Cleanup https server creation in dispatch server

This commit is contained in:
Melledy 2022-04-26 20:27:49 -07:00
parent 931894aacf
commit 691324c9e7

View File

@ -203,56 +203,65 @@ public final class DispatchServer {
} }
return null; return null;
} }
private KeyManagerFactory createKeyManagerFactory(File keystore, String password) throws Exception {
char[] pass = password.toCharArray();
KeyManagerFactory kmf = null;
try (FileInputStream fis = new FileInputStream(keystore)) {
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(fis, pass);
kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, pass);
} catch (Exception e) {
throw e;
}
return kmf;
}
public void start() throws Exception { public void start() throws Exception {
if (Grasscutter.getConfig().getDispatchOptions().UseSSL) { if (Grasscutter.getConfig().getDispatchOptions().UseSSL) {
HttpsServer httpsServer = HttpsServer.create(getAddress(), 0); // Keystore
SSLContext sslContext = SSLContext.getInstance("TLS"); SSLContext sslContext = SSLContext.getInstance("TLS");
try (FileInputStream fis = new FileInputStream(Grasscutter.getConfig().getDispatchOptions().KeystorePath)) { KeyManagerFactory kmf = null;
char[] keystorePassword = Grasscutter.getConfig().getDispatchOptions().KeystorePassword.toCharArray(); File keystoreFile = new File(Grasscutter.getConfig().getDispatchOptions().KeystorePath);
KeyManagerFactory _kmf;
if (keystoreFile.exists()) {
try { try {
KeyStore ks = KeyStore.getInstance("PKCS12"); kmf = createKeyManagerFactory(keystoreFile, Grasscutter.getConfig().getDispatchOptions().KeystorePassword);
ks.load(fis, keystorePassword); } catch (Exception e) {
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509"); Grasscutter.getLogger().warn("[Dispatch] Unable to load keystore. Trying default keystore password...");
_kmf = kmf;
kmf.init(ks, keystorePassword);
} catch (Exception originalEx) {
try { try {
// try to initialize kmf with the default password kmf = createKeyManagerFactory(keystoreFile, "123456");
char[] defaultPassword = "123456".toCharArray();
Grasscutter.getLogger()
.warn("[Dispatch] Unable to load keystore. Trying default keystore password...");
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(fis, defaultPassword);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, defaultPassword);
_kmf = kmf;
Grasscutter.getLogger().warn( Grasscutter.getLogger().warn(
"[Dispatch] The default keystore password was loaded successfully. Please consider setting the password in config.json."); "[Dispatch] The default keystore password was loaded successfully. Please consider setting the password to 123456 in config.json.");
} catch (Exception ignored) { } catch (Exception e2) {
Grasscutter.getLogger().warn("[Dispatch] Error while loading keystore!"); Grasscutter.getLogger().warn("[Dispatch] Error while loading keystore!");
e2.printStackTrace();
// don't care about the exception for the "123456" default password attempt
originalEx.printStackTrace();
throw originalEx;
} }
} }
}
sslContext.init(_kmf.getKeyManagers(), null, null);
if (kmf == null) {
httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext));
server = httpsServer;
} catch (BindException ignored) {
Grasscutter.getLogger().error("Unable to bind to port: " + getAddress().getPort() + " (HTTPS)");
server = this.safelyCreateServer(this.getAddress());
} catch (Exception e) {
Grasscutter.getLogger().warn("[Dispatch] No SSL cert found! Falling back to HTTP server."); Grasscutter.getLogger().warn("[Dispatch] No SSL cert found! Falling back to HTTP server.");
Grasscutter.getConfig().getDispatchOptions().UseSSL = false; Grasscutter.getConfig().getDispatchOptions().UseSSL = false;
server = this.safelyCreateServer(this.getAddress()); server = this.safelyCreateServer(this.getAddress());
} }
HttpsServer httpsServer = null;
try {
httpsServer = HttpsServer.create(getAddress(), 0);
sslContext.init(kmf.getKeyManagers(), null, null);
httpsServer.setHttpsConfigurator(new HttpsConfigurator(sslContext));
server = httpsServer;
} catch (BindException e) {
Grasscutter.getLogger().error("Unable to bind to port: " + getAddress().getPort() + " (HTTPS)");
}
} else { } else {
server = this.safelyCreateServer(this.getAddress()); server = this.safelyCreateServer(this.getAddress());
} }