#9573 Add SSL configuration UI

Former-commit-id: 94e70050

#9573 Add SSL configuration UI
Former-commit-id: 94e70050
1daa5bb7 · ShadelessFox · 97b87c65 · 1daa5bb7 · 1daa5bb7 · 1daa5bb7
6 changed file
--- a/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml
+++ b/plugins/org.jkiss.dbeaver.ext.mssql.ui/plugin.xml
@@ -142,5 +142,8 @@
        </tools>
    </extension>

+    <extension point="org.jkiss.dbeaver.ui.propertyConfigurator">
+        <propertyConfigurator class="org.jkiss.dbeaver.ext.mssql.model.SQLServerSSLHandlerImpl" uiClass="org.jkiss.dbeaver.ext.mssql.ui.views.SQLServerSSLConfigurator"/>
+    </extension>

 </plugin>
--- a/plugins/org.jkiss.dbeaver.ext.mssql.ui/src/org/jkiss/dbeaver/ext/mssql/ui/views/SQLServerSSLConfigurator.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql.ui/src/org/jkiss/dbeaver/ext/mssql/ui/views/SQLServerSSLConfigurator.java
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2020 DBeaver Corp and others
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ext.mssql.ui.views;
+
+import org.eclipse.swt.SWT;
+import org.eclipse.swt.layout.GridData;
+import org.eclipse.swt.layout.GridLayout;
+import org.eclipse.swt.widgets.Composite;
+import org.eclipse.swt.widgets.Group;
+import org.eclipse.swt.widgets.Text;
+import org.jkiss.dbeaver.ext.mssql.SQLServerConstants;
+import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
+import org.jkiss.dbeaver.ui.UIUtils;
+import org.jkiss.dbeaver.ui.dialogs.net.SSLConfiguratorTrustStoreUI;
+import org.jkiss.utils.CommonUtils;
+
+public class SQLServerSSLConfigurator extends SSLConfiguratorTrustStoreUI {
+    private Text keystoreHostname;
+
+    @Override
+    public void createControl(Composite parent, Runnable propertyChangeListener) {
+        final Composite composite = new Composite(parent, SWT.NONE);
+        composite.setLayout(new GridLayout(1, false));
+        GridData gd = new GridData(GridData.FILL_BOTH);
+        gd.minimumHeight = 200;
+        composite.setLayoutData(gd);
+
+        createSSLConfigHint(composite, true, 1);
+        createTrustStoreConfigGroup(composite);
+
+        {
+            Group settingsGroup = UIUtils.createControlGroup(composite, "Settings", 2, GridData.FILL_HORIZONTAL, -1);
+
+            UIUtils.createControlLabel(settingsGroup, "Certificate hostname");
+            gd = new GridData(GridData.FILL_HORIZONTAL);
+            gd.minimumWidth = 130;
+            keystoreHostname = new Text(settingsGroup, SWT.BORDER);
+            keystoreHostname.setLayoutData(new GridData(GridData.FILL_HORIZONTAL));
+            keystoreHostname.setToolTipText("The host name to be used in validating the SQL Server TLS/SSL certificate.");
+        }
+    }
+
+    @Override
+    public void loadSettings(DBWHandlerConfiguration configuration) {
+        super.loadSettings(configuration);
+        keystoreHostname.setText(CommonUtils.notEmpty(configuration.getStringProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME)));
+    }
+
+    @Override
+    public void saveSettings(DBWHandlerConfiguration configuration) {
+        super.saveSettings(configuration);
+        configuration.setProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME, keystoreHostname.getText().trim());
+    }
+}
--- a/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/plugin.xml
@@ -496,4 +496,18 @@
        </task>
    </extension>

+    <extension point="org.jkiss.dbeaver.networkHandler">
+        <handler
+                type="config"
+                id="mssql_ssl"
+                codeName="SSL"
+                label="SSL"
+                description="SSL settings"
+                secured="false"
+                order="100"
+                handlerClass="org.jkiss.dbeaver.ext.mssql.model.SQLServerSSLHandlerImpl">
+            <objectType name="org.jkiss.dbeaver.ext.mssql.SQLServerDataSourceProvider"/>
+        </handler>
+    </extension>
+
 </plugin>
--- a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/SQLServerConstants.java
@@ -33,6 +33,10 @@ public class SQLServerConstants {
    public static final String DRIVER_JTDS = "mssql_jdbc_jtds";
    public static final String DRIVER_MS = "mssql_jdbc_ms";

+    public static final String HANDLER_SSL = "mssql_ssl";
+
+    public static final String PROP_SSL_KEYSTORE_HOSTNAME = "sslKeyStoreHostname";
+
    public static final boolean USE_GSS = false;

    public static final String DEFAULT_SCHEMA_NAME = "dbo";

--- a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerDataSource.java
@@ -26,6 +26,7 @@ import org.jkiss.dbeaver.ext.mssql.SQLServerUtils;
 import org.jkiss.dbeaver.ext.mssql.model.session.SQLServerSessionManager;
 import org.jkiss.dbeaver.model.*;
 import org.jkiss.dbeaver.model.admin.sessions.DBAServerSessionManager;
+import org.jkiss.dbeaver.model.app.DBACertificateStorage;
 import org.jkiss.dbeaver.model.connection.DBPConnectionConfiguration;
 import org.jkiss.dbeaver.model.exec.DBCException;
 import org.jkiss.dbeaver.model.exec.DBCExecutionContext;
@@ -37,7 +38,9 @@ import org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext;
 import org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance;
 import org.jkiss.dbeaver.model.impl.jdbc.JDBCUtils;
 import org.jkiss.dbeaver.model.impl.jdbc.cache.JDBCObjectCache;
+import org.jkiss.dbeaver.model.impl.net.SSLHandlerTrustStoreImpl;
 import org.jkiss.dbeaver.model.meta.Association;
+import org.jkiss.dbeaver.model.net.DBWHandlerConfiguration;
 import org.jkiss.dbeaver.model.runtime.DBRProgressMonitor;
 import org.jkiss.dbeaver.model.struct.*;
 import org.jkiss.dbeaver.utils.GeneralUtils;
@@ -129,6 +132,26 @@ public class SQLServerDataSource extends JDBCDataSource implements DBSInstanceCo

        authSchema.getInitializer().initializeAuthentication(connectionInfo, properties);

+        final DBWHandlerConfiguration sslConfig = getContainer().getActualConnectionConfiguration().getHandler(SQLServerConstants.HANDLER_SSL);
+        if (sslConfig != null && sslConfig.isEnabled()) {
+            try {
+                SSLHandlerTrustStoreImpl.initializeTrustStore(monitor, this, sslConfig);
+                DBACertificateStorage certificateStorage = getContainer().getPlatform().getCertificateStorage();
+                String keyStorePath = certificateStorage.getKeyStorePath(getContainer(), "ssl").getAbsolutePath();
+
+                properties.setProperty("encrypt", "true");
+                properties.setProperty("trustStore", keyStorePath);
+                properties.setProperty("trustStoreType", "JKS");
+
+                final String keystoreHostnameProp = sslConfig.getStringProperty(SQLServerConstants.PROP_SSL_KEYSTORE_HOSTNAME);
+                if (!CommonUtils.isEmpty(keystoreHostnameProp)) {
+                    properties.put("hostNameInCertificate", keystoreHostnameProp);
+                }
+            } catch (Exception e) {
+                throw new DBCException("Error initializing SSL trust store", e);
+            }
+        }
+
        return properties;
    }


--- a/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerSSLHandlerImpl.java
+++ b/plugins/org.jkiss.dbeaver.ext.mssql/src/org/jkiss/dbeaver/ext/mssql/model/SQLServerSSLHandlerImpl.java
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2020 DBeaver Corp and others
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.jkiss.dbeaver.ext.mssql.model;
+
+import org.jkiss.dbeaver.model.impl.net.SSLHandlerImpl;
+
+public class SQLServerSSLHandlerImpl extends SSLHandlerImpl {
+}