[jenkins-winstone] 01/02: Do not create a self signed certificate every time the HTTPS connector is started (fixes the Java 8 compatibility)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Wed Apr 16 12:05:06 UTC 2014
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to branch master
in repository jenkins-winstone.
commit ad0c6522bfaa6b00e02ca607ac7e0a807b1dbff3
Author: Emmanuel Bourg <ebourg at apache.org>
Date: Wed Apr 16 14:01:36 2014 +0200
Do not create a self signed certificate every time the HTTPS connector is started (fixes the Java 8 compatibility)
---
debian/changelog | 4 ++++
debian/patches/java8-compatibility.patch | 38 ++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 43 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index a5d40f5..b120ec7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,10 @@
jenkins-winstone (0.9.10-jenkins-47+dfsg-2) UNRELEASED; urgency=medium
* Team upload.
+ * Do not create a self signed certificate every time the HTTPS connector
+ is started without a proper certificate. This fixes the compatibility
+ with Java 8 since the sun.security.x509.CertAndKeyGen class has been
+ moved to the sun.security.tools.keytool package.
* Build depend on default-jdk instead of openjdk-7-jdk
* Use canonical URLs for the Vcs-* fields
* Standards-Version updated to 3.9.5 (no changes)
diff --git a/debian/patches/java8-compatibility.patch b/debian/patches/java8-compatibility.patch
new file mode 100644
index 0000000..0df9eec
--- /dev/null
+++ b/debian/patches/java8-compatibility.patch
@@ -0,0 +1,38 @@
+Description: Do not create a self signed certificate every time the HTTPS connector
+ is started without a proper certificate. This fixes the compatibility with Java 8
+ since the sun.security.x509.CertAndKeyGen class has been moved to the
+ sun.security.tools.keytool package.
+Author: Emmanuel Bourg <ebourg at apache.org>
+Forwarded: https://github.com/jenkinsci/winstone/pull/15
+--- a/src/java/winstone/ssl/HttpsListener.java
++++ b/src/java/winstone/ssl/HttpsListener.java
+@@ -29,7 +29,6 @@
+
+ import sun.security.util.DerInputStream;
+ import sun.security.util.DerValue;
+-import sun.security.x509.CertAndKeyGen;
+ import sun.security.x509.X500Name;
+ import winstone.HostGroup;
+ import winstone.HttpListener;
+@@ -109,20 +108,7 @@
+ keystore.load(null);
+ keystore.setKeyEntry("hudson", key, password, new Certificate[]{cert});
+ } else {
+- // use self-signed certificate
+- this.password = "changeit".toCharArray();
+- System.out.println("Using one-time self-signed certificate");
+-
+- CertAndKeyGen ckg = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
+- ckg.generate(1024);
+- PrivateKey privKey = ckg.getPrivateKey();
+-
+- X500Name xn = new X500Name("Test site", "Unknown", "Unknown", "Unknown");
+- X509Certificate cert = ckg.getSelfCertificate(xn, 3650L * 24 * 60 * 60);
+-
+- keystore = KeyStore.getInstance("JKS");
+- keystore.load(null);
+- keystore.setKeyEntry("hudson", privKey, password, new Certificate[]{cert});
++ throw new WinstoneException("SSL certificate not found, please specify a keystore or an OpenSSL certificate");
+ }
+ } catch (GeneralSecurityException e) {
+ throw (IOException)new IOException("Failed to handle keys").initCause(e);
diff --git a/debian/patches/series b/debian/patches/series
index e26083f..ab4d7f1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
specification-resources.patch
+java8-compatibility.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/jenkins-winstone.git
More information about the pkg-java-commits
mailing list