aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-scanner-engine/src/main/java/org/sonar
diff options
context:
space:
mode:
authorJulien HENRY <julien.henry@sonarsource.com>2024-09-27 16:27:04 +0200
committersonartech <sonartech@sonarsource.com>2024-09-27 20:02:48 +0000
commit93ca857eaa612624a932a87b50f610f7f7954138 (patch)
tree4c48699a1cbb45b0d9f0e93ef9efb0f5a471998b /sonar-scanner-engine/src/main/java/org/sonar
parent1fb4fa71017a200b11e5234db82885eb88b72499 (diff)
downloadsonarqube-93ca857eaa612624a932a87b50f610f7f7954138.tar.gz
sonarqube-93ca857eaa612624a932a87b50f610f7f7954138.zip
SONAR-23013 Improve coverage
Diffstat (limited to 'sonar-scanner-engine/src/main/java/org/sonar')
-rw-r--r--sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java28
1 files changed, 21 insertions, 7 deletions
diff --git a/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java b/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java
index 09265c58ce7..67e224f8845 100644
--- a/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java
+++ b/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java
@@ -19,6 +19,7 @@
*/
package org.sonar.scanner.http;
+import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Proxy;
@@ -26,11 +27,16 @@ import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
import java.time.Duration;
import java.time.format.DateTimeParseException;
import nl.altindag.ssl.SSLFactory;
import nl.altindag.ssl.exception.GenericKeyStoreException;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.sonar.api.CoreProperties;
import org.sonar.api.notifications.AnalysisWarnings;
import org.sonar.api.utils.System2;
@@ -52,6 +58,9 @@ import static org.sonar.core.config.ProxyProperties.HTTP_PROXY_PASSWORD;
import static org.sonar.core.config.ProxyProperties.HTTP_PROXY_USER;
public class ScannerWsClientProvider {
+
+ private static final Logger LOG = LoggerFactory.getLogger(ScannerWsClientProvider.class);
+
static final int DEFAULT_CONNECT_TIMEOUT = 5;
static final int DEFAULT_RESPONSE_TIMEOUT = 0;
static final String READ_TIMEOUT_SEC_PROPERTY = "sonar.ws.timeout";
@@ -149,22 +158,27 @@ public class ScannerWsClientProvider {
}
var trustStoreConfig = sslConfig.getTrustStore();
if (trustStoreConfig != null && Files.exists(trustStoreConfig.getPath())) {
- KeyStore trustStore = loadKeyStore(
- trustStoreConfig.getPath(),
- trustStoreConfig.getKeyStorePassword().toCharArray(),
- trustStoreConfig.getKeyStoreType());
+ KeyStore trustStore;
+ try {
+ trustStore = loadKeyStoreWithBouncyCastle(
+ trustStoreConfig.getPath(),
+ trustStoreConfig.getKeyStorePassword().toCharArray(),
+ trustStoreConfig.getKeyStoreType());
+ LOG.debug("Loaded truststore from '{}' containing {} certificates", trustStoreConfig.getPath(), trustStore.size());
+ } catch (KeyStoreException | IOException | CertificateException | NoSuchAlgorithmException e) {
+ throw new GenericKeyStoreException("Unable to read truststore from '" + trustStoreConfig.getPath() + "'", e);
+ }
sslFactoryBuilder.withTrustMaterial(trustStore);
}
return sslFactoryBuilder.build();
}
- public static KeyStore loadKeyStore(Path keystorePath, char[] keystorePassword, String keystoreType) {
+ static KeyStore loadKeyStoreWithBouncyCastle(Path keystorePath, char[] keystorePassword, String keystoreType) throws IOException,
+ KeyStoreException, CertificateException, NoSuchAlgorithmException {
try (InputStream keystoreInputStream = Files.newInputStream(keystorePath, StandardOpenOption.READ)) {
KeyStore keystore = KeyStore.getInstance(keystoreType, new BouncyCastleProvider());
keystore.load(keystoreInputStream, keystorePassword);
return keystore;
- } catch (Exception e) {
- throw new GenericKeyStoreException(e);
}
}