From: Brian P. Hinz <bphinz@users.sf.net>
Date: Sat, 10 Oct 2015 17:06:14 +0000 (-0400)
Subject: Cleanup exception handling for x509* auth types in java viewer
X-Git-Tag: v1.5.90~14^2~2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=63ee86708feda53eebcd19db97ed6c5da47cb2b5;p=tigervnc.git

Cleanup exception handling for x509* auth types in java viewer
---

diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
index a0166032..40c34bb1 100644
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -145,14 +145,9 @@ public class CSecurityTLS extends CSecurity {
       manager = new SSLEngineManager(engine, is, os);
       manager.doHandshake();
     } catch(java.lang.Exception e) {
-      if (e.getMessage().equals("X.509 certificate not trusted"))
-        throw new WarningException(e.getMessage());
-      else
-        throw new SystemException(e.toString());
+      throw new SystemException(e.toString());
     }
 
-    //checkSession();
-
     cc.setStreams(new TLSInStream(is, manager),
 		              new TLSOutStream(os, manager));
     return true;
@@ -205,13 +200,6 @@ public class CSecurityTLS extends CSecurity {
 
   }
 
-  class MyHandshakeListener implements HandshakeCompletedListener {
-   public void handshakeCompleted(HandshakeCompletedEvent e) {
-     vlog.info("Handshake succesful!");
-     vlog.info("Using cipher suite: " + e.getCipherSuite());
-   }
-  }
-
   class MyX509TrustManager implements X509TrustManager
   {
 
@@ -269,7 +257,7 @@ public class CSecurityTLS extends CSecurity {
         tmf.init(new CertPathTrustManagerParameters(params));
         tm = (X509TrustManager)tmf.getTrustManagers()[0];
       } catch (java.lang.Exception e) {
-        vlog.error(e.toString());
+        throw new Exception(e.getMessage());
       }
     }
 
@@ -287,7 +275,7 @@ public class CSecurityTLS extends CSecurity {
         md = MessageDigest.getInstance("SHA-1");
         verifyHostname(chain[0]);
         tm.checkServerTrusted(chain, authType);
-      } catch (CertificateException e) {
+      } catch (java.lang.Exception e) {
         if (e.getCause() instanceof CertPathBuilderException) {
           Object[] answer = {"YES", "NO"};
           X509Certificate cert = chain[0];
@@ -344,34 +332,23 @@ public class CSecurityTLS extends CSecurity {
                   fw.write(pem+"\n");
                   fw.write("-----END CERTIFICATE-----\n");
                 } catch (IOException ioe) {
-                  throw new Exception(ioe.getCause().getMessage());
+                  throw new Exception(ioe.getMessage());
                 } finally {
                   try {
                     if (fw != null)
                       fw.close();
                   } catch(IOException ioe2) {
-                    throw new Exception(ioe2.getCause().getMessage());
+                    throw new Exception(ioe2.getMessage());
                   }
                 }
               }
             }
           } else {
-            throw new SystemException(e.getCause().getMessage());
+            throw new WarningException("Peer certificate verification failed.");
           }
-        } else if (e instanceof MyCertificateParsingException) {
-          Object[] answer = {"YES", "NO"};
-          int ret = JOptionPane.showOptionDialog(null,
-            "Hostname verification failed. Do you want to continue?",
-            "Hostname Verification Failure",
-            JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE,
-            null, answer, answer[0]);
-          if (ret != JOptionPane.YES_OPTION)
-            throw new WarningException("Hostname verification failed.");
         } else {
-          throw new SystemException(e.getCause().getMessage());
+          throw new SystemException(e.getMessage());
         }
-      } catch (java.lang.Exception e) {
-        throw new SystemException(e.getCause().getMessage());
       }
     }
 
@@ -412,36 +389,21 @@ public class CSecurityTLS extends CSecurity {
             }
           }
         }
-        throw new MyCertificateParsingException();
+        Object[] answer = {"YES", "NO"};
+        int ret = JOptionPane.showOptionDialog(null,
+          "Hostname verification failed. Do you want to continue?",
+          "Hostname Verification Failure",
+          JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE,
+          null, answer, answer[0]);
+        if (ret != JOptionPane.YES_OPTION)
+          throw new WarningException("Hostname verification failed.");
       } catch (CertificateParsingException e) {
-        throw new MyCertificateParsingException(e.getCause());
+        throw new SystemException(e.getMessage());
       } catch (InvalidNameException e) {
-        throw new MyCertificateParsingException(e.getCause());
+        throw new SystemException(e.getMessage());
       }
     }
 
-    private class MyCertificateParsingException
-      extends CertificateParsingException
-    {
-
-      public MyCertificateParsingException() {
-        super();
-      }
-
-      public MyCertificateParsingException(String msg) {
-        super(msg);
-      }
-
-      public MyCertificateParsingException(String msg, Throwable cause) {
-        super(msg, cause);
-      }
-
-      public MyCertificateParsingException(Throwable cause) {
-        super(cause);
-      }
-
-    }
-
     private class MyFileInputStream extends InputStream {
       // Blank lines in a certificate file will cause Java 6 to throw a
       // "DerInputStream.getLength(): lengthTag=127, too big" exception.
@@ -503,11 +465,8 @@ public class CSecurityTLS extends CSecurity {
   public final String description()
     { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
 
-  //protected void checkSession();
   protected CConnection client;
 
-
-
   private SSLContext ctx;
   private SSLSession session;
   private SSLEngine engine;