[jira] Updated: (HTTPCLIENT-641) Resource Leakage when loading keystore in AuthSSLProtocolSocketFactory

[JIRA]

     [ 
https://issues.apache.org/jira/browse/HTTPCLIENT-641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ortwin Glück updated HTTPCLIENT-641:
------------------------------------

    Attachment: patch.txt

Objections to include that in RC1?

> Resource Leakage when loading keystore in AuthSSLProtocolSocketFactory
> ----------------------------------------------------------------------
>
>                 Key: HTTPCLIENT-641
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-641
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: Contrib
>    Affects Versions: 3.0.1
>         Environment: All
>            Reporter: Hanson Char
>         Assigned To: Ortwin Glück
>             Fix For: 3.1 RC1
>
>         Attachments: patch.txt
>
>
> Opened stream not closed after keystore is loaded, resulting in resource 
> leakage:
> private static KeyStore createKeyStore(final URL url, final String password) 
>         throws KeyStoreException, NoSuchAlgorithmException, 
> CertificateException, IOException
>     {
>         if (url == null) {
>             throw new IllegalArgumentException("Keystore url may not be 
> null");
>         }
>         LOG.debug("Initializing key store");
>         KeyStore keystore  = KeyStore.getInstance("jks");
>         keystore.load(url.openStream(), password != null ? 
> password.toCharArray(): null);
>         return keystore;
>     }
> Should be changed to something like:
> private static KeyStore createKeyStore(final URL url, final String password) 
>         throws KeyStoreException, NoSuchAlgorithmException, 
> CertificateException, IOException
>     {
>         if (url == null) {
>             throw new IllegalArgumentException("Keystore url may not be 
> null");
>         }
>         LOG.debug("Initializing key store");
>         KeyStore keystore  = KeyStore.getInstance("jks");
>         InputStream is = ulr.openStream();
>         try {
>           keystore.load(is, password != null ? password.toCharArray(): null);
>         } finally {
>            is.close();
>         }
>         return keystore;
>     }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]