Skip to content

Commit c3818db

Browse files
KyleAureKyleAure
authored
Merge pull request #31233 from KyleAure/bb304218-ssl-keystore-timeout
2 parents 148ded9 + 6438e3c commit c3818db

File tree

10 files changed

+726
-158
lines changed

10 files changed

+726
-158
lines changed

dev/com.ibm.ws.cloudant_fat/fat/src/com/ibm/ws/cloudant/fat/CloudantTest.java

+9-2
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@
2424
import componenttest.annotation.AllowedFFDC;
2525
import componenttest.annotation.ExpectedFFDC;
2626
import componenttest.annotation.Server;
27+
import componenttest.containers.KeystoreBuilder;
28+
import componenttest.containers.KeystoreBuilder.STORE_TYPE;
2729
import componenttest.custom.junit.runner.FATRunner;
2830
import componenttest.topology.impl.LibertyServer;
2931
import componenttest.topology.utils.FATServletClient;
@@ -56,8 +58,13 @@ public static void setUp() throws Exception {
5658

5759
cloudant.createDb(DB_NAME);
5860

59-
cloudant.copyFileFromContainer("/etc/couchdb/cert/server.crt", server.getServerRoot() + "/security/server.crt");
60-
FATSuite.createKeystore(server.getServerRoot() + "/security/keystore.jks", server.getServerRoot() + "/security/server.crt");
61+
KeystoreBuilder.of(server, cloudant)
62+
.withCertificate("server", "/etc/couchdb/cert/server.crt")
63+
.withDirectory(server.getServerRoot() + "/security")
64+
.withFilename("keystore")
65+
.withStoreType(STORE_TYPE.JKS)
66+
.withPassword("liberty")
67+
.export();
6168

6269
ShrinkHelper.defaultApp(server, JEE_APP, "cloudant.web");
6370
server.startServer();

dev/com.ibm.ws.cloudant_fat/fat/src/com/ibm/ws/cloudant/fat/CloudantTestOutboundSSL.java

+9-2
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,8 @@
2727
import com.ibm.websphere.simplicity.config.ServerConfiguration;
2828

2929
import componenttest.annotation.Server;
30+
import componenttest.containers.KeystoreBuilder;
31+
import componenttest.containers.KeystoreBuilder.STORE_TYPE;
3032
import componenttest.custom.junit.runner.FATRunner;
3133
import componenttest.custom.junit.runner.Mode;
3234
import componenttest.custom.junit.runner.Mode.TestMode;
@@ -57,8 +59,13 @@ public static void setUp() throws Exception {
5759

5860
cloudant.createDb(DB_NAME);
5961

60-
cloudant.copyFileFromContainer("/etc/couchdb/cert/server.crt", server.getServerRoot() + "/security/server.crt");
61-
FATSuite.createKeystore(server.getServerRoot() + "/security/keystore.jks", server.getServerRoot() + "/security/server.crt");
62+
KeystoreBuilder.of(server, cloudant)
63+
.withCertificate("server", "/etc/couchdb/cert/server.crt")
64+
.withDirectory(server.getServerRoot() + "/security")
65+
.withFilename("keystore")
66+
.withStoreType(STORE_TYPE.JKS)
67+
.withPassword("liberty")
68+
.export();
6269

6370
// Create a normal Java EE application and export to server
6471
ShrinkHelper.defaultApp(server, JEE_APP, "cloudant.web");

dev/com.ibm.ws.cloudant_fat/fat/src/com/ibm/ws/cloudant/fat/FATSuite.java

-54
Original file line numberDiff line numberDiff line change
@@ -12,23 +12,15 @@
1212
*******************************************************************************/
1313
package com.ibm.ws.cloudant.fat;
1414

15-
import java.io.IOException;
16-
import java.io.InputStream;
17-
import java.util.Scanner;
18-
import java.util.concurrent.TimeUnit;
19-
2015
import org.junit.ClassRule;
2116
import org.junit.runner.RunWith;
2217
import org.junit.runners.Suite;
2318
import org.junit.runners.Suite.SuiteClasses;
2419
import org.testcontainers.utility.DockerImageName;
2520

26-
import com.ibm.websphere.simplicity.log.Log;
27-
2821
import componenttest.containers.ImageBuilder;
2922
import componenttest.containers.SimpleLogConsumer;
3023
import componenttest.containers.TestContainerSuite;
31-
import componenttest.custom.junit.runner.FATRunner;
3224

3325
@RunWith(Suite.class)
3426
@SuiteClasses({
@@ -46,50 +38,4 @@ public class FATSuite extends TestContainerSuite {
4638
@ClassRule
4739
public static CouchDBContainer cloudant = new CouchDBContainer(COUCHDB_SSL)
4840
.withLogConsumer(new SimpleLogConsumer(FATSuite.class, "couchdb-ssl"));
49-
50-
protected static void createKeystore(String destination, String serverCert) {
51-
final String m = "createKeystore";
52-
53-
String[] command = new String[] {
54-
"keytool", "-import", //
55-
"-alias", "testcontainers", //
56-
"-file", serverCert, //
57-
"-keystore", destination, //
58-
"-storetype", "jks", //
59-
"-storepass", "liberty", //
60-
"-noprompt"
61-
};
62-
63-
String errorPrelude = "Could not create client keystore: " + destination;
64-
try {
65-
Process p = Runtime.getRuntime().exec(command);
66-
if (!p.waitFor(FATRunner.FAT_TEST_LOCALRUN ? 10 : 20, TimeUnit.SECONDS)) {
67-
p.destroyForcibly();
68-
dumpOutput(m, "Keytool process timed out", p);
69-
throw new RuntimeException(errorPrelude + " timed out waiting for process to finish.");
70-
}
71-
if (p.exitValue() != 0) {
72-
dumpOutput(m, "Non 0 exit code from keytool", p);
73-
throw new RuntimeException(errorPrelude + " see logs for details");
74-
}
75-
dumpOutput(m, "Keytool command completed successfully", p);
76-
} catch (InterruptedException | IOException e) {
77-
throw new RuntimeException(errorPrelude, e);
78-
}
79-
}
80-
81-
private static void dumpOutput(String method, String message, Process p) {
82-
String out = "stdOut:" + System.lineSeparator() + readInputStream(p.getInputStream());
83-
String err = "stdErr:" + System.lineSeparator() + readInputStream(p.getErrorStream());
84-
Log.info(c, method, message + //
85-
System.lineSeparator() + out + //
86-
System.lineSeparator() + err);
87-
}
88-
89-
private static String readInputStream(InputStream is) {
90-
@SuppressWarnings("resource")
91-
Scanner s = new Scanner(is).useDelimiter("\\A");
92-
return s.hasNext() ? s.next() : "";
93-
}
94-
9541
}

dev/com.ibm.ws.jdbc_fat_postgresql/fat/src/com/ibm/ws/jdbc/fat/postgresql/PostgreSQLSSLTest.java

+9-52
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,9 @@
1212
*******************************************************************************/
1313
package com.ibm.ws.jdbc.fat.postgresql;
1414

15-
import java.io.IOException;
16-
import java.io.InputStream;
1715
import java.sql.Connection;
1816
import java.sql.Statement;
1917
import java.util.Arrays;
20-
import java.util.Scanner;
21-
import java.util.concurrent.TimeUnit;
2218

2319
import org.junit.AfterClass;
2420
import org.junit.BeforeClass;
@@ -31,6 +27,8 @@
3127
import componenttest.annotation.Server;
3228
import componenttest.annotation.TestServlet;
3329
import componenttest.containers.ImageBuilder;
30+
import componenttest.containers.KeystoreBuilder;
31+
import componenttest.containers.KeystoreBuilder.STORE_TYPE;
3432
import componenttest.containers.SimpleLogConsumer;
3533
import componenttest.custom.junit.runner.FATRunner;
3634
import componenttest.custom.junit.runner.Mode;
@@ -108,9 +106,13 @@ public static void setUp() throws Exception {
108106
}
109107

110108
postgre.copyFileFromContainer("/tmp/clientKeystore.p12", serverLibertySSL.getServerRoot() + "/resources/security/outboundKeys.p12");
111-
postgre.copyFileFromContainer("/var/lib/postgresql/server.crt", serverLibertySSL.getServerRoot() + "/resources/security/server.crt");
112-
importServerCert(serverLibertySSL.getServerRoot() + "/resources/security/outboundKeys.p12",
113-
serverLibertySSL.getServerRoot() + "/resources/security/server.crt");
109+
KeystoreBuilder.of(serverLibertySSL, postgre)
110+
.withCertificate("server", "/var/lib/postgresql/server.crt")
111+
.withDirectory(serverLibertySSL.getServerRoot() + "/resources/security/")
112+
.withFilename("outboundKeys")
113+
.withStoreType(STORE_TYPE.PKCS12)
114+
.withPassword("liberty")
115+
.export();
114116

115117
postgre.copyFileFromContainer("/tmp/clientKeystore.p12", serverNativeSSL.getServerRoot() + "/resources/security/outboundKeys.p12");
116118
postgre.copyFileFromContainer("/var/lib/postgresql/server.crt", serverNativeSSL.getServerRoot() + "/resources/security/server.crt");
@@ -120,51 +122,6 @@ public static void setUp() throws Exception {
120122
serverNativeSSL.startServer();
121123
}
122124

123-
private static void importServerCert(String source, String serverCert) {
124-
final String m = "importServerCert";
125-
126-
String[] command = new String[] {
127-
"keytool", "-import", //
128-
"-alias", "server", //
129-
"-file", serverCert, //
130-
"-keystore", source, //
131-
"-storetype", "pkcs12", //
132-
"-storepass", "liberty", //
133-
"-noprompt"
134-
};
135-
136-
String errorPrelude = "Could not import server certificate into client keystore: " + source;
137-
try {
138-
Process p = Runtime.getRuntime().exec(command);
139-
if (!p.waitFor(FATRunner.FAT_TEST_LOCALRUN ? 10 : 20, TimeUnit.SECONDS)) {
140-
p.destroyForcibly();
141-
dumpOutput(m, "Keytool process timed out", p);
142-
throw new RuntimeException(errorPrelude + " timed out waiting for process to finish.");
143-
}
144-
if (p.exitValue() != 0) {
145-
dumpOutput(m, "Non 0 exit code from keytool", p);
146-
throw new RuntimeException(errorPrelude + " see logs for details");
147-
}
148-
dumpOutput(m, "Keytool command completed successfully", p);
149-
} catch (InterruptedException | IOException e) {
150-
throw new RuntimeException(errorPrelude, e);
151-
}
152-
}
153-
154-
private static void dumpOutput(String method, String message, Process p) {
155-
String out = "stdOut:" + System.lineSeparator() + readInputStream(p.getInputStream());
156-
String err = "stdErr:" + System.lineSeparator() + readInputStream(p.getErrorStream());
157-
Log.info(c, method, message + //
158-
System.lineSeparator() + out + //
159-
System.lineSeparator() + err);
160-
}
161-
162-
private static String readInputStream(InputStream is) {
163-
@SuppressWarnings("resource")
164-
Scanner s = new Scanner(is).useDelimiter("\\A");
165-
return s.hasNext() ? s.next() : "";
166-
}
167-
168125
@AfterClass
169126
public static void tearDown() throws Exception {
170127
try {

dev/com.ibm.ws.transaction.db_fat/fat/src/com/ibm/ws/transaction/test/SSLRecoveryTest.java

+9-3
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,8 @@
3737

3838
import componenttest.annotation.AllowedFFDC;
3939
import componenttest.annotation.Server;
40+
import componenttest.containers.KeystoreBuilder;
41+
import componenttest.containers.KeystoreBuilder.STORE_TYPE;
4042
import componenttest.containers.SimpleLogConsumer;
4143
import componenttest.custom.junit.runner.FATRunner;
4244
import componenttest.topology.database.container.PostgreSQLContainer;
@@ -67,9 +69,13 @@ public static void beforeClass() throws Exception {
6769
.start();
6870

6971
testContainer.copyFileFromContainer("/tmp/clientKeystore.p12", serverLibertySSL.getServerRoot() + "/resources/security/outboundKeys.p12");
70-
testContainer.copyFileFromContainer("/var/lib/postgresql/server.crt", serverLibertySSL.getServerRoot() + "/resources/security/server.crt");
71-
TxTestContainerSuite.importServerCert(serverLibertySSL.getServerRoot() + "/resources/security/outboundKeys.p12",
72-
serverLibertySSL.getServerRoot() + "/resources/security/server.crt");
72+
KeystoreBuilder.of(serverLibertySSL, testContainer)
73+
.withCertificate("server", "/var/lib/postgresql/server.crt")
74+
.withDirectory(serverLibertySSL.getServerRoot() + "/resources/security/")
75+
.withFilename("outboundKeys")
76+
.withStoreType(STORE_TYPE.PKCS12)
77+
.withPassword("liberty")
78+
.export();
7379

7480
setUp();
7581

dev/com.ibm.ws.transaction.fat.util/src/com/ibm/ws/transaction/fat/util/TxTestContainerSuite.java

-45
Original file line numberDiff line numberDiff line change
@@ -138,51 +138,6 @@ private static void dropTable(Statement stmt, String table) {
138138
Log.error(TxTestContainerSuite.class, "dropTables", e);
139139
}
140140
}
141-
142-
public static void importServerCert(String source, String serverCert) {
143-
final String m = "importServerCert";
144-
145-
String[] command = new String[] {
146-
"keytool", "-import", //
147-
"-alias", "server", //
148-
"-file", serverCert, //
149-
"-keystore", source, //
150-
"-storetype", "pkcs12", //
151-
"-storepass", "liberty", //
152-
"-noprompt"
153-
};
154-
155-
String errorPrelude = "Could not import server certificate into client keystore: " + source;
156-
try {
157-
Process p = Runtime.getRuntime().exec(command);
158-
if (!p.waitFor(FATRunner.FAT_TEST_LOCALRUN ? 10 : 20, TimeUnit.SECONDS)) {
159-
p.destroyForcibly();
160-
dumpOutput(m, "Keytool process timed out", p);
161-
throw new RuntimeException(errorPrelude + " timed out waiting for process to finish.");
162-
}
163-
if (p.exitValue() != 0) {
164-
dumpOutput(m, "Non 0 exit code from keytool", p);
165-
throw new RuntimeException(errorPrelude + " see logs for details");
166-
}
167-
dumpOutput(m, "Keytool command completed successfully", p);
168-
} catch (InterruptedException | IOException e) {
169-
throw new RuntimeException(errorPrelude, e);
170-
}
171-
}
172-
173-
private static void dumpOutput(String method, String message, Process p) {
174-
String out = "stdOut:" + System.lineSeparator() + readInputStream(p.getInputStream());
175-
String err = "stdErr:" + System.lineSeparator() + readInputStream(p.getErrorStream());
176-
Log.info(c, method, message + //
177-
System.lineSeparator() + out + //
178-
System.lineSeparator() + err);
179-
}
180-
181-
private static String readInputStream(InputStream is) {
182-
@SuppressWarnings("resource")
183-
Scanner s = new Scanner(is).useDelimiter("\\A");
184-
return s.hasNext() ? s.next() : "";
185-
}
186141

187142
public static boolean isDerby() {
188143
return databaseContainerType == DatabaseContainerType.Derby;

0 commit comments

Comments
 (0)