This is an automated email from the ASF dual-hosted git repository.
brusdev pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/activemq-artemis.git
The following commit(s) were added to refs/heads/main by this push:
new dc0b3ac55a ARTEMIS-4266 mitigate NPE with bad SSL config
dc0b3ac55a is described below
commit dc0b3ac55ac502123982ae3b42a52a04f8e6ad33
Author: Justin Bertram <[email protected]>
AuthorDate: Fri Apr 28 12:32:22 2023 -0500
ARTEMIS-4266 mitigate NPE with bad SSL config
---
.../core/remoting/impl/netty/NettyAcceptor.java | 2 +-
.../remoting/impl/netty/NettyAcceptorTest.java | 29 ++++++++++++++++++++++
2 files changed, 30 insertions(+), 1 deletion(-)
diff --git
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
index 6d69e1cbaa..a7ca627311 100644
---
a/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
+++
b/artemis-server/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyAcceptor.java
@@ -697,7 +697,7 @@ public class NettyAcceptor extends AbstractAcceptor {
if (configuration.containsKey(TransportConstants.SSL_CONTEXT_PROP_NAME))
{
return;
}
- if (keyStorePath == null &&
TransportConstants.DEFAULT_KEYSTORE_PROVIDER.equals(keyStoreProvider)) {
+ if (keyStorePath == null && keyStoreProvider == null) {
throw new IllegalArgumentException("If \"" +
TransportConstants.SSL_ENABLED_PROP_NAME + "\" is true then \"" +
TransportConstants.KEYSTORE_PATH_PROP_NAME + "\" must be non-null unless an
alternative \"" + TransportConstants.KEYSTORE_PROVIDER_PROP_NAME + "\" has been
specified.");
}
}
diff --git
a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/remoting/impl/netty/NettyAcceptorTest.java
b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/remoting/impl/netty/NettyAcceptorTest.java
index 101d7b30c9..5760ddc229 100644
---
a/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/remoting/impl/netty/NettyAcceptorTest.java
+++
b/tests/unit-tests/src/test/java/org/apache/activemq/artemis/tests/unit/core/remoting/impl/netty/NettyAcceptorTest.java
@@ -144,4 +144,33 @@ public class NettyAcceptorTest extends ActiveMQTestBase {
Wait.assertEquals(61616, () ->
server.getRemotingService().getAcceptor(normal).getActualPort());
Wait.assertEquals(-1, () ->
server.getRemotingService().getAcceptor(invm).getActualPort());
}
+
+ @Test
+ public void testInvalidSSLConfig() {
+ Map<String, Object> params = new HashMap<>();
+ params.put(TransportConstants.SSL_ENABLED_PROP_NAME, "true");
+
+ try {
+ new NettyAcceptor("netty", null, params, null, null, null, null,
Map.of());
+ fail("This should have failed with an IllegalArgumentException");
+ } catch (IllegalArgumentException e) {
+ // expected
+ }
+ }
+
+ @Test
+ public void testValidSSLConfig1() {
+ Map<String, Object> params = new HashMap<>();
+ params.put(TransportConstants.SSL_ENABLED_PROP_NAME, "true");
+ params.put(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME,
RandomUtil.randomString());
+ new NettyAcceptor("netty", null, params, null, null, null, null,
Map.of());
+ }
+
+ @Test
+ public void testValidSSLConfig2() {
+ Map<String, Object> params = new HashMap<>();
+ params.put(TransportConstants.SSL_ENABLED_PROP_NAME, "true");
+ params.put(TransportConstants.SSL_CONTEXT_PROP_NAME,
RandomUtil.randomString());
+ new NettyAcceptor("netty", null, params, null, null, null, null,
Map.of());
+ }
}
