Fix the coverity errors.
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasAuthAdminClient.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasAuthAdminClient.java
index 73eeb5a..22a39f9 100644
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasAuthAdminClient.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasAuthAdminClient.java
@@ -289,15 +289,14 @@
+ keytabFile.getAbsolutePath(), e);
}
- FileOutputStream fos = new FileOutputStream(keytabFile);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[3 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(keytabFile);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[3 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException("IO error occurred.", e);
}
@@ -330,15 +329,14 @@
+ keytabFile.getAbsolutePath(), e);
}
- FileOutputStream fos = new FileOutputStream(keytabFile);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[3 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(keytabFile);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[3 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
LOG.error("IO error occurred.", e);
throw new KrbException("IO error occurred.", e);
@@ -364,15 +362,14 @@
if (httpConn.getResponseCode() != 200) {
throw new KrbException(HasClientUtil.getResponse(httpConn));
}
- FileOutputStream fos = new FileOutputStream(keytabFile);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[4 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(keytabFile);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[4 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException("IO error occurred.", e);
}
@@ -536,15 +533,14 @@
if (httpConn.getResponseCode() != 200) {
throw new KrbException(HasClientUtil.getResponse(httpConn));
}
- FileOutputStream fos = new FileOutputStream(new File(keytabName));
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[4 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(new File(keytabName));
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[4 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException(e.getMessage());
}
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
index 9284920..969c642 100755
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
@@ -630,7 +630,11 @@
// Verify certificate with root certificate
try {
PublicKey publicKey = caRoot.getPublicKey();
- certificate.verify(publicKey);
+ if (publicKey != null) {
+ certificate.verify(publicKey);
+ } else {
+ throw new HasException("Failed to get public key in ca root.");
+ }
} catch (GeneralSecurityException e) {
return false;
}
@@ -657,9 +661,9 @@
trustStore = KeyStore.getInstance("jks");
trustStore.load(null, null);
trustStore.setCertificateEntry(host, certificate);
- FileOutputStream out = new FileOutputStream(trustStoreFile);
- trustStore.store(out, password.toCharArray());
- out.close();
+ try (FileOutputStream out = new FileOutputStream(trustStoreFile)) {
+ trustStore.store(out, password.toCharArray());
+ }
} catch (IOException | GeneralSecurityException e) {
throw new HasException("Failed to create and save truststore file. "
+ e.getMessage());
@@ -673,8 +677,7 @@
*/
private void createClientSSLConfig(String password) throws HasException {
String resourcePath = "/ssl-client.conf.template";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
- try {
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
String content = IOUtil.readInput(templateResource);
content = content.replaceAll("_location_", clientConfigFolder.getAbsolutePath()
+ "/truststore.jks");
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClientUtil.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClientUtil.java
index 4e70e06..976c7e0 100644
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClientUtil.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClientUtil.java
@@ -79,6 +79,9 @@
+ e.getMessage());
}
}
+ if (conn == null) {
+ throw new KrbException("Error occurred when creating https connection.");
+ }
try {
conn.setRequestMethod(method);
} catch (ProtocolException e) {
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java
index fb52130..0daf57f 100644
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java
@@ -101,15 +101,14 @@
if (httpConn.getResponseCode() != 200) {
throw new KrbException(HasClientUtil.getResponse(httpConn));
}
- FileOutputStream fos = new FileOutputStream(keytab);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[3 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(keytab);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[3 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException("IO error occurred. " + e.getMessage());
}
@@ -133,15 +132,14 @@
if (httpConn.getResponseCode() != 200) {
throw new KrbException(HasClientUtil.getResponse(httpConn));
}
- FileOutputStream fos = new FileOutputStream(file);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[3 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(file);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[3 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException("IO error occurred. " + e.getMessage());
}
@@ -165,15 +163,14 @@
if (httpConn.getResponseCode() != 200) {
throw new KrbException(HasClientUtil.getResponse(httpConn));
}
- FileOutputStream fos = new FileOutputStream(file);
- InputStream in = httpConn.getInputStream();
- byte[] buffer = new byte[3 * 1024];
- int read;
- while ((read = in.read(buffer)) > 0) {
- fos.write(buffer, 0, read);
+ try (FileOutputStream fos = new FileOutputStream(file);
+ InputStream in = httpConn.getInputStream()) {
+ byte[] buffer = new byte[3 * 1024];
+ int read;
+ while ((read = in.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
}
- fos.close();
- in.close();
} catch (IOException e) {
throw new KrbException("IO error occurred. " + e.getMessage());
}
diff --git a/has-project/has-common/src/main/java/org/apache/kerby/has/common/util/HasUtil.java b/has-project/has-common/src/main/java/org/apache/kerby/has/common/util/HasUtil.java
index c972955..dfd32f5 100644
--- a/has-project/has-common/src/main/java/org/apache/kerby/has/common/util/HasUtil.java
+++ b/has-project/has-common/src/main/java/org/apache/kerby/has/common/util/HasUtil.java
@@ -66,18 +66,18 @@
return;
}
try {
- BufferedReader bf = new BufferedReader(new FileReader(hasConfFile));
StringBuilder sb = new StringBuilder();
- String tempString;
- while ((tempString = bf.readLine()) != null) {
- if (tempString.trim().startsWith("enable_conf")) {
- tempString = tempString.replace(oldValue, value);
+ try (BufferedReader bf = new BufferedReader(new FileReader(hasConfFile))) {
+ String tempString;
+ while ((tempString = bf.readLine()) != null) {
+ if (tempString.trim().startsWith("enable_conf")) {
+ tempString = tempString.replace(oldValue, value);
+ }
+ sb.append(tempString + "\n");
}
- sb.append(tempString + "\n");
}
try (PrintStream ps = new PrintStream(new FileOutputStream(hasConfFile))) {
ps.print(sb.toString());
- bf.close();
}
} catch (FileNotFoundException e) {
throw new HasException("Can not load the has configuration file "
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPServerPlugin.java b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPServerPlugin.java
index eb274dd..1502920 100755
--- a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPServerPlugin.java
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPServerPlugin.java
@@ -24,6 +24,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.io.IOException;
+
public class LDAPServerPlugin extends AbstractHasServerPlugin {
public static final Logger LOG = LoggerFactory.getLogger(LDAPServerPlugin.class);
@@ -58,7 +60,7 @@
} else {
throw new HasAuthenException("LDAP user auth failed");
}
- } catch (HasException e) {
+ } catch (HasException | IOException e) {
throw new HasAuthenException("LDAP user auth failed. " + e.getMessage());
}
}
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPUtils.java b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPUtils.java
index 2534368..9a703eb 100644
--- a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPUtils.java
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/ldap/LDAPUtils.java
@@ -30,6 +30,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.io.IOException;
+
public class LDAPUtils {
public static final Logger LOG = LoggerFactory.getLogger(LDAPUtils.class);
@@ -43,12 +45,13 @@
}
}
- public static boolean doUserAuth(String user, String pwd) throws HasException {
+ public static boolean doUserAuth(String user, String pwd) throws HasException, IOException {
LdapNetworkConnection connection = new LdapNetworkConnection(
ldapServerConf.getHost(), Integer.parseInt(ldapServerConf.getPort()));
try {
connection.bind(ldapServerConf.getBindDN(), ldapServerConf.getBindPwd());
} catch (LdapException e) {
+ connection.close();
throw new HasException("Failed to bind. " + e.getMessage());
}
Dn dn;
@@ -56,6 +59,7 @@
dn = new Dn(new Rdn(ldapServerConf.getUserNameAttr(), user),
new Dn(ldapServerConf.getBaseDN()));
} catch (LdapInvalidDnException e) {
+ connection.close();
throw new HasException(e.getMessage());
}
Entry entry;
@@ -63,7 +67,10 @@
entry = connection.lookup(dn);
} catch (LdapException e) {
throw new HasException(e.getMessage());
+ } finally {
+ connection.close();
}
+
if (entry == null) {
throw new HasException("Please check your user name: " + user);
}
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
index 234763c..85e2308 100644
--- a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
@@ -76,29 +76,32 @@
Connection connection = startConnection(mysqlUrl, mysqlUser, mysqlPasswd);
ResultSet res = null;
- PreparedStatement preStm = null;
try {
String stm = "SELECT COUNT(*) FROM `has_user` WHERE user_name = ? AND pass_word = ?";
- preStm = connection.prepareStatement(stm);
- preStm.setString(1, user);
- preStm.setString(2, secret);
- res = preStm.executeQuery();
+ try (PreparedStatement preStm = connection.prepareStatement(stm)) {
+ preStm.setString(1, user);
+ preStm.setString(2, secret);
+ res = preStm.executeQuery();
+
+ }
if (res.next() && res.getInt(1) > 0) {
LOG.debug("UserName: {}", user);
} else {
String sql = "SELECT COUNT(*) FROM `has_user` WHERE user_name = ?";
- preStm = connection.prepareStatement(sql);
- preStm.setString(1, user);
- res = preStm.executeQuery();
- if (res.next() && res.getInt(1) > 0) {
- throw new HasAuthenException("Authentication failed. "
+ try (PreparedStatement preStm = connection.prepareStatement(sql)) {
+ preStm.setString(1, user);
+ res = preStm.executeQuery();
+ preStm.close();
+ if (res.next() && res.getInt(1) > 0) {
+ throw new HasAuthenException("Authentication failed. "
+ "Incorrect password.");
- } else if (!res.next()) {
- throw new HasAuthenException("Authentication failed. "
+ } else if (!res.next()) {
+ throw new HasAuthenException("Authentication failed. "
+ "Incorrect userName.");
- } else {
- throw new HasAuthenException("Authentication failed. "
+ } else {
+ throw new HasAuthenException("Authentication failed. "
+ "Please check your userName and password.");
+ }
}
}
} catch (SQLException e) {
@@ -107,7 +110,6 @@
LOG.error("Error message: " + e.getMessage());
throw new HasAuthenException("Authentication failed." + e.getMessage());
} finally {
- DbUtils.closeQuietly(preStm);
DbUtils.closeQuietly(res);
DbUtils.closeQuietly(connection);
}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
index f92f140..f9a78d0 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
@@ -46,6 +46,7 @@
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
+import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.sql.Connection;
import java.sql.DriverManager;
@@ -255,7 +256,12 @@
String resourcePath = "/" + confName + ".template";
templateResource = getClass().getResourceAsStream(resourcePath);
}
- String content = IOUtil.readInput(templateResource);
+ String content;
+ try {
+ content = IOUtil.readInput(templateResource);
+ } finally {
+ templateResource.close();
+ }
for (Map.Entry<String, String> entry : values.entrySet()) {
content = content.replaceAll(Pattern.quote(entry.getKey()), entry.getValue());
}
@@ -331,7 +337,10 @@
Map<String, String> values = getKdcConf();
String host = getKdcHost();
if (host == null) {
- host = getWebServer().getBindAddress().getHostName();
+ InetSocketAddress bind = getWebServer().getBindAddress();
+ if (bind != null) {
+ host = bind.getHostName();
+ }
}
values.remove("servers");
values.put("_HOST_", host);
@@ -516,12 +525,11 @@
String kdc = kdcBuilder.toString();
kdc = kdc.substring(0, kdc.length() - 1);
String resourcePath = "/krb5.conf.template";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
- String content = null;
- try {
+ String content;
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
content = IOUtil.readInput(templateResource);
} catch (IOException e) {
- throw new HasException("Read template resource failed. " + e);
+ throw new HasException("Read template resource failed. " + e.getMessage());
}
content = content.replaceAll("_REALM_", kdcRealm);
content = content.replaceAll("_PORT_", String.valueOf(kdcPort));
@@ -537,7 +545,7 @@
try {
IOUtil.writeFile(content, confFile);
} catch (IOException e) {
- throw new HasException("Write content to conf file failed. " + e);
+ throw new HasException("Write content to conf file failed. " + e.getMessage());
}
return confFile;
@@ -557,8 +565,10 @@
HasConfig hasConfig = HasUtil.getHasConfig(confFile);
if (hasConfig != null) {
String defaultValue = hasConfig.getHttpsHost();
- InputStream templateResource = new FileInputStream(confFile);
- String content = IOUtil.readInput(templateResource);
+ String content;
+ try (InputStream templateResource = new FileInputStream(confFile)) {
+ content = IOUtil.readInput(templateResource);
+ }
content = content.replaceFirst(Pattern.quote(defaultValue), servers);
File hasFile = new File(confDir, "has-client.conf");
IOUtil.writeFile(content, hasFile);
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
index 7191383..2260b9c 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
@@ -192,14 +192,18 @@
int connIdx = 0;
if (policy.isHttpEnabled()) {
httpAddress = httpServer.getConnectorAddress(connIdx++);
- conf.setString(WebConfigKey.HAS_HTTP_ADDRESS_KEY,
- NetUtils.getHostPortString(httpAddress));
+ if (httpAddress != null) {
+ conf.setString(WebConfigKey.HAS_HTTP_ADDRESS_KEY,
+ NetUtils.getHostPortString(httpAddress));
+ }
}
if (policy.isHttpsEnabled()) {
httpsAddress = httpServer.getConnectorAddress(connIdx);
- conf.setString(WebConfigKey.HAS_HTTPS_ADDRESS_KEY,
- NetUtils.getHostPortString(httpsAddress));
+ if (httpsAddress != null) {
+ conf.setString(WebConfigKey.HAS_HTTPS_ADDRESS_KEY,
+ NetUtils.getHostPortString(httpsAddress));
+ }
}
}
@@ -228,7 +232,7 @@
}
/**
- * Return a HttpServer.Builder that the ssm can use to
+ * Return a HttpServer.Builder that the HAS can use to
* initialize their HTTP / HTTPS server.
*/
public HttpServer2.Builder httpServerTemplateForHAS(
@@ -239,7 +243,7 @@
HttpServer2.Builder builder = new HttpServer2.Builder().setName(name);
if (policy.isHttpEnabled()) {
- if (httpAddr.getPort() == 0) {
+ if (httpAddr != null && httpAddr.getPort() == 0) {
builder.setFindPort(true);
}
@@ -252,7 +256,7 @@
HasConfig sslConf = loadSslConfiguration(conf);
loadSslConfToHttpServerBuilder(builder, sslConf);
- if (httpsAddr.getPort() == 0) {
+ if (httpsAddr != null && httpsAddr.getPort() == 0) {
builder.setFindPort(true);
}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
index 2bc6a53..8fa567d 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
@@ -105,26 +105,33 @@
errMessage = "Failed to get the plugin: " + type + ". " + e.getMessage();
WebServer.LOG.error(errMessage);
}
- AuthToken verifiedAuthToken;
- try {
- verifiedAuthToken = tokenPlugin.authenticate(authToken);
- } catch (HasAuthenException e) {
- errMessage = "Failed to verify auth token. " + e.getMessage();
- WebServer.LOG.error(errMessage);
- verifiedAuthToken = null;
+ AuthToken verifiedAuthToken = null;
+ if (tokenPlugin != null) {
+ try {
+ verifiedAuthToken = tokenPlugin.authenticate(authToken);
+ } catch (HasAuthenException e) {
+ errMessage = "Failed to verify auth token. " + e.getMessage();
+ WebServer.LOG.error(errMessage);
+ verifiedAuthToken = null;
+ }
}
if (verifiedAuthToken != null) {
KrbMessage asRep = kdcHandler.getResponse(verifiedAuthToken,
(String) verifiedAuthToken.getAttributes().get("passPhrase"));
- Base64 base64 = new Base64(0);
- try {
- m.put("type", tokenPlugin.getLoginType());
- m.put("success", "true");
- m.put("krbMessage", base64.encodeToString(asRep.encode()));
- } catch (IOException e) {
- errMessage = "Failed to encode KrbMessage." + e.getMessage();
+ if (asRep != null) {
+ Base64 base64 = new Base64(0);
+ try {
+ m.put("type", tokenPlugin.getLoginType());
+ m.put("success", "true");
+ m.put("krbMessage", base64.encodeToString(asRep.encode()));
+ } catch (IOException e) {
+ errMessage = "Failed to encode KrbMessage. " + e.getMessage();
+ WebServer.LOG.error(errMessage);
+ }
+ } else {
+ errMessage = "Failed to get KrbMessage.";
WebServer.LOG.error(errMessage);
}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
index a25be2f..d04e250 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
@@ -65,12 +65,11 @@
@Context
private HttpServletRequest httpRequest;
- private void compressFile(File file, ZipOutputStream out, String basedir) {
+ private void compressFile(File file, ZipOutputStream out, String basedir) throws HasException {
if (!file.exists()) {
return;
}
- try {
- BufferedInputStream bis = new BufferedInputStream(new FileInputStream(file));
+ try (BufferedInputStream bis = new BufferedInputStream(new FileInputStream(file))) {
ZipEntry entry = new ZipEntry(basedir + file.getName());
out.putNextEntry(entry);
int count;
@@ -80,7 +79,7 @@
}
bis.close();
} catch (Exception e) {
- throw new RuntimeException(e);
+ throw new HasException(e.getMessage());
}
}
@@ -94,8 +93,11 @@
try {
hasAdmin = new LocalHadmin(WebServer.getHasServerFromContext(context));
} catch (KrbException e) {
- WebServer.LOG.info("Failed to create local hadmin." + e.getMessage());
+ String error = "Failed to create local hadmin." + e.getMessage();
+ WebServer.LOG.error(error);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build();
}
+
JSONArray results = new JSONArray();
try {
StringBuilder data = new StringBuilder();
@@ -118,8 +120,8 @@
}
return Response.ok(results.toString()).build();
} catch (Exception e) {
- WebServer.LOG.error("Failed to create principals,because : " + e.getMessage());
- String error = "Failed to create principals,because : " + e.getMessage();
+ WebServer.LOG.error("Failed to create principals, because : " + e.getMessage());
+ String error = "Failed to create principals, because : " + e.getMessage();
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(error).build();
}
}
@@ -201,8 +203,7 @@
if (keytabZip.exists()) {
keytabZip.delete();
}
- try {
- ZipOutputStream zos = new ZipOutputStream(new FileOutputStream(keytabZip));
+ try (ZipOutputStream zos = new ZipOutputStream(new FileOutputStream(keytabZip))) {
for (File keytab : keytabs) {
compressFile(keytab, zos, "");
}
diff --git a/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestRestApiBase.java b/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestRestApiBase.java
index 21d650f..be8e841 100644
--- a/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestRestApiBase.java
+++ b/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestRestApiBase.java
@@ -232,7 +232,8 @@
try {
url = new URL(webServerUrl + "hadmin/addprincipalsbyrole");
} catch (MalformedURLException e) {
- e.printStackTrace();
+ System.err.println("Failed to create URL. " + e.getMessage());
+ System.exit(7);
}
URLConnectionFactory connectionFactory = URLConnectionFactory.newDefaultURLConnectionFactory(httpsConf);
diff --git a/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestUtil.java b/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestUtil.java
index 4e6b786..9cbb223 100644
--- a/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestUtil.java
+++ b/has-project/has-server/src/test/java/org/apache/kerby/has/server/TestUtil.java
@@ -138,9 +138,9 @@
private static void saveKeyStore(KeyStore ks, String filename, String password)
throws GeneralSecurityException, IOException {
- FileOutputStream out = new FileOutputStream(filename);
- ks.store(out, password.toCharArray());
- out.close();
+ try (FileOutputStream out = new FileOutputStream(filename)) {
+ ks.store(out, password.toCharArray());
+ }
}
private static void createKeyStore(String filename, String password, String alias, Key privateKey, Certificate cert)
@@ -358,7 +358,6 @@
* @throws IOException if there is an I/O error saving the file
*/
private static void saveConfig(File file, HasConfig conf) throws IOException {
- OutputStream output = new FileOutputStream(file);
Properties prop = new Properties();
// set the properties value
@@ -366,7 +365,9 @@
prop.setProperty(name, conf.getString(name));
}
- // save properties to project root folder
- prop.store(output, null);
+ try (OutputStream output = new FileOutputStream(file)) {
+ // save properties to project root folder
+ prop.store(output, null);
+ }
}
}
diff --git a/kerby-backend/mysql-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/MySQLIdentityBackend.java b/kerby-backend/mysql-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/MySQLIdentityBackend.java
index 4622c7a..10047be 100644
--- a/kerby-backend/mysql-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/MySQLIdentityBackend.java
+++ b/kerby-backend/mysql-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/MySQLIdentityBackend.java
@@ -220,8 +220,6 @@
Map<EncryptionType, EncryptionKey> keys = identity.getKeys();
Connection connection = null;
- PreparedStatement preIdentity = null;
- PreparedStatement preKey = null;
KrbIdentity duplicateIdentity = doGetIdentity(principalName);
if (duplicateIdentity != null) {
@@ -237,26 +235,28 @@
String stmIdentity = "INSERT INTO " + identityTable
+ " (principal, key_version, kdc_flags, disabled, locked,"
+ " created_time, expire_time) VALUES(?, ?, ?, ?, ?, ?, ?)";
- preIdentity = connection.prepareStatement(stmIdentity);
- preIdentity.setString(1, principalName);
- preIdentity.setInt(2, keyVersion);
- preIdentity.setInt(3, kdcFlags);
- preIdentity.setBoolean(4, disabled);
- preIdentity.setBoolean(5, locked);
- preIdentity.setLong(6, createdTime);
- preIdentity.setLong(7, expireTime);
- preIdentity.executeUpdate();
+ try (PreparedStatement preIdentity = connection.prepareStatement(stmIdentity)) {
+ preIdentity.setString(1, principalName);
+ preIdentity.setInt(2, keyVersion);
+ preIdentity.setInt(3, kdcFlags);
+ preIdentity.setBoolean(4, disabled);
+ preIdentity.setBoolean(5, locked);
+ preIdentity.setLong(6, createdTime);
+ preIdentity.setLong(7, expireTime);
+ preIdentity.executeUpdate();
+ }
// Insert keys to key table
for (Map.Entry<EncryptionType, EncryptionKey> entry : keys.entrySet()) {
String stmKey = "INSERT INTO " + keyInfoTable
+ " (key_type, kvno, key_value, principal) VALUES(?, ?, ?, ?)";
- preKey = connection.prepareStatement(stmKey);
- preKey.setString(1, entry.getKey().getName());
- preKey.setInt(2, entry.getValue().getKvno());
- preKey.setBlob(3, new SerialBlob(entry.getValue().getKeyData()));
- preKey.setString(4, principalName);
- preKey.executeUpdate();
+ try (PreparedStatement preKey = connection.prepareStatement(stmKey)) {
+ preKey.setString(1, entry.getKey().getName());
+ preKey.setInt(2, entry.getValue().getKvno());
+ preKey.setBlob(3, new SerialBlob(entry.getValue().getKeyData()));
+ preKey.setString(4, principalName);
+ preKey.executeUpdate();
+ }
}
connection.commit();
@@ -273,8 +273,6 @@
LOG.error("Error occurred while adding identity.");
throw new KrbException("Failed to add identity. ", e);
} finally {
- DbUtils.closeQuietly(preIdentity);
- DbUtils.closeQuietly(preKey);
DbUtils.closeQuietly(connection);
}
}
diff --git a/kerby-common/kerby-asn1/src/main/java/org/apache/kerby/asn1/util/IOUtil.java b/kerby-common/kerby-asn1/src/main/java/org/apache/kerby/asn1/util/IOUtil.java
index aa9323b..de4b2f0 100644
--- a/kerby-common/kerby-asn1/src/main/java/org/apache/kerby/asn1/util/IOUtil.java
+++ b/kerby-common/kerby-asn1/src/main/java/org/apache/kerby/asn1/util/IOUtil.java
@@ -20,14 +20,8 @@
package org.apache.kerby.asn1.util;
import java.io.ByteArrayOutputStream;
-import java.io.File;
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
-import java.nio.ByteBuffer;
-import java.nio.file.Files;
-import java.nio.channels.Channels;
-import java.nio.channels.WritableByteChannel;
/**
* Some IO and file related utilities.
@@ -47,21 +41,6 @@
}
}
- public static void readInputStream(InputStream in,
- byte[] buf) throws IOException {
- int toRead = buf.length;
- int off = 0;
- while (toRead > 0) {
- int ret = in.read(buf, off, toRead);
- if (ret < 0) {
- throw new IOException("Bad inputStream, premature EOF");
- }
- toRead -= ret;
- off += ret;
- }
- in.close();
- }
-
/**
* Read an input stream and return the content as string assuming UTF8.
* @param in The input stream
@@ -72,40 +51,4 @@
byte[] content = readInputStream(in);
return Utf8.toString(content);
}
-
- /**
- * Read a file and return the content as string assuming UTF8.
- * @param file The file to read
- * @return The content
- * @throws IOException e
- */
- public static String readFile(File file) throws IOException {
- long len = 0;
- if (file.length() >= Integer.MAX_VALUE) {
- throw new IOException("Too large file, unexpected!");
- } else {
- len = file.length();
- }
- byte[] buf = new byte[(int) len];
-
- InputStream is = Files.newInputStream(file.toPath());
- readInputStream(is, buf);
-
- return Utf8.toString(buf);
- }
-
- /**
- * Write a file with the content assuming UTF8.
- * @param content The content
- * @param file The file to write
- * @throws IOException e
- */
- public static void writeFile(String content, File file) throws IOException {
- OutputStream outputStream = Files.newOutputStream(file.toPath());
- WritableByteChannel channel = Channels.newChannel(outputStream);
-
- ByteBuffer buffer = ByteBuffer.wrap(Utf8.toBytes(content));
- channel.write(buffer);
- outputStream.close();
- }
}
diff --git a/kerby-common/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestUtil.java b/kerby-common/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestUtil.java
index 619af7b..3405bc9 100644
--- a/kerby-common/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestUtil.java
+++ b/kerby-common/kerby-asn1/src/test/java/org/apache/kerby/asn1/TestUtil.java
@@ -36,12 +36,14 @@
}
static String readStringFromTxtFile(String resource) throws IOException {
- InputStream is = TestUtil.class.getResourceAsStream(resource);
- return IOUtil.readInput(is);
+ try (InputStream is = TestUtil.class.getResourceAsStream(resource)) {
+ return IOUtil.readInput(is);
+ }
}
static byte[] readBytesFromBinFile(String resource) throws IOException {
- InputStream is = TestUtil.class.getResourceAsStream(resource);
- return IOUtil.readInputStream(is);
+ try (InputStream is = TestUtil.class.getResourceAsStream(resource)) {
+ return IOUtil.readInputStream(is);
+ }
}
}
diff --git a/kerby-common/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java b/kerby-common/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
index a741531..42bfbba 100644
--- a/kerby-common/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
+++ b/kerby-common/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
@@ -102,11 +102,11 @@
* @throws IOException e
*/
public static void writeFile(String content, File file) throws IOException {
- OutputStream outputStream = Files.newOutputStream(file.toPath());
- WritableByteChannel channel = Channels.newChannel(outputStream);
+ try (OutputStream outputStream = Files.newOutputStream(file.toPath());
+ WritableByteChannel channel = Channels.newChannel(outputStream)) {
- ByteBuffer buffer = ByteBuffer.wrap(Utf8.toBytes(content));
- channel.write(buffer);
- outputStream.close();
+ ByteBuffer buffer = ByteBuffer.wrap(Utf8.toBytes(content));
+ channel.write(buffer);
+ }
}
}
diff --git a/kerby-common/kerby-xdr/src/main/java/org/apache/kerby/xdr/util/IOUtil.java b/kerby-common/kerby-xdr/src/main/java/org/apache/kerby/xdr/util/IOUtil.java
index 1649269..cfa9072 100644
--- a/kerby-common/kerby-xdr/src/main/java/org/apache/kerby/xdr/util/IOUtil.java
+++ b/kerby-common/kerby-xdr/src/main/java/org/apache/kerby/xdr/util/IOUtil.java
@@ -101,11 +101,11 @@
* @throws IOException e
*/
public static void writeFile(String content, File file) throws IOException {
- OutputStream outputStream = Files.newOutputStream(file.toPath());
- WritableByteChannel channel = Channels.newChannel(outputStream);
+ try (OutputStream outputStream = Files.newOutputStream(file.toPath());
+ WritableByteChannel channel = Channels.newChannel(outputStream)) {
- ByteBuffer buffer = ByteBuffer.wrap(Utf8.toBytes(content));
- channel.write(buffer);
- outputStream.close();
+ ByteBuffer buffer = ByteBuffer.wrap(Utf8.toBytes(content));
+ channel.write(buffer);
+ }
}
}
diff --git a/kerby-common/kerby-xdr/src/test/java/org/apache/kerby/xdr/TestUtil.java b/kerby-common/kerby-xdr/src/test/java/org/apache/kerby/xdr/TestUtil.java
index 6a3d9e8..157a7fa 100644
--- a/kerby-common/kerby-xdr/src/test/java/org/apache/kerby/xdr/TestUtil.java
+++ b/kerby-common/kerby-xdr/src/test/java/org/apache/kerby/xdr/TestUtil.java
@@ -36,12 +36,14 @@
}
static String readStringFromTxtFile(String resource) throws IOException {
- InputStream is = TestUtil.class.getResourceAsStream(resource);
- return IOUtil.readInput(is);
+ try (InputStream is = TestUtil.class.getResourceAsStream(resource)) {
+ return IOUtil.readInput(is);
+ }
}
static byte[] readBytesFromBinFile(String resource) throws IOException {
- InputStream is = TestUtil.class.getResourceAsStream(resource);
- return IOUtil.readInputStream(is);
+ try (InputStream is = TestUtil.class.getResourceAsStream(resource)) {
+ return IOUtil.readInputStream(is);
+ }
}
}
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AccessTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AccessTokenKdcTest.java
index 57b2b1b..3b1e59d 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AccessTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/AccessTokenKdcTest.java
@@ -44,8 +44,11 @@
@Test
public void testBadIssuer() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
+
prepareToken(getServerPrincipal(), "oauth1.com", privateKey, null);
try {
@@ -59,8 +62,11 @@
@Test
public void testBadAudienceRestriction() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
+
prepareToken("bad-service" + "/" + getHostname() + "@" + TestKdcServer.KDC_REALM,
ISSUER, privateKey, null);
@@ -103,11 +109,14 @@
@Test
public void testSignedEncryptedToken() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
-
- is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem");
- PublicKey publicKey = PublicKeyReader.loadPublicKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
+ PublicKey publicKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem")) {
+ publicKey = PublicKeyReader.loadPublicKey(is);
+ }
prepareToken(getServerPrincipal(), ISSUER, privateKey, publicKey);
@@ -118,10 +127,12 @@
public void testSignedEncryptedTokenBadSigningKey() throws Exception {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = keyGen.generateKeyPair();
-
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem");
- PublicKey publicKey = PublicKeyReader.loadPublicKey(is);
-
+
+ PublicKey publicKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem")) {
+ publicKey = PublicKeyReader.loadPublicKey(is);
+ }
+
prepareToken(getServerPrincipal(), ISSUER, keyPair.getPrivate(), publicKey);
try {
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/IdentityTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/IdentityTokenKdcTest.java
index 5aa2115..cfbabe3 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/IdentityTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/IdentityTokenKdcTest.java
@@ -45,8 +45,11 @@
@Test
public void testBadIssuer() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
+
prepareToken(getAudience("krbtgt"), "oauth1.com", privateKey, null);
try {
@@ -60,8 +63,11 @@
@Test
public void testBadAudienceRestriction() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
+
prepareToken("krbtgt2@EXAMPLE.COM", ISSUER, privateKey, null);
try {
@@ -102,11 +108,15 @@
@Test
public void testSignedEncryptedToken() throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
- is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem");
- PublicKey publicKey = PublicKeyReader.loadPublicKey(is);
+ PublicKey publicKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem")) {
+ publicKey = PublicKeyReader.loadPublicKey(is);
+ }
prepareToken(getAudience("krbtgt"), ISSUER, privateKey, publicKey);
@@ -118,8 +128,10 @@
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = keyGen.generateKeyPair();
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem");
- PublicKey publicKey = PublicKeyReader.loadPublicKey(is);
+ PublicKey publicKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/oauth2.com_public_key.pem")) {
+ publicKey = PublicKeyReader.loadPublicKey(is);
+ }
prepareToken(getAudience("krbtgt"), ISSUER, keyPair.getPrivate(), publicKey);
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
index 6719add..88d2286 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
@@ -76,9 +76,10 @@
}
protected AuthToken prepareToken(String audience) throws Exception {
- InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");
- PrivateKey privateKey = PrivateKeyReader.loadPrivateKey(is);
-
+ PrivateKey privateKey;
+ try (InputStream is = TokenKdcTestBase.class.getResourceAsStream("/private_key.pem");) {
+ privateKey = PrivateKeyReader.loadPrivateKey(is);
+ }
return prepareToken(audience, ISSUER, privateKey, null);
}
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/JWTTokenTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/JWTTokenTest.java
index 116185a..12da053 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/JWTTokenTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/JWTTokenTest.java
@@ -92,8 +92,10 @@
authToken.setAudiences(Collections.singletonList(getServerPrincipal()));
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a SGT using the JWT
@@ -154,8 +156,10 @@
authToken.setAudiences(Collections.singletonList(getServerPrincipal() + "_"));
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a SGT using the JWT
@@ -250,8 +254,10 @@
authToken.setIssuer("unknown-issuer");
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a SGT using the JWT
@@ -290,8 +296,10 @@
authToken.setAudiences(Collections.singletonList(getServerPrincipal()));
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a SGT using the JWT
@@ -347,8 +355,10 @@
AuthToken authToken = issueToken(getClientPrincipal());
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a TGT using the JWT token
@@ -405,8 +415,10 @@
authToken.setAudiences(Collections.singletonList(authToken.getAudiences().get(0) + "_"));
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a TGT using the JWT token
@@ -496,8 +508,10 @@
authToken.setIssuer("unknown-issuer");
KrbToken krbToken = new KrbToken(authToken, TokenFormat.JWT);
- InputStream is = Files.newInputStream(getSignKeyFile().toPath());
- PrivateKey signKey = PrivateKeyReader.loadPrivateKey(is);
+ PrivateKey signKey;
+ try (InputStream is = Files.newInputStream(getSignKeyFile().toPath())) {
+ signKey = PrivateKeyReader.loadPrivateKey(is);
+ }
krbToken.setTokenValue(signToken(authToken, signKey));
// Now get a TGT using the JWT token
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Krb5Conf.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Krb5Conf.java
index 9e3b3cf..cfc266c 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Krb5Conf.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Krb5Conf.java
@@ -49,9 +49,10 @@
private File generateConfFile() throws IOException {
String resourcePath = kdcConfig.allowUdp() ? "/krb5_udp.conf" : "/krb5.conf";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
-
- String templateContent = IOUtil.readInput(templateResource);
+ String templateContent;
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
+ templateContent = IOUtil.readInput(templateResource);
+ }
String content = templateContent;
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenCache.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenCache.java
index 91caed7..1e3386c 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenCache.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/jaas/TokenCache.java
@@ -81,14 +81,12 @@
*
* @param token The token string
*/
- public static void writeToken(String token, String tokenCacheFile) {
+ public static void writeToken(String token, String tokenCacheFile) throws IOException {
File cacheFile = new File(tokenCacheFile);
- try {
- Writer writer = new FileWriterWithEncoding(cacheFile, StandardCharsets.UTF_8);
+ try (Writer writer = new FileWriterWithEncoding(cacheFile, StandardCharsets.UTF_8)) {
writer.write(token);
writer.flush();
- writer.close();
// sets read-write permissions to owner only
cacheFile.setReadable(false, false);
cacheFile.setReadable(true, true);
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/Krb5Parser.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/Krb5Parser.java
index a226c90..f63ccc5 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/Krb5Parser.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/Krb5Parser.java
@@ -55,32 +55,32 @@
* @throws IOException e
*/
public void load() throws IOException {
- BufferedReader br = new BufferedReader(new InputStreamReader(Files.newInputStream(krb5conf.toPath()),
- StandardCharsets.UTF_8));
- items = new IdentityHashMap<>();
+ try (BufferedReader br = new BufferedReader(new InputStreamReader(Files.newInputStream(krb5conf.toPath()),
+ StandardCharsets.UTF_8))) {
+ items = new IdentityHashMap<>();
- String originLine = br.readLine();
- while (originLine != null) {
- String line = originLine.trim();
+ String originLine = br.readLine();
+ while (originLine != null) {
+ String line = originLine.trim();
/*parse through comments*/
- if (line.isEmpty() || isComment(line)) {
- originLine = br.readLine();
- } else if (line.startsWith("[")) {
- insertSections(line, br, items);
- originLine = br.readLine();
- } else if (line.startsWith("include")) {
- String[] splited = line.trim().split("\\s+");
- if (splited.length == 2) {
- items.put(splited[0], splited[1]);
+ if (line.isEmpty() || isComment(line)) {
+ originLine = br.readLine();
+ } else if (line.startsWith("[")) {
+ insertSections(line, br, items);
+ originLine = br.readLine();
+ } else if (line.startsWith("include")) {
+ String[] splited = line.trim().split("\\s+");
+ if (splited.length == 2) {
+ items.put(splited[0], splited[1]);
+ } else {
+ throw new RuntimeException("Unable to parse:" + originLine);
+ }
+ originLine = br.readLine();
} else {
throw new RuntimeException("Unable to parse:" + originLine);
}
- originLine = br.readLine();
- } else {
- throw new RuntimeException("Unable to parse:" + originLine);
}
}
- br.close();
}
/**
diff --git a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/CodecTestUtil.java b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/CodecTestUtil.java
index 533e7b3..1b13775 100644
--- a/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/CodecTestUtil.java
+++ b/kerby-kerb/kerb-core/src/test/java/org/apache/kerby/kerberos/kerb/codec/CodecTestUtil.java
@@ -28,15 +28,17 @@
public class CodecTestUtil {
static byte[] readBinaryFile(String path) throws IOException {
- InputStream is = CodecTestUtil.class.getResourceAsStream(path);
- byte[] bytes = new byte[is.available()];
- is.read(bytes);
- return bytes;
+ try (InputStream is = CodecTestUtil.class.getResourceAsStream(path)) {
+ byte[] bytes = new byte[is.available()];
+ is.read(bytes);
+ return bytes;
+ }
}
static byte[] readDataFile(String resource) throws IOException {
- InputStream is = CodecTestUtil.class.getResourceAsStream(resource);
- String hexStr = IOUtil.readInput(is);
- return HexUtil.hex2bytes(hexStr);
+ try (InputStream is = CodecTestUtil.class.getResourceAsStream(resource)) {
+ String hexStr = IOUtil.readInput(is);
+ return HexUtil.hex2bytes(hexStr);
+ }
}
}
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
index d682ac1..33d0efe 100644
--- a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/CamelliaEncTest.java
@@ -48,18 +48,18 @@
private EncryptProvider encProvider;
private List<String> getExpectedLines() throws IOException {
- InputStream res = getClass().getResourceAsStream("/camellia-expect-vt.txt");
- BufferedReader br = new BufferedReader(new InputStreamReader(res));
-
- List<String> results = new ArrayList<String>();
- String line;
- while ((line = br.readLine()) != null) {
- line = line.trim();
- if (!line.isEmpty()) {
- results.add(line);
+ try (InputStream res = getClass().getResourceAsStream("/camellia-expect-vt.txt");
+ BufferedReader br = new BufferedReader(new InputStreamReader(res))) {
+ List<String> results = new ArrayList<String>();
+ String line;
+ while ((line = br.readLine()) != null) {
+ line = line.trim();
+ if (!line.isEmpty()) {
+ results.add(line);
+ }
}
+ return results;
}
- return results;
}
@Test
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index 8809399..56e9046 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -94,7 +94,7 @@
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
configureKeys(tokenDecoder, kdcRequest, issuer);
- AuthToken authToken = null;
+ AuthToken authToken;
try {
authToken = tokenDecoder.decodeFromBytes(token.getTokenValue());
if (!tokenDecoder.isSigned() && !kdcRequest.isHttps()) {
@@ -127,22 +127,20 @@
private void configureKeys(TokenDecoder tokenDecoder, KdcRequest kdcRequest, String issuer) {
String verifyKeyPath = kdcRequest.getKdcContext().getConfig().getVerifyKeyConfig();
if (verifyKeyPath != null) {
- try {
- InputStream verifyKeyFile = getKeyFileStream(verifyKeyPath, issuer);
+ try (InputStream verifyKeyFile = getKeyFileStream(verifyKeyPath, issuer)) {
if (verifyKeyFile != null) {
PublicKey verifyKey = PublicKeyReader.loadPublicKey(verifyKeyFile);
tokenDecoder.setVerifyKey(verifyKey);
}
} catch (FileNotFoundException e) {
- LOG.error("The verify key path is wrong. " + e);
+ LOG.error("The verify key path is wrong. " + e.getMessage());
} catch (Exception e) {
- LOG.error("Fail to load public key. " + e);
+ LOG.error("Failed to load public key. " + e.getMessage());
}
}
String decryptionKeyPath = kdcRequest.getKdcContext().getConfig().getDecryptionKeyConfig();
if (decryptionKeyPath != null) {
- try {
- InputStream decryptionKeyFile = getKeyFileStream(decryptionKeyPath, issuer);
+ try (InputStream decryptionKeyFile = getKeyFileStream(decryptionKeyPath, issuer)) {
if (decryptionKeyFile != null) {
PrivateKey decryptionKey = PrivateKeyReader.loadPrivateKey(decryptionKeyFile);
tokenDecoder.setDecryptionKey(decryptionKey);
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcServerTest.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcServerTest.java
index 9ed96c8..84755a4 100644
--- a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcServerTest.java
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcServerTest.java
@@ -52,12 +52,13 @@
public void testKdc() throws IOException, InterruptedException {
Thread.sleep(15);
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.connect(sa);
+ try (SocketChannel socketChannel = SocketChannel.open()) {
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.connect(sa);
- Assert.assertTrue(socketChannel.isConnected());
+ Assert.assertTrue(socketChannel.isConnected());
+ }
}
@After
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/client/Krb5Conf.java b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/client/Krb5Conf.java
index 23fea52..69f89f1 100644
--- a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/client/Krb5Conf.java
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/client/Krb5Conf.java
@@ -50,8 +50,10 @@
KdcSetting setting = kdcServer.getKdcSetting();
String resourcePath = setting.allowUdp() ? "/krb5_udp-template.conf" : "/krb5-template.conf";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
- String templateContent = IOUtil.readInput(templateResource);
+ String templateContent;
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
+ templateContent = IOUtil.readInput(templateResource);
+ }
String content = templateContent;
diff --git a/kerby-kerb/kerb-simplekdc/src/test/java/org/apache/kerby/kerberos/kerb/SimpleKdcServerTest.java b/kerby-kerb/kerb-simplekdc/src/test/java/org/apache/kerby/kerberos/kerb/SimpleKdcServerTest.java
index 45e08e1..b4f21aa 100644
--- a/kerby-kerb/kerb-simplekdc/src/test/java/org/apache/kerby/kerberos/kerb/SimpleKdcServerTest.java
+++ b/kerby-kerb/kerb-simplekdc/src/test/java/org/apache/kerby/kerberos/kerb/SimpleKdcServerTest.java
@@ -52,19 +52,21 @@
@Test
public void testKdc() throws IOException, InterruptedException {
- SocketChannel socketChannel = SocketChannel.open();
- socketChannel.configureBlocking(true);
- SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
- socketChannel.connect(sa);
+ try (SocketChannel socketChannel = SocketChannel.open()) {
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.connect(sa);
- String badKrbMessage = "Hello World!";
- ByteBuffer writeBuffer = ByteBuffer.allocate(4 + badKrbMessage.getBytes().length);
- writeBuffer.putInt(badKrbMessage.getBytes().length);
- writeBuffer.put(badKrbMessage.getBytes());
- writeBuffer.flip();
+ String badKrbMessage = "Hello World!";
+ ByteBuffer writeBuffer = ByteBuffer.allocate(4 + badKrbMessage.getBytes().length);
+ writeBuffer.putInt(badKrbMessage.getBytes().length);
+ writeBuffer.put(badKrbMessage.getBytes());
+ writeBuffer.flip();
- socketChannel.write(writeBuffer);
+ socketChannel.write(writeBuffer);
+ socketChannel.close();
+ }
}
@After
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
index cb606e1..32fbf17 100644
--- a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/CcacheTest.java
@@ -42,9 +42,10 @@
@Before
public void setUp() throws IOException {
- InputStream cis = CcacheTest.class.getResourceAsStream("/test.cc");
- cc = new CredentialCache();
- cc.load(cis);
+ try (InputStream cis = CcacheTest.class.getResourceAsStream("/test.cc")) {
+ cc = new CredentialCache();
+ cc.load(cis);
+ }
}
@Test
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
index efc5d8f..8a3ea96 100644
--- a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/EncryptionTest.java
@@ -64,8 +64,9 @@
@Before
public void setUp() throws IOException {
- InputStream kis = EncryptionTest.class.getResourceAsStream("/krbtgt.keytab");
- keytab = Keytab.loadKeytab(kis);
+ try (InputStream kis = EncryptionTest.class.getResourceAsStream("/krbtgt.keytab")) {
+ keytab = Keytab.loadKeytab(kis);
+ }
}
@Test
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
index e755f95..c53cc0a 100644
--- a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeysTest.java
@@ -55,8 +55,9 @@
@Before
public void setUp() throws IOException {
- InputStream kis = KeysTest.class.getResourceAsStream("/test.keytab");
- keytab = Keytab.loadKeytab(kis);
+ try (InputStream kis = KeysTest.class.getResourceAsStream("/test.keytab")) {
+ keytab = Keytab.loadKeytab(kis);
+ }
}
@Test
diff --git a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
index c312d59..1910d52 100644
--- a/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
+++ b/kerby-kerb/kerb-util/src/test/java/org/apache/kerby/kerberos/kerb/util/KeytabTest.java
@@ -48,8 +48,10 @@
1 test@SH.INTEL.COM (camellia256-cts-cmac)
1 test@SH.INTEL.COM (camellia128-cts-cmac)
*/
- InputStream kis = KeytabTest.class.getResourceAsStream("/test.keytab");
- Keytab keytab = Keytab.loadKeytab(kis);
+ Keytab keytab;
+ try (InputStream kis = KeytabTest.class.getResourceAsStream("/test.keytab")) {
+ keytab = Keytab.loadKeytab(kis);
+ }
assertThat(keytab).isNotNull();
List<PrincipalName> principals = keytab.getPrincipals();
@@ -86,8 +88,10 @@
3 04/11/17 14:16:52 HTTP/examples.com@EXAMPLE.COM (des-hmac-sha1)
3 04/11/17 14:16:52 HTTP/examples.com@EXAMPLE.COM (des-cbc-md5)
*/
- InputStream kis = KeytabTest.class.getResourceAsStream("/test_multiple_principles.keytab");
- Keytab keytab = Keytab.loadKeytab(kis);
+ Keytab keytab;
+ try (InputStream kis = KeytabTest.class.getResourceAsStream("/test_multiple_principles.keytab")) {
+ keytab = Keytab.loadKeytab(kis);
+ }
assertThat(keytab).isNotNull();
List<PrincipalName> principals = keytab.getPrincipals();
@@ -100,10 +104,10 @@
@Test
public void testSKeytab() throws IOException {
-
- InputStream kis = KeytabTest.class.getResourceAsStream("/test_multiple_principles.keytab");
-
- Keytab keytab = Keytab.loadKeytab(kis);
+ Keytab keytab;
+ try (InputStream kis = KeytabTest.class.getResourceAsStream("/test_multiple_principles.keytab")) {
+ keytab = Keytab.loadKeytab(kis);
+ }
assertThat(keytab).isNotNull();
List<PrincipalName> principals = keytab.getPrincipals();
@@ -115,8 +119,9 @@
}
public static void main(String[] args) throws IOException {
- InputStream kis = KeytabTest.class.getResourceAsStream("test.keytab");
- Keytab keytab = Keytab.loadKeytab(kis);
- System.out.println("Principals:" + keytab.getPrincipals().size());
+ try (InputStream kis = KeytabTest.class.getResourceAsStream("test.keytab")) {
+ Keytab keytab = Keytab.loadKeytab(kis);
+ System.out.println("Principals:" + keytab.getPrincipals().size());
+ }
}
}
diff --git a/kerby-pkix/src/test/java/org/apache/kerby/cms/CmsTestBase.java b/kerby-pkix/src/test/java/org/apache/kerby/cms/CmsTestBase.java
index a5584f3..d6d9e5f 100644
--- a/kerby-pkix/src/test/java/org/apache/kerby/cms/CmsTestBase.java
+++ b/kerby-pkix/src/test/java/org/apache/kerby/cms/CmsTestBase.java
@@ -28,8 +28,9 @@
public class CmsTestBase {
static byte[] readDataFile(String resource) throws IOException {
- InputStream is = CmsTestBase.class.getResourceAsStream(resource);
- String hexStr = IOUtil.readInput(is);
- return HexUtil.hex2bytes(hexStr);
+ try (InputStream is = CmsTestBase.class.getResourceAsStream(resource)) {
+ String hexStr = IOUtil.readInput(is);
+ return HexUtil.hex2bytes(hexStr);
+ }
}
}
diff --git a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/token/TokenCache.java b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/token/TokenCache.java
index d80c4b2..0ac29f6 100644
--- a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/token/TokenCache.java
+++ b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/token/TokenCache.java
@@ -66,11 +66,12 @@
public static void writeToken(String token) throws KrbException {
File cacheFile = getDefaultTokenCache();
+ Writer writer = null;
try {
- Writer writer = new FileWriterWithEncoding(cacheFile, StandardCharsets.UTF_8);
+ writer = new FileWriterWithEncoding(cacheFile, StandardCharsets.UTF_8);
writer.write(token);
writer.flush();
- writer.close();
+
// sets read-write permissions to owner only
cacheFile.setReadable(false, false);
cacheFile.setReadable(true, true);
@@ -84,6 +85,14 @@
if (cacheFile.delete()) {
System.err.println("Cache file is deleted.");
}
+ } finally {
+ if (writer != null) {
+ try {
+ writer.close();
+ } catch (IOException e) {
+ throw new KrbException(e.getMessage());
+ }
+ }
}
}
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/AddPrincipalsCommand.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/AddPrincipalsCommand.java
index d9db07c..d4225d3 100644
--- a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/AddPrincipalsCommand.java
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/AddPrincipalsCommand.java
@@ -53,13 +53,18 @@
throw new HasException("HostRoles file is not exists.");
}
try {
- BufferedReader reader = new BufferedReader(new FileReader(hostRoles));
- StringBuilder sb = new StringBuilder();
- String tempString;
- while ((tempString = reader.readLine()) != null) {
- sb.append(tempString);
+ StringBuilder sb;
+ try (BufferedReader reader = new BufferedReader(new FileReader(hostRoles))) {
+ sb = new StringBuilder();
+ String tempString;
+ while ((tempString = reader.readLine()) != null) {
+ sb.append(tempString);
+ }
}
JSONArray hostArray = new JSONObject(sb.toString()).optJSONArray("HOSTS");
+ if (hostArray == null) {
+ throw new HasException("Failed to get HOSTS.");
+ }
for (int i = 0; i < hostArray.length(); i++) {
JSONObject host = (JSONObject) hostArray.get(i);
String[] roles = host.getString("hostRoles").split(",");
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/DeployHTTPSCertsCommand.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/DeployHTTPSCertsCommand.java
index 0b54bb7..ca86b9e 100644
--- a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/DeployHTTPSCertsCommand.java
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/DeployHTTPSCertsCommand.java
@@ -102,23 +102,29 @@
}
private static File saveKeyStore(String fileName, KeyStore ks, String password)
- throws GeneralSecurityException, IOException {
+ throws GeneralSecurityException, IOException {
File keystoreFile = new File(fileName);
if (keystoreFile.exists() && !keystoreFile.delete()) {
throw new IOException("Failed to delete original file: " + fileName);
}
- FileOutputStream out = new FileOutputStream(keystoreFile);
- ks.store(out, password.toCharArray());
- out.close();
+ FileOutputStream out = null;
+ try {
+ out = new FileOutputStream(keystoreFile);
+ ks.store(out, password.toCharArray());
+ } finally {
+ if (out != null) {
+ out.close();
+ }
+ }
+
return keystoreFile;
}
private File createClientSSLConfig(String trustStorePath, String trustStorePassword,
String keyStorePassword) throws HasException {
String resourcePath = "/ssl-client.conf.template";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
- File sslConfigFile = new File("ssl-client.conf");
- try {
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
+ File sslConfigFile = new File("ssl-client.conf");
String content = IOUtil.readInput(templateResource);
content = content.replaceAll("_location_", trustStorePath);
content = content.replaceAll("_password_", trustStorePassword);
@@ -187,19 +193,34 @@
}
} catch (IOException e1) {
throw new HasException("Failed to read file. " + e1.getMessage());
+ } finally {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ throw new HasException(e.getMessage());
+ }
}
String[] hostArray = sb.toString().replace(" ", "").split(",");
// Get truststore from truststore file
Map<String, KeyStoreInfo> keyStoreInfoMap = new HashMap<>(16);
KeyStore trustStore;
+ FileInputStream in = null;
try {
trustStore = KeyStore.getInstance("JKS");
- FileInputStream in = new FileInputStream(truststoreFile);
+ in = new FileInputStream(truststoreFile);
trustStore.load(in, truststoreSecret.toCharArray());
} catch (Exception e2) {
throw new HasException("Failed to get truststore from the file: "
+ truststoreFile + ". " + e2.getMessage());
+ } finally {
+ if (in != null) {
+ try {
+ in.close();
+ } catch (IOException e) {
+ throw new HasException(e.getMessage());
+ }
+ }
}
RandomStringGenerator generator = new RandomStringGenerator.Builder()
.withinRange('a', 'z')
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/KeytabCommand.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/KeytabCommand.java
index 09bf0a9..edd4353 100644
--- a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/KeytabCommand.java
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/local/cmd/KeytabCommand.java
@@ -94,6 +94,12 @@
}
} catch (IOException e) {
throw new HasException("Failed to read file: " + e.getMessage());
+ } finally {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ throw new HasException(e.getMessage());
+ }
}
JSONArray hostArray;
try {
@@ -101,6 +107,9 @@
} catch (JSONException e) {
throw new HasException(e.getMessage());
}
+ if (hostArray == null) {
+ throw new HasException("Failed to get HOSTS");
+ }
for (int i = 0; i < hostArray.length(); i++) {
JSONObject host;
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/remote/cmd/CreatePrincipalsRemoteCmd.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/remote/cmd/CreatePrincipalsRemoteCmd.java
index 68f6b04..3504f4c 100644
--- a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/remote/cmd/CreatePrincipalsRemoteCmd.java
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/admin/remote/cmd/CreatePrincipalsRemoteCmd.java
@@ -71,6 +71,12 @@
}
} catch (IOException e) {
throw new KrbException("Errors occurred when read line. ", e);
+ } finally {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ throw new KrbException(e.getMessage());
+ }
}
List<String> results = client.addPrincipalsByRole(sb.toString());
if (results != null) {
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/hclient/HasClientLoginTool.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/hclient/HasClientLoginTool.java
index 99c3dd4..585b9ee 100644
--- a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/hclient/HasClientLoginTool.java
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/hclient/HasClientLoginTool.java
@@ -84,8 +84,10 @@
} catch (LoginException e) {
System.err.println("Failed to login using keytab. " + e);
}
- System.out.println("Login succeeded for user: "
- + subject.getPrincipals().iterator().next());
+ if (subject != null) {
+ System.out.println("Login succeeded for user: "
+ + subject.getPrincipals().iterator().next());
+ }
}
}
@@ -199,6 +201,9 @@
String realm = null;
try {
KdcConfig kdcConfig = KdcUtil.getKdcConfig(confDir);
+ if (kdcConfig == null) {
+ printKeytabUsage("Please set the right conf dir.");
+ }
realm = kdcConfig.getKdcRealm();
} catch (KrbException e) {
printKeytabUsage(e.getMessage());
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Krb5Conf.java b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Krb5Conf.java
index eaf36b6..848afe1 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Krb5Conf.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Krb5Conf.java
@@ -49,9 +49,10 @@
private File generateConfFile() throws IOException {
String resourcePath = kdcConfig.allowUdp() ? "/krb5_udp.conf" : "/krb5.conf";
- InputStream templateResource = getClass().getResourceAsStream(resourcePath);
-
- String templateContent = IOUtil.readInput(templateResource);
+ String templateContent;
+ try (InputStream templateResource = getClass().getResourceAsStream(resourcePath)) {
+ templateContent = IOUtil.readInput(templateResource);
+ }
String content = templateContent;