocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.tar.bz2 mocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.zip |
TLS CipherSuites (FF XP)
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@375 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'BKUWebStart/src/main/java')
-rw-r--r-- | BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java | 68 | ||||
-rw-r--r-- | BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java | 47 |
2 files changed, 99 insertions, 16 deletions
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index b1fc29be..36c9cbb2 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -41,6 +41,7 @@ import java.io.BufferedWriter; import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
+import java.net.BindException;
import java.net.URI;
import java.net.URL;
import java.security.GeneralSecurityException;
@@ -48,6 +49,7 @@ import java.util.UUID; import java.util.jar.Attributes;
import java.util.jar.Manifest;
import java.util.zip.ZipOutputStream;
+import org.mortbay.util.MultiException;
public class BKULauncher implements BKUControllerInterface {
@@ -65,7 +67,11 @@ public class BKULauncher implements BKUControllerInterface { public static final String GREETING_CAPTION = "Greetings.Caption";
public static final String GREETING_MESSAGE = "Greetings.Message";
public static final String STARTUP_CAPTION = "Startup.Caption";
+ public static final String ERROR_CAPTION = "Error.Caption";
public static final String STARTUP_MESSAGE = "Startup.Message";
+ public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message";
+ public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message";
+ public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message";
public static final String VERSION_FILE = ".version";
private static Log log = LogFactory.getLog(BKULauncher.class);
private ResourceBundle resourceBundle = null;
@@ -222,8 +228,8 @@ public class BKULauncher implements BKUControllerInterface { // }
// }
- log.debug("trying install MOCCA certificate on system browser");
if (installCert) {
+ log.debug("trying install MOCCA certificate on system browser");
if (Desktop.isDesktopSupported()) {
Desktop desktop = Desktop.getDesktop();
if (desktop.isSupported(Desktop.Action.BROWSE)) {
@@ -270,26 +276,60 @@ public class BKULauncher implements BKUControllerInterface { /**
* @param args
*/
- public static void main(String[] args) {
- try {
- log.warn("***** DISABLING SECURITY MANAGER *******");
+ public static void main(String[] args) throws InterruptedException {
+
+ if (log.isDebugEnabled()) {
+ //System.setProperty("DEBUG", "true");
+ System.setProperty("VERBOSE", "true");
+ System.setProperty("javax.net.debug", "ssl,handshake");
+ }
+
+// log.warn("***** DISABLING SECURITY MANAGER *******");
System.setSecurityManager(null);
+
BKULauncher launcher = new BKULauncher();
launcher.initStart();
- File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR);
- boolean installCert = launcher.ensureConfig(configDir);
+ boolean installCert = false;
+
launcher.initTrayIcon();
TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE);
- launcher.startUpServer();
- TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE);
-// launcher.initTrayIcon();
- launcher.initFinished(installCert);
- } catch (Exception e) {
- log.fatal("Failed to launch BKU: " + e.getMessage(), e);
- System.exit(-1000);
- }
+ try {
+ File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR);
+ installCert = launcher.ensureConfig(configDir);
+ } catch (Exception ex) {
+ log.fatal("Failed to init MOCCA configuration, exiting", ex);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ }
+
+ try {
+ launcher.startUpServer();
+ TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE);
+ launcher.initFinished(installCert);
+ } catch (BindException ex) {
+ log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ } catch (MultiException ex) {
+ log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex);
+ if (ex.getThrowable(0) instanceof BindException) {
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE);
+ } else {
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE);
+ }
+ Thread.sleep(5000);
+ System.exit(-1000);
+ } catch (Exception e) {
+ log.fatal("Failed to launch MOCCA, " + e.getMessage(), e);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ }
+
}
private void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException {
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 0cd3e633..89044486 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -35,6 +35,7 @@ public class Container { }
public void init() throws IOException {
+// System.setProperty("DEBUG", "true");
server = new Server();
QueuedThreadPool qtp = new QueuedThreadPool();
qtp.setMaxThreads(5);
@@ -55,7 +56,13 @@ public class Container { sslConnector.setAcceptors(1);
sslConnector.setHost("127.0.0.1");
File configDir = new File(System.getProperty("user.home") + "/" + BKULauncher.CONFIG_DIR);
- sslConnector.setKeystore(configDir.getPath() + "/" + BKULauncher.KEYSTORE_FILE);
+ File keystoreFile = new File(configDir, BKULauncher.KEYSTORE_FILE);
+ if (!keystoreFile.canRead()) {
+ log.error("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath());
+ throw new FileNotFoundException("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath());
+ }
+ log.debug("loading MOCCA keystore from " + keystoreFile.getAbsolutePath());
+ sslConnector.setKeystore(keystoreFile.getAbsolutePath());
File passwdFile = new File(configDir, BKULauncher.PASSWD_FILE);
BufferedReader reader = new BufferedReader(new FileReader(passwdFile));
String pwd;
@@ -64,6 +71,42 @@ public class Container { sslConnector.setKeyPassword(pwd);
}
reader.close();
+
+ //avoid jetty's ClassCastException: iaik.security.ecc.ecdsa.ECPublicKey cannot be cast to java.security.interfaces.ECPublicKey
+ String[] RFC4492CipherSuites = new String[] {
+ "TLS_ECDH_ECDSA_WITH_NULL_SHA",
+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDH_RSA_WITH_NULL_SHA",
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDHE_RSA_WITH_NULL_SHA",
+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDH_anon_WITH_NULL_SHA",
+ "TLS_ECDH_anon_WITH_RC4_128_SHA",
+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
+ };
+
+ sslConnector.setExcludeCipherSuites(RFC4492CipherSuites);
+
server.setConnectors(new Connector[] { connector, sslConnector });
@@ -71,7 +114,7 @@ public class Container { webapp.setLogUrlOnStart(true);
webapp.setContextPath("/");
webapp.setExtractWAR(true);
- webapp.setParentLoaderPriority(false); //true);
+ webapp.setParentLoaderPriority(false);
webapp.setWar(copyWebapp(webapp.getTempDirectory())); //getClass().getClassLoader().getResource("BKULocalWar/").toString());
|