Commit 9afa3292 authored by Melledy's avatar Melledy
Browse files

Cleanup https server creation in dispatch server

parent cdb08195
...@@ -204,54 +204,63 @@ public final class DispatchServer { ...@@ -204,54 +204,63 @@ public final class DispatchServer {
return null; return null;
} }
private KeyManagerFactory createKeyManagerFactory(File keystore, String password) throws Exception {
char[] pass = password.toCharArray();
KeyManagerFactory kmf = null;
try (FileInputStream fis = new FileInputStream(keystore)) {
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(fis, pass);
kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, pass);
} catch (Exception e) {
throw e;
}
return kmf;
}
public void start() throws Exception { public void start() throws Exception {
if (Grasscutter.getConfig().getDispatchOptions().UseSSL) { if (Grasscutter.getConfig().getDispatchOptions().UseSSL) {
HttpsServer httpsServer = HttpsServer.create(getAddress(), 0); // Keystore
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
try (FileInputStream fis = new FileInputStream(Grasscutter.getConfig().getDispatchOptions().KeystorePath)) { KeyManagerFactory kmf = null;
char[] keystorePassword = Grasscutter.getConfig().getDispatchOptions().KeystorePassword.toCharArray(); File keystoreFile = new File(Grasscutter.getConfig().getDispatchOptions().KeystorePath);
KeyManagerFactory _kmf;
try {
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(fis, keystorePassword);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
_kmf = kmf;
kmf.init(ks, keystorePassword);
} catch (Exception originalEx) {
try {
// try to initialize kmf with the default password
char[] defaultPassword = "123456".toCharArray();
Grasscutter.getLogger() if (keystoreFile.exists()) {
.warn("[Dispatch] Unable to load keystore. Trying default keystore password..."); try {
KeyStore ks = KeyStore.getInstance("PKCS12"); kmf = createKeyManagerFactory(keystoreFile, Grasscutter.getConfig().getDispatchOptions().KeystorePassword);
ks.load(fis, defaultPassword); } catch (Exception e) {
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); Grasscutter.getLogger().warn("[Dispatch] Unable to load keystore. Trying default keystore password...");
kmf.init(ks, defaultPassword);
_kmf = kmf;
try {
kmf = createKeyManagerFactory(keystoreFile, "123456");
Grasscutter.getLogger().warn( Grasscutter.getLogger().warn(
"[Dispatch] The default keystore password was loaded successfully. Please consider setting the password in config.json."); "[Dispatch] The default keystore password was loaded successfully. Please consider setting the password to 123456 in config.json.");
} catch (Exception ignored) { } catch (Exception e2) {
Grasscutter.getLogger().warn("[Dispatch] Error while loading keystore!"); Grasscutter.getLogger().warn("[Dispatch] Error while loading keystore!");
e2.printStackTrace();
// don't care about the exception for the "123456" default password attempt }
originalEx.printStackTrace();
throw originalEx;
} }
} }
sslContext.init(_kmf.getKeyManagers(), null, null); if (kmf == null) {
Grasscutter.getLogger().warn("[Dispatch] No SSL cert found! Falling back to HTTP server.");
Grasscutter.getConfig().getDispatchOptions().UseSSL = false;
server = this.safelyCreateServer(this.getAddress());
}
HttpsServer httpsServer = null;
try {
httpsServer = HttpsServer.create(getAddress(), 0);
sslContext.init(kmf.getKeyManagers(), null, null);
httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext)); httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext));
server = httpsServer; server = httpsServer;
} catch (BindException ignored) { } catch (BindException e) {
Grasscutter.getLogger().error("Unable to bind to port: " + getAddress().getPort() + " (HTTPS)"); Grasscutter.getLogger().error("Unable to bind to port: " + getAddress().getPort() + " (HTTPS)");
server = this.safelyCreateServer(this.getAddress());
} catch (Exception e) {
Grasscutter.getLogger().warn("[Dispatch] No SSL cert found! Falling back to HTTP server.");
Grasscutter.getConfig().getDispatchOptions().UseSSL = false;
server = this.safelyCreateServer(this.getAddress());
} }
} else { } else {
server = this.safelyCreateServer(this.getAddress()); server = this.safelyCreateServer(this.getAddress());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment