affine/jobserv
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactors to server tls code

Browse source
This commit is contained in:
Aidan Hahn 2019-05-19 13:03:53 -07:00
parent 3021a1d405
commit a932852b2c
No known key found for this signature in database
GPG key ID: 327711E983899316
4 changed files with 44 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/main/java/JobServ/JobServClient.java
View file

@ -226,7 +226,7 @@ public class JobServClient {
// fails if port is improperly formatted or if an ssl exception occurs
JobServClient client;
try {
client = new JobServClient(args[0], Integer.parseInt(args[1]), args[2], args[1], args[0]);
client = new JobServClient(args[3], Integer.parseInt(args[4]), args[2], args[1], args[0]);
} catch (NumberFormatException e) {
System.out.println("Invalid Port");
@ -239,7 +239,7 @@ public class JobServClient {
// declare pid up here so that multiple switch cases can use it
int candidatePid;
// parse remaining args
switch (args[2]) {
switch (args[5]) {
case "new":
if (args.length < 7) {
System.out.println("Improper formatting, try client --help");

58
src/main/java/JobServ/JobServServer.java
View file

@ -31,31 +31,30 @@ public class JobServServer {
private Server server;
private final int port;
private final String certChainFilePath;
private final String privateKeyFilePath;
private final String trustCertCollectionFilePath;
private final SslContext ssl;
/*
* Constructor
* Sets port and builds sslContext
*/
public JobServServer(int port,
String certChainFilePath,
String privateKeyFilePath,
String trustCertCollectionFilePath) {
String serverCert,
String privateKey,
String trustStore) {
this.port = port;
this.certChainFilePath = certChainFilePath;
this.privateKeyFilePath = privateKeyFilePath;
this.trustCertCollectionFilePath = trustCertCollectionFilePath;
SslContextBuilder sslContextBuilder = SslContextBuilder.forServer(new File(serverCert), new File(privateKey));
// Mutual TLS trust store and require client auth
sslContextBuilder.trustManager(new File(trustStore));
sslContextBuilder.clientAuth(ClientAuth.REQUIRE);
this.ssl = GrpcSslContexts.configure(sslClientContextBuilder).build();
}
private SslContextBuilder getSslContextBuilder() {
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(new File(certChainFilePath),
new File(privateKeyFilePath));
sslClientContextBuilder.trustManager(new File(trustCertCollectionFilePath));
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
return GrpcSslContexts.configure(sslClientContextBuilder);
}
// starts the GRPC API Server
/*
* start()
* this initializes the server
*/
private void start() throws IOException {
// TODO: this should be passed in from a configuration manager
server = NettyServerBuilder.forPort(port)
@ -76,25 +75,38 @@ public class JobServServer {
});
}
/*
* stop()
* This is called when ctrl+c is pressed
*/
private void stop() {
if (server != null) {
server.shutdown();
}
}
// spinlock for main()
/*
* blockUntilShutdown()
* This is more or less the main loop of the server.
* It spins until shutdown is called.
*/
private void blockUntilShutdown() throws InterruptedException {
if (server != null) {
server.awaitTermination();
}
}
// Main function. starts GRPC server and spins until server is shutdown
/*
* main()
* Entrypoint of hte server
* parses args and initializes a server object.
* calls server main loop.
*/
public static void main(String[] args) throws IOException, InterruptedException {
int port = 8448; // TODO: port and key/cert files should be handled by a config manager
if(args.length < 3) {
System.out.println("Usage: ./jobserv-server certchain privatekey truststore");
System.out.println("Usage: ./jobserv-server cert privatekey truststore");
return;
}