woggioni/rbcs
1
0
Fork 0
Code Actions Packages Releases 4 Wiki Activity

fixed bug in the server configuration parser
All checks were successful
CI / build (push) Successful in 2m50s
Details

Browse Source 
added Jacoco test report
This commit is contained in:
Walter Oggioni
2025-01-20 20:23:09 +08:00
parent 1a78c8092b
commit fc9900d821
4 changed files with 32 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
build.gradle
View File

@@ -66,6 +66,15 @@ allprojects { subproject ->
} }
} }
pluginManager.withPlugin('jacoco') {
test {
finalizedBy jacocoTestReport
}
jacocoTestReport {
dependsOn test
}
}
pluginManager.withPlugin(catalog.plugins.kotlin.jvm.get().pluginId) { pluginManager.withPlugin(catalog.plugins.kotlin.jvm.get().pluginId) {
tasks.withType(KotlinCompile.class) { tasks.withType(KotlinCompile.class) {
compilerOptions.jvmTarget = JvmTarget.JVM_21 compilerOptions.jvmTarget = JvmTarget.JVM_21

1
gbcs-server/build.gradle
View File

@@ -1,6 +1,7 @@
plugins { plugins {
id 'java-library' id 'java-library'
alias catalog.plugins.kotlin.jvm alias catalog.plugins.kotlin.jvm
id 'jacoco'
id 'maven-publish' id 'maven-publish'
} }

25
gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/auth/ClientCertificateValidator.kt
View File

@@ -19,8 +19,9 @@ import javax.net.ssl.X509TrustManager
class ClientCertificateValidator private constructor( class ClientCertificateValidator private constructor(
private val sslHandler : SslHandler, private val sslHandler: SslHandler,
private val x509TrustManager: X509TrustManager) : ChannelInboundHandlerAdapter() { private val x509TrustManager: X509TrustManager
) : ChannelInboundHandlerAdapter() {
override fun userEventTriggered(ctx: ChannelHandlerContext, evt: Any) { override fun userEventTriggered(ctx: ChannelHandlerContext, evt: Any) {
if (evt is SslHandshakeCompletionEvent) { if (evt is SslHandshakeCompletionEvent) {
if (evt.isSuccess) { if (evt.isSuccess) {
@@ -36,13 +37,14 @@ class ClientCertificateValidator private constructor(
} }
companion object { companion object {
fun getTrustManager(trustStore : KeyStore?, certificateRevocationEnabled : Boolean) : X509TrustManager { fun getTrustManager(trustStore: KeyStore?, certificateRevocationEnabled: Boolean): X509TrustManager {
return if(trustStore != null) { return if (trustStore != null) {
val certificateFactory = CertificateFactory.getInstance("X.509") val certificateFactory = CertificateFactory.getInstance("X.509")
val validator = CertPathValidator.getInstance("PKIX").apply { val validator = CertPathValidator.getInstance("PKIX").apply {
val rc = revocationChecker as PKIXRevocationChecker val rc = revocationChecker as PKIXRevocationChecker
rc.options = EnumSet.of( rc.options = EnumSet.of(
PKIXRevocationChecker.Option.NO_FALLBACK) PKIXRevocationChecker.Option.NO_FALLBACK
)
} }
val params = PKIXParameters(trustStore).apply { val params = PKIXParameters(trustStore).apply {
isRevocationEnabled = certificateRevocationEnabled isRevocationEnabled = certificateRevocationEnabled
@@ -52,7 +54,7 @@ class ClientCertificateValidator private constructor(
val clientCertificateChain = certificateFactory.generateCertPath(chain.toList()) val clientCertificateChain = certificateFactory.generateCertPath(chain.toList())
try { try {
validator.validate(clientCertificateChain, params) validator.validate(clientCertificateChain, params)
} catch (ex : CertPathValidatorException) { } catch (ex: CertPathValidatorException) {
throw CertificateException(ex) throw CertificateException(ex)
} }
} }
@@ -62,7 +64,7 @@ class ClientCertificateValidator private constructor(
} }
private val acceptedIssuers = trustStore.aliases().asSequence() private val acceptedIssuers = trustStore.aliases().asSequence()
.filter (trustStore::isCertificateEntry) .filter(trustStore::isCertificateEntry)
.map(trustStore::getCertificate) .map(trustStore::getCertificate)
.map { it as X509Certificate } .map { it as X509Certificate }
.toList() .toList()
@@ -72,11 +74,16 @@ class ClientCertificateValidator private constructor(
} }
} else { } else {
val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()) val trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm())
trustManagerFactory.trustManagers.asSequence().filter { it is X509TrustManager }.single() as X509TrustManager trustManagerFactory.trustManagers.asSequence().filter { it is X509TrustManager }
.single() as X509TrustManager
} }
} }
fun of(sslHandler : SslHandler, trustStore : KeyStore?, certificateRevocationEnabled : Boolean) : ClientCertificateValidator { fun of(
sslHandler: SslHandler,
trustStore: KeyStore?,
certificateRevocationEnabled: Boolean
): ClientCertificateValidator {
return ClientCertificateValidator(sslHandler, getTrustManager(trustStore, certificateRevocationEnabled)) return ClientCertificateValidator(sslHandler, getTrustManager(trustStore, certificateRevocationEnabled))
} }
} }

8
gbcs-server/src/main/kotlin/net/woggioni/gbcs/server/configuration/Parser.kt
View File

@@ -200,8 +200,12 @@ object Parser {
}.toSet() }.toSet()
private fun parseUserRefs(root: Element) = root.asIterable().asSequence().map { private fun parseUserRefs(root: Element) = root.asIterable().asSequence().map {
it.renderAttribute("ref") when(it.localName) {
}.toSet() "user" -> it.renderAttribute("ref")
"anonymous" -> ""
else -> ConfigurationException("Unrecognized tag '${it.localName}'")
}
}
private fun parseUsers(root: Element): Sequence<User> { private fun parseUsers(root: Element): Sequence<User> {
return root.asIterable().asSequence().filter { return root.asIterable().asSequence().filter {