jai1 closed pull request #1851: Fixing resource leak due to open file 
descriptors in SecurityUtility.…
URL: https://github.com/apache/incubator-pulsar/pull/1851
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git 
a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
 
b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
index e9106f64ce..7121149181 100644
--- 
a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
+++ 
b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
@@ -58,7 +58,7 @@ public static SSLContext createSslContext(boolean 
allowInsecureConnection, Certi
     }
 
     public static SslContext createNettySslContextForClient(boolean 
allowInsecureConnection, String trustCertsFilePath)
-            throws GeneralSecurityException, SSLException, 
FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, 
FileNotFoundException {
         return createNettySslContextForClient(allowInsecureConnection, 
trustCertsFilePath, (Certificate[]) null,
                 (PrivateKey) null);
     }
@@ -73,7 +73,7 @@ public static SSLContext createSslContext(boolean 
allowInsecureConnection, Strin
 
     public static SslContext createNettySslContextForClient(boolean 
allowInsecureConnection, String trustCertsFilePath,
             String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, 
FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, 
FileNotFoundException {
         X509Certificate[] certificates = 
loadCertificatesFromPemFile(certFilePath);
         PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);
         return createNettySslContextForClient(allowInsecureConnection, 
trustCertsFilePath, certificates, privateKey);
@@ -81,13 +81,15 @@ public static SslContext 
createNettySslContextForClient(boolean allowInsecureCon
 
     public static SslContext createNettySslContextForClient(boolean 
allowInsecureConnection, String trustCertsFilePath,
             Certificate[] certificates, PrivateKey privateKey)
-            throws GeneralSecurityException, SSLException, 
FileNotFoundException {
+            throws GeneralSecurityException, IOException, 
FileNotFoundException {
         SslContextBuilder builder = SslContextBuilder.forClient();
         if (allowInsecureConnection) {
             builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
         } else {
             if (trustCertsFilePath != null && trustCertsFilePath.length() != 
0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new 
FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
             }
         }
         builder.keyManager(privateKey, (X509Certificate[]) certificates);
@@ -96,7 +98,7 @@ public static SslContext 
createNettySslContextForClient(boolean allowInsecureCon
 
     public static SslContext createNettySslContextForServer(boolean 
allowInsecureConnection, String trustCertsFilePath,
             String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, 
FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, 
FileNotFoundException {
         X509Certificate[] certificates = 
loadCertificatesFromPemFile(certFilePath);
         PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);
 
@@ -105,7 +107,9 @@ public static SslContext 
createNettySslContextForServer(boolean allowInsecureCon
             builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
         } else {
             if (trustCertsFilePath != null && trustCertsFilePath.length() != 
0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new 
FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
             } else {
                 builder.trustManager((File) null);
             }


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to