Author: brandonwilliams Date: Mon Sep 26 17:14:10 2011 New Revision: 1175959
URL: http://svn.apache.org/viewvc?rev=1175959&view=rev Log: Fix FD leak when internode encryption is enabled. Patch by Vijay, reviewed by brandonwilliams for CASSANDRA-3257 Modified: cassandra/branches/cassandra-0.8/CHANGES.txt cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java Modified: cassandra/branches/cassandra-0.8/CHANGES.txt URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/CHANGES.txt?rev=1175959&r1=1175958&r2=1175959&view=diff ============================================================================== --- cassandra/branches/cassandra-0.8/CHANGES.txt (original) +++ cassandra/branches/cassandra-0.8/CHANGES.txt Mon Sep 26 17:14:10 2011 @@ -7,6 +7,7 @@ * File descriptor limit increased in packaging (CASSANDRA-3206) * Log a miningfull warning when a node receive a message for a repair session that don't exist anymore (CASSANDRA-3256) + * Fix FD leak when internode encryption is enabled (CASSANDRA-3257) 0.8.6 Modified: cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java URL: http://svn.apache.org/viewvc/cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java?rev=1175959&r1=1175958&r2=1175959&view=diff ============================================================================== --- cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java (original) +++ cassandra/branches/cassandra-0.8/src/java/org/apache/cassandra/security/SSLFactory.java Mon Sep 26 17:14:10 2011 @@ -76,6 +76,8 @@ public final class SSLFactory } private static SSLContext createSSLContext(EncryptionOptions options) throws IOException { + FileInputStream tsf = new FileInputStream(options.truststore); + FileInputStream ksf = new FileInputStream(options.keystore); SSLContext ctx; try { ctx = SSLContext.getInstance(PROTOCOL); @@ -84,18 +86,21 @@ public final class SSLFactory tmf = TrustManagerFactory.getInstance(ALGORITHM); KeyStore ts = KeyStore.getInstance(STORE_TYPE); - ts.load(new FileInputStream(options.truststore), options.truststore_password.toCharArray()); + ts.load(tsf, options.truststore_password.toCharArray()); tmf.init(ts); kmf = KeyManagerFactory.getInstance(ALGORITHM); KeyStore ks = KeyStore.getInstance(STORE_TYPE); - ks.load(new FileInputStream(options.keystore), options.keystore_password.toCharArray()); + ks.load(ksf, options.keystore_password.toCharArray()); kmf.init(ks, options.keystore_password.toCharArray()); ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); } catch (Exception e) { throw new IOException("Error creating the initializing the SSL Context", e); + } finally { + tsf.close(); + ksf.close(); } return ctx; }
