This is an automated email from the ASF dual-hosted git repository. kxiao pushed a commit to branch branch-2.0 in repository https://gitbox.apache.org/repos/asf/doris.git
commit 3010cd1a6a040d541fe0d44febd4b64827fd794b Author: Xiaocc <[email protected]> AuthorDate: Wed Jul 19 12:45:54 2023 +0800 [fix](fe) fd leak of ssl #19645 --- .../src/main/java/org/apache/doris/mysql/MysqlSslContext.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlSslContext.java b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlSslContext.java index cda57d6b4f..f4abdbc5cd 100644 --- a/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlSslContext.java +++ b/fe/fe-core/src/main/java/org/apache/doris/mysql/MysqlSslContext.java @@ -23,6 +23,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import java.io.IOException; +import java.io.InputStream; import java.nio.ByteBuffer; import java.nio.file.Files; import java.nio.file.Paths; @@ -72,8 +73,12 @@ public class MysqlSslContext { char[] serverPassword = serverCertificatePassword.toCharArray(); char[] caPassword = caCertificatePassword.toCharArray(); - ks.load(Files.newInputStream(Paths.get(keyStoreFile)), serverPassword); - ts.load(Files.newInputStream(Paths.get(trustStoreFile)), caPassword); + try (InputStream stream = Files.newInputStream(Paths.get(keyStoreFile))) { + ks.load(stream, serverPassword); + } + try (InputStream stream = Files.newInputStream(Paths.get(trustStoreFile))) { + ts.load(stream, caPassword); + } KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, serverPassword); --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
