diff options
author | Brian P. Hinz <bphinz@users.sf.net> | 2015-10-11 12:19:23 -0400 |
---|---|---|
committer | Brian P. Hinz <bphinz@users.sf.net> | 2015-10-11 12:19:23 -0400 |
commit | fdb669952da1ca60a88291632de7834b8f7ed8dc (patch) | |
tree | 43e76e9f7462bac597d126ff983d6d5ade461e39 /java | |
parent | 63ee86708feda53eebcd19db97ed6c5da47cb2b5 (diff) | |
download | tigervnc-fdb669952da1ca60a88291632de7834b8f7ed8dc.tar.gz tigervnc-fdb669952da1ca60a88291632de7834b8f7ed8dc.zip |
More cleanup of x509 exception handling in java viewer
Also removed some unnecessary functions & variables in CSecurityTLS
Diffstat (limited to 'java')
-rw-r--r-- | java/com/tigervnc/rfb/CSecurityTLS.java | 47 |
1 files changed, 20 insertions, 27 deletions
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java index 40c34bb1..a8f6df35 100644 --- a/java/com/tigervnc/rfb/CSecurityTLS.java +++ b/java/com/tigervnc/rfb/CSecurityTLS.java @@ -33,6 +33,7 @@ import java.security.cert.*; import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.FileReader; import java.io.FileWriter; import java.io.InputStream; @@ -66,23 +67,17 @@ public class CSecurityTLS extends CSecurity { private void initGlobal() { - boolean globalInitDone = false; - - if (!globalInitDone) { - try { - ctx = SSLContext.getInstance("TLS"); - } catch(NoSuchAlgorithmException e) { - throw new Exception(e.toString()); - } - - globalInitDone = true; + try { + ctx = SSLContext.getInstance("TLS"); + } catch(NoSuchAlgorithmException e) { + throw new Exception(e.toString()); } } public CSecurityTLS(boolean _anon) { anon = _anon; - session = null; + manager = null; setDefaults(); cafile = x509ca.getData(); @@ -122,7 +117,7 @@ public class CSecurityTLS extends CSecurity { initGlobal(); - if (session == null) { + if (manager == null) { if (!is.checkNoWait(1)) return false; @@ -138,7 +133,6 @@ public class CSecurityTLS extends CSecurity { } setParam(); - } try { @@ -300,19 +294,19 @@ public class CSecurityTLS extends CSecurity { JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE, null, answer, answer[0]); if (ret == JOptionPane.YES_OPTION) { - File vncDir = new File(FileUtils.getVncHomeDir()); - if (!vncDir.exists() && !vncDir.mkdir()) { - vlog.info("Certificate save failed, unable to create ~/.vnc"); - return; - } Collection<? extends X509Certificate> cacerts = null; - String castore = - FileUtils.getVncHomeDir()+"x509_savedcerts.pem"; - File caFile = new File(castore); + File vncDir = new File(FileUtils.getVncHomeDir()); + File caFile = new File(vncDir, "x509_savedcerts.pem"); try { - caFile.createNewFile(); - } catch (IOException ioe) { - vlog.error(ioe.getCause().getMessage()); + if (!vncDir.exists()) + vncDir.mkdir(); + if (!caFile.createNewFile()) { + vlog.error("Certificate save failed."); + return; + } + } catch (java.lang.Exception ioe) { + // skip save if security settings prohibit access to filesystem + vlog.error("Certificate save failed: "+ioe.getMessage()); return; } InputStream caStream = new MyFileInputStream(caFile); @@ -327,7 +321,7 @@ public class CSecurityTLS extends CSecurity { pem = pem.replaceAll("(.{64})", "$1\n"); FileWriter fw = null; try { - fw = new FileWriter(castore, true); + fw = new FileWriter(caFile.getAbsolutePath(), true); fw.write("-----BEGIN CERTIFICATE-----\n"); fw.write(pem+"\n"); fw.write("-----END CERTIFICATE-----\n"); @@ -430,7 +424,7 @@ public class CSecurityTLS extends CSecurity { if (reader != null) reader.close(); } catch(IOException ioe) { - throw new Exception(ioe.getCause().getMessage()); + throw new Exception(ioe.getMessage()); } } Charset utf8 = Charset.forName("UTF-8"); @@ -468,7 +462,6 @@ public class CSecurityTLS extends CSecurity { protected CConnection client; private SSLContext ctx; - private SSLSession session; private SSLEngine engine; private SSLEngineManager manager; private boolean anon; |