Fixing resource leak due to open file descriptors in SecurityUtility.java (#1851)

c9a36993 · Jai Asher · GitHub · b3d52562 · c9a36993
隐藏空白更改
内联并排

Showing with 10 addition and 6 deletion

pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java ...n/java/org/apache/pulsar/common/util/SecurityUtility.java +10 -6

未找到文件。
--- a/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
+++ b/pulsar-common/src/main/java/org/apache/pulsar/common/util/SecurityUtility.java
@@ -58,7 +58,7 @@ public class SecurityUtility {
    }

    public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
        return createNettySslContextForClient(allowInsecureConnection, trustCertsFilePath, (Certificate[]) null,
                (PrivateKey) null);
    }
@@ -73,7 +73,7 @@ public class SecurityUtility {

    public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath,
            String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
        X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath);
        PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);
        return createNettySslContextForClient(allowInsecureConnection, trustCertsFilePath, certificates, privateKey);
@@ -81,13 +81,15 @@ public class SecurityUtility {

    public static SslContext createNettySslContextForClient(boolean allowInsecureConnection, String trustCertsFilePath,
            Certificate[] certificates, PrivateKey privateKey)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws GeneralSecurityException, IOException, FileNotFoundException {
        SslContextBuilder builder = SslContextBuilder.forClient();
        if (allowInsecureConnection) {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (trustCertsFilePath != null && trustCertsFilePath.length() != 0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
            }
        }
        builder.keyManager(privateKey, (X509Certificate[]) certificates);
@@ -96,7 +98,7 @@ public class SecurityUtility {

    public static SslContext createNettySslContextForServer(boolean allowInsecureConnection, String trustCertsFilePath,
            String certFilePath, String keyFilePath)
-            throws GeneralSecurityException, SSLException, FileNotFoundException {
+            throws IOException, GeneralSecurityException, SSLException, FileNotFoundException {
        X509Certificate[] certificates = loadCertificatesFromPemFile(certFilePath);
        PrivateKey privateKey = loadPrivateKeyFromPemFile(keyFilePath);

@@ -105,7 +107,9 @@ public class SecurityUtility {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (trustCertsFilePath != null && trustCertsFilePath.length() != 0) {
-                builder.trustManager(new FileInputStream(trustCertsFilePath));
+                try (FileInputStream input = new FileInputStream(trustCertsFilePath)) {
+                    builder.trustManager(input);
+                }
            } else {
                builder.trustManager((File) null);
            }