From a78d34ab4bb13c0b541f608ff6031c01d2669499 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Fri, 18 Oct 2013 18:37:25 +0000
Subject: [PATCH] * I2PTunnel SSL cleanup, log SSL exceptions as errors to
help find cert problems
---
.../java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java | 9 +++++++++
.../java/src/net/i2p/i2ptunnel/I2PTunnelRunner.java | 4 ++++
core/java/src/net/i2p/util/I2PSSLSocketFactory.java | 2 +-
3 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
index 1e8ea3f620..61007aa8a9 100644
--- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
+++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
@@ -19,6 +19,8 @@ import java.util.Map;
import java.util.Properties;
import java.util.zip.GZIPOutputStream;
+import javax.net.ssl.SSLException;
+
import net.i2p.client.streaming.I2PSocket;
import net.i2p.I2PAppContext;
import net.i2p.data.ByteArray;
@@ -295,6 +297,13 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
s.run(); // same thread
if (_log.shouldLog(Log.INFO))
_log.info("After pumping the compressed response: " + compressedOut.getTotalRead() + "/" + compressedOut.getTotalCompressed());
+ } catch (SSLException she) {
+ _log.error("SSL error", she);
+ try {
+ if (browserout == null)
+ browserout = _browser.getOutputStream();
+ browserout.write(ERR_UNAVAILABLE);
+ } catch (IOException ioe) {}
} catch (IOException ioe) {
if (_log.shouldLog(Log.WARN))
_log.warn("error compressing", ioe);
diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelRunner.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelRunner.java
index 8822779fce..c3bfea5e7b 100644
--- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelRunner.java
+++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelRunner.java
@@ -12,6 +12,8 @@ import java.net.Socket;
import java.net.SocketException;
import java.util.List;
+import javax.net.ssl.SSLException;
+
import net.i2p.I2PAppContext;
import net.i2p.client.streaming.I2PSocket;
import net.i2p.data.ByteArray;
@@ -199,6 +201,8 @@ public class I2PTunnelRunner extends I2PAppThread implements I2PSocket.SocketErr
} catch (InterruptedException ex) {
if (_log.shouldLog(Log.ERROR))
_log.error("Interrupted", ex);
+ } catch (SSLException she) {
+ _log.error("SSL error", she);
} catch (IOException ex) {
if (_log.shouldLog(Log.DEBUG))
_log.debug("Error forwarding", ex);
diff --git a/core/java/src/net/i2p/util/I2PSSLSocketFactory.java b/core/java/src/net/i2p/util/I2PSSLSocketFactory.java
index 0751cdc288..f7f5b26064 100644
--- a/core/java/src/net/i2p/util/I2PSSLSocketFactory.java
+++ b/core/java/src/net/i2p/util/I2PSSLSocketFactory.java
@@ -54,7 +54,7 @@ public class I2PSSLSocketFactory {
* Loads certs from
* the ~/.i2p/certificates/ and $I2P/certificates/ directories.
*/
- private SSLSocketFactory initSSLContext(I2PAppContext context, boolean loadSystemCerts, String relativeCertPath)
+ private static SSLSocketFactory initSSLContext(I2PAppContext context, boolean loadSystemCerts, String relativeCertPath)
throws GeneralSecurityException {
Log log = context.logManager().getLog(I2PSSLSocketFactory.class);
KeyStore ks;
--
GitLab