From f185d956682e96272b5a74db6b2b208f467bcdb6 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 23 Nov 2012 18:18:02 -0500
Subject: [PATCH] Eliminate internal Sun api for CRLs and include X509 tests in suite
---
src/com/gitblit/utils/X509Utils.java | 17 +++++++++++++----
tests/com/gitblit/tests/GitBlitSuite.java | 2 +-
gitblit.iml | 32 ++++++++++++++++++++++++++------
3 files changed, 40 insertions(+), 11 deletions(-)
diff --git a/Gitblit.iml b/gitblit.iml
similarity index 91%
rename from Gitblit.iml
rename to gitblit.iml
index 2efe6cf..12f69f3 100644
--- a/Gitblit.iml
+++ b/gitblit.iml
@@ -240,24 +240,35 @@
</library>
</orderEntry>
<orderEntry type="module-library">
- <library name="bcprov-jdk16-1.46.jar">
+ <library name="bcprov-jdk15on-1.47.jar">
<CLASSES>
- <root url="jar://$MODULE_DIR$/ext/bcprov-jdk16-1.46.jar!/" />
+ <root url="jar://$MODULE_DIR$/ext/bcprov-jdk15on-1.47.jar!/" />
</CLASSES>
<JAVADOC />
<SOURCES>
- <root url="jar://$MODULE_DIR$/ext/src/bcprov-jdk16-1.46-sources.jar!/" />
+ <root url="jar://$MODULE_DIR$/ext/src/bcprov-jdk15on-1.47-sources.jar!/" />
</SOURCES>
</library>
</orderEntry>
<orderEntry type="module-library">
- <library name="bcmail-jdk16-1.46.jar">
+ <library name="bcmail-jdk15on-1.47.jar">
<CLASSES>
- <root url="jar://$MODULE_DIR$/ext/bcmail-jdk16-1.46.jar!/" />
+ <root url="jar://$MODULE_DIR$/ext/bcmail-jdk15on-1.47.jar!/" />
</CLASSES>
<JAVADOC />
<SOURCES>
- <root url="jar://$MODULE_DIR$/ext/src/bcmail-jdk16-1.46-sources.jar!/" />
+ <root url="jar://$MODULE_DIR$/ext/src/bcmail-jdk15on-1.47-sources.jar!/" />
+ </SOURCES>
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library name="bcpkix-jdk15on-1.47.jar">
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/ext/bcpkix-jdk15on-1.47.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES>
+ <root url="jar://$MODULE_DIR$/ext/src/bcpkix-jdk15on-1.47-sources.jar!/" />
</SOURCES>
</library>
</orderEntry>
@@ -327,6 +338,15 @@
</SOURCES>
</library>
</orderEntry>
+ <orderEntry type="module-library">
+ <library name="jcalendar-1.3.2.jar">
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/ext/jcalendar-1.3.2.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
<orderEntry type="module-library" scope="TEST">
<library name="junit-4.10.jar">
<CLASSES>
diff --git a/src/com/gitblit/utils/X509Utils.java b/src/com/gitblit/utils/X509Utils.java
index e27d7bc..3caff35 100644
--- a/src/com/gitblit/utils/X509Utils.java
+++ b/src/com/gitblit/utils/X509Utils.java
@@ -21,6 +21,7 @@
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
+import java.io.InputStream;
import java.lang.reflect.Field;
import java.math.BigInteger;
import java.security.InvalidKeyException;
@@ -36,6 +37,7 @@
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
@@ -81,8 +83,6 @@
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
-import sun.security.x509.X509CRLImpl;
import com.gitblit.Constants;
@@ -1034,13 +1034,22 @@
if (!caRevocationList.exists()) {
return false;
}
+ InputStream inStream = null;
try {
- byte [] data = FileUtils.readContent(caRevocationList);
- X509CRL crl = new X509CRLImpl(data);
+ inStream = new FileInputStream(caRevocationList);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ X509CRL crl = (X509CRL)cf.generateCRL(inStream);
return crl.isRevoked(cert);
} catch (Exception e) {
logger.error(MessageFormat.format("Failed to check revocation status for certificate {0,number,0} [{1}] in {2}",
cert.getSerialNumber(), cert.getSubjectDN().getName(), caRevocationList));
+ } finally {
+ if (inStream != null) {
+ try {
+ inStream.close();
+ } catch (Exception e) {
+ }
+ }
}
return false;
}
diff --git a/tests/com/gitblit/tests/GitBlitSuite.java b/tests/com/gitblit/tests/GitBlitSuite.java
index 3527d58..bb734eb 100644
--- a/tests/com/gitblit/tests/GitBlitSuite.java
+++ b/tests/com/gitblit/tests/GitBlitSuite.java
@@ -57,7 +57,7 @@
StringUtilsTest.class, Base64Test.class, JsonUtilsTest.class, ByteFormatTest.class,
ObjectCacheTest.class, PermissionsTest.class, UserServiceTest.class, LdapUserServiceTest.class,
MarkdownUtilsTest.class, JGitUtilsTest.class, SyndicationUtilsTest.class,
- DiffUtilsTest.class, MetricUtilsTest.class, TicgitUtilsTest.class,
+ DiffUtilsTest.class, MetricUtilsTest.class, TicgitUtilsTest.class, X509UtilsTest.class,
GitBlitTest.class, FederationTests.class, RpcTests.class, GitServletTest.class,
GroovyScriptTest.class, LuceneExecutorTest.class, IssuesTest.class, RepositoryModelTest.class })
public class GitBlitSuite {
--
Gitblit v1.9.1