Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
suliangchun
dbeaver
提交
679cf555
D
dbeaver
项目概览
suliangchun
/
dbeaver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dbeaver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
679cf555
编写于
3月 06, 2016
作者:
S
Serge Rider
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
#2 MySQL SSL support
上级
2f11ddad
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
106 addition
and
18 deletion
+106
-18
plugins/org.jkiss.dbeaver.ext.db2/src/org/jkiss/dbeaver/ext/db2/model/DB2DataSource.java
...b2/src/org/jkiss/dbeaver/ext/db2/model/DB2DataSource.java
+1
-1
plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/model/MySQLDataSource.java
...rc/org/jkiss/dbeaver/ext/mysql/model/MySQLDataSource.java
+46
-4
plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/views/MySQLSSLConfigurator.java
...g/jkiss/dbeaver/ext/mysql/views/MySQLSSLConfigurator.java
+6
-6
plugins/org.jkiss.dbeaver.ext.oracle/src/org/jkiss/dbeaver/ext/oracle/model/OracleDataSource.java
.../org/jkiss/dbeaver/ext/oracle/model/OracleDataSource.java
+1
-1
plugins/org.jkiss.dbeaver.ext.postgresql/src/org/jkiss/dbeaver/ext/postgresql/model/PostgreDataSource.java
...jkiss/dbeaver/ext/postgresql/model/PostgreDataSource.java
+1
-1
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPSecurityManager.java
...model/src/org/jkiss/dbeaver/model/DBPSecurityManager.java
+6
-1
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/jdbc/JDBCDataSource.java
...src/org/jkiss/dbeaver/model/impl/jdbc/JDBCDataSource.java
+1
-0
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/security/DefaultSecurityManager.java
...s/dbeaver/model/impl/security/DefaultSecurityManager.java
+44
-4
未找到文件。
plugins/org.jkiss.dbeaver.ext.db2/src/org/jkiss/dbeaver/ext/db2/model/DB2DataSource.java
浏览文件 @
679cf555
...
...
@@ -269,7 +269,7 @@ public class DB2DataSource extends JDBCDataSource implements DBSObjectSelector,
}
@Override
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
throws
DBCException
{
Map
<
String
,
String
>
props
=
new
HashMap
<>();
props
.
putAll
(
DB2DataSourceProvider
.
getConnectionsProps
());
...
...
plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/model/MySQLDataSource.java
浏览文件 @
679cf555
...
...
@@ -31,6 +31,7 @@ import org.jkiss.dbeaver.ext.mysql.model.plan.MySQLPlanAnalyser;
import
org.jkiss.dbeaver.ext.mysql.model.session.MySQLSessionManager
;
import
org.jkiss.dbeaver.model.DBPDataSourceContainer
;
import
org.jkiss.dbeaver.model.DBPErrorAssistant
;
import
org.jkiss.dbeaver.model.DBPSecurityManager
;
import
org.jkiss.dbeaver.model.DBUtils
;
import
org.jkiss.dbeaver.model.admin.sessions.DBAServerSessionManager
;
import
org.jkiss.dbeaver.model.exec.*
;
...
...
@@ -49,6 +50,9 @@ import org.jkiss.dbeaver.model.sql.SQLDialect;
import
org.jkiss.dbeaver.model.struct.*
;
import
org.jkiss.utils.CommonUtils
;
import
java.io.File
;
import
java.io.FileInputStream
;
import
java.io.InputStream
;
import
java.sql.Connection
;
import
java.sql.SQLException
;
import
java.util.*
;
...
...
@@ -80,13 +84,16 @@ public class MySQLDataSource extends JDBCDataSource implements DBSObjectSelector
@Override
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
throws
DBCException
{
Map
<
String
,
String
>
props
=
new
HashMap
<>(
MySQLDataSourceProvider
.
getConnectionsProps
());
Map
<
String
,
String
>
props
=
new
Linked
HashMap
<>(
MySQLDataSourceProvider
.
getConnectionsProps
());
final
DBWHandlerConfiguration
sslConfig
=
getContainer
().
getActualConnectionConfiguration
().
getDeclaredHandler
(
MySQLConstants
.
HANDLER_SSL
);
if
(
sslConfig
!=
null
&&
sslConfig
.
isEnabled
())
{
props
.
put
(
"useSSL"
,
"true"
);
props
.
put
(
"verifyServerCertificate"
,
String
.
valueOf
(
CommonUtils
.
toBoolean
(
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_VERIFY_SERVER_SERT
))));
props
.
put
(
"requireSSL"
,
String
.
valueOf
(
CommonUtils
.
toBoolean
(
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_REQUIRE_SSL
))));
try
{
initSSL
(
props
,
sslConfig
);
}
catch
(
Exception
e
)
{
throw
new
DBCException
(
"Error configuring SSL certificates"
,
e
);
}
}
/*
if (CommonUtils.toBoolean(connectionInfo.getProperty(MySQLConstants.PROP_USE_SSL))) {
...
...
@@ -97,6 +104,41 @@ public class MySQLDataSource extends JDBCDataSource implements DBSObjectSelector
return
props
;
}
private
void
initSSL
(
Map
<
String
,
String
>
props
,
DBWHandlerConfiguration
sslConfig
)
throws
Exception
{
props
.
put
(
"useSSL"
,
"true"
);
props
.
put
(
"verifyServerCertificate"
,
String
.
valueOf
(
CommonUtils
.
toBoolean
(
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_VERIFY_SERVER_SERT
))));
props
.
put
(
"requireSSL"
,
String
.
valueOf
(
CommonUtils
.
toBoolean
(
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_REQUIRE_SSL
))));
final
String
caCertProp
=
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_SSL_CA_CERT
);
final
String
clientCertProp
=
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_SSL_CLIENT_CERT
);
final
String
cipherSuites
=
sslConfig
.
getProperties
().
get
(
MySQLConstants
.
PROP_SSL_CIPHER_SUITES
);
// Trust keystore
if
(!
CommonUtils
.
isEmpty
(
caCertProp
))
{
File
caCertFile
=
new
File
(
caCertProp
);
String
ksId
=
"ssl-truststore"
;
final
DBPSecurityManager
securityManager
=
getContainer
().
getApplication
().
getSecurityManager
();
try
(
InputStream
is
=
new
FileInputStream
(
caCertFile
))
{
securityManager
.
addCertificate
(
ksId
,
getContainer
().
getId
(),
is
);
}
props
.
put
(
"trustCertificateKeyStoreUrl"
,
securityManager
.
getKeyStorePath
(
ksId
).
toURI
().
toURL
().
toString
());
}
// Client certificate
if
(!
CommonUtils
.
isEmpty
(
clientCertProp
))
{
File
clientCertFile
=
new
File
(
clientCertProp
);
String
ksId
=
"ssl-clientstore"
;
final
DBPSecurityManager
securityManager
=
getContainer
().
getApplication
().
getSecurityManager
();
try
(
InputStream
is
=
new
FileInputStream
(
clientCertFile
))
{
securityManager
.
addCertificate
(
ksId
,
getContainer
().
getId
(),
is
);
}
props
.
put
(
"clientCertificateKeyStoreUrl"
,
securityManager
.
getKeyStorePath
(
ksId
).
toURI
().
toURL
().
toString
());
}
if
(!
CommonUtils
.
isEmpty
(
cipherSuites
))
{
props
.
put
(
"enabledSSLCipherSuites"
,
cipherSuites
);
}
}
protected
void
initializeContextState
(
@NotNull
DBRProgressMonitor
monitor
,
@NotNull
JDBCExecutionContext
context
,
boolean
setActiveObject
)
throws
DBCException
{
if
(
setActiveObject
)
{
MySQLCatalog
object
=
getSelectedObject
();
...
...
plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/views/MySQLSSLConfigurator.java
浏览文件 @
679cf555
...
...
@@ -58,6 +58,12 @@ public class MySQLSSLConfigurator extends SSLConfiguratorAbstractUI
requireSSQL
=
UIUtils
.
createLabelCheckbox
(
composite
,
"Require SSL"
,
false
);
veryServerCert
=
UIUtils
.
createLabelCheckbox
(
composite
,
"Verify server certificate"
,
true
);
UIUtils
.
createControlLabel
(
composite
,
"CA certificate"
);
gd
=
new
GridData
(
GridData
.
FILL_HORIZONTAL
);
gd
.
minimumWidth
=
130
;
clientCAText
=
new
TextWithOpenFile
(
composite
,
"CA Certificate"
,
new
String
[]
{
"*.*"
,
"*.cert"
,
"*.pem"
,
"*"
}
);
clientCAText
.
setLayoutData
(
new
GridData
(
GridData
.
FILL_HORIZONTAL
));
UIUtils
.
createControlLabel
(
composite
,
"SSL certificate"
);
gd
=
new
GridData
(
GridData
.
FILL_HORIZONTAL
);
gd
.
minimumWidth
=
130
;
...
...
@@ -70,12 +76,6 @@ public class MySQLSSLConfigurator extends SSLConfiguratorAbstractUI
clientKeyText
=
new
TextWithOpenFile
(
composite
,
"SSL Certificate"
,
new
String
[]
{
"*.*"
,
"*.cert"
,
"*.pem"
,
"*"
}
);
clientKeyText
.
setLayoutData
(
new
GridData
(
GridData
.
FILL_HORIZONTAL
));
UIUtils
.
createControlLabel
(
composite
,
"CA certificate (optional)"
);
gd
=
new
GridData
(
GridData
.
FILL_HORIZONTAL
);
gd
.
minimumWidth
=
130
;
clientCAText
=
new
TextWithOpenFile
(
composite
,
"CA Certificate"
,
new
String
[]
{
"*.*"
,
"*.cert"
,
"*.pem"
,
"*"
}
);
clientCAText
.
setLayoutData
(
new
GridData
(
GridData
.
FILL_HORIZONTAL
));
cipherSuitesText
=
UIUtils
.
createLabelText
(
composite
,
"Cipher suites (optional)"
,
""
);
}
...
...
plugins/org.jkiss.dbeaver.ext.oracle/src/org/jkiss/dbeaver/ext/oracle/model/OracleDataSource.java
浏览文件 @
679cf555
...
...
@@ -159,7 +159,7 @@ public class OracleDataSource extends JDBCDataSource
}
@Override
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
throws
DBCException
{
return
OracleDataSourceProvider
.
getConnectionsProps
();
}
...
...
plugins/org.jkiss.dbeaver.ext.postgresql/src/org/jkiss/dbeaver/ext/postgresql/model/PostgreDataSource.java
浏览文件 @
679cf555
...
...
@@ -73,7 +73,7 @@ public class PostgreDataSource extends JDBCDataSource implements DBSObjectSelect
}
@Override
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
throws
DBCException
{
return
PostgreDataSourceProvider
.
getConnectionsProps
();
}
...
...
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPSecurityManager.java
浏览文件 @
679cf555
...
...
@@ -18,7 +18,10 @@
package
org.jkiss.dbeaver.model
;
import
org.jkiss.dbeaver.DBException
;
import
java.io.File
;
import
java.io.InputStream
;
import
java.security.KeyStore
;
/**
...
...
@@ -26,7 +29,9 @@ import java.security.KeyStore;
*/
public
interface
DBPSecurityManager
{
KeyStore
getKeyStore
(
String
ksId
);
KeyStore
getKeyStore
(
String
ksId
)
throws
DBException
;
void
addCertificate
(
String
ksId
,
String
certId
,
InputStream
certStream
)
throws
DBException
;
File
getKeyStorePath
(
String
ksId
);
}
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/jdbc/JDBCDataSource.java
浏览文件 @
679cf555
...
...
@@ -514,6 +514,7 @@ public abstract class JDBCDataSource
*/
@Nullable
protected
Map
<
String
,
String
>
getInternalConnectionProperties
()
throws
DBCException
{
return
null
;
}
...
...
plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/security/DefaultSecurityManager.java
浏览文件 @
679cf555
...
...
@@ -17,11 +17,14 @@
*/
package
org.jkiss.dbeaver.model.impl.security
;
import
org.jkiss.dbeaver.DBException
;
import
org.jkiss.dbeaver.Log
;
import
org.jkiss.dbeaver.model.DBPSecurityManager
;
import
java.io.
File
;
import
java.io.
*
;
import
java.security.KeyStore
;
import
java.security.cert.Certificate
;
import
java.security.cert.CertificateFactory
;
/**
* DefaultSecurityManager
...
...
@@ -29,6 +32,8 @@ import java.security.KeyStore;
public
class
DefaultSecurityManager
implements
DBPSecurityManager
{
static
final
Log
log
=
Log
.
getLog
(
DefaultSecurityManager
.
class
);
private
static
final
char
[]
DEFAULT_PASSWORD
=
""
.
toCharArray
();
public
static
final
String
JKS_EXTENSION
=
".jks"
;
private
final
File
localPath
;
...
...
@@ -40,12 +45,47 @@ public class DefaultSecurityManager implements DBPSecurityManager {
}
@Override
public
KeyStore
getKeyStore
(
String
ksId
)
{
return
null
;
public
KeyStore
getKeyStore
(
String
ksId
)
throws
DBException
{
try
{
File
ksFile
=
getKeyStorePath
(
ksId
);
KeyStore
ks
=
KeyStore
.
getInstance
(
KeyStore
.
getDefaultType
());
if
(
ksFile
.
exists
())
{
try
(
InputStream
is
=
new
FileInputStream
(
ksFile
))
{
ks
.
load
(
is
,
DEFAULT_PASSWORD
);
}
}
else
{
ks
.
load
(
null
,
DEFAULT_PASSWORD
);
}
return
ks
;
}
catch
(
Exception
e
)
{
throw
new
DBException
(
"Error opening keystore '"
+
ksId
+
"'"
,
e
);
}
}
@Override
public
void
addCertificate
(
String
ksId
,
String
certId
,
InputStream
certStream
)
throws
DBException
{
final
KeyStore
keyStore
=
getKeyStore
(
ksId
);
try
{
CertificateFactory
cf
=
CertificateFactory
.
getInstance
(
"X.509"
);
Certificate
cert
=
cf
.
generateCertificate
(
certStream
);
keyStore
.
setCertificateEntry
(
certId
,
cert
);
saveKeyStore
(
ksId
,
keyStore
);
}
catch
(
Exception
e
)
{
throw
new
DBException
(
"Error adding certificate to keystore '"
+
ksId
+
"'"
,
e
);
}
}
private
void
saveKeyStore
(
String
ksId
,
KeyStore
keyStore
)
throws
Exception
{
final
File
ksFile
=
getKeyStorePath
(
ksId
);
try
(
OutputStream
os
=
new
FileOutputStream
(
ksFile
))
{
keyStore
.
store
(
os
,
DEFAULT_PASSWORD
);
}
}
@Override
public
File
getKeyStorePath
(
String
ksId
)
{
return
n
ull
;
return
n
ew
File
(
localPath
,
ksId
+
JKS_EXTENSION
)
;
}
}
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录