changeset 4524:801c9c03302a

7115524: Regression: keytool -printcert -sslserver failure Reviewed-by: xuelei
author weijun
date Fri, 02 Dec 2011 16:06:19 +0800
parents fab771990eb3
children 9cc780355c09 a048ff0d868b
files src/share/classes/sun/security/tools/KeyTool.java
diffstat 1 files changed, 35 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/KeyTool.java	Wed Nov 30 14:48:35 2011 -0500
+++ b/src/share/classes/sun/security/tools/KeyTool.java	Fri Dec 02 16:06:19 2011 +0800
@@ -52,6 +52,7 @@
 import java.util.jar.JarFile;
 import java.lang.reflect.Constructor;
 import java.math.BigInteger;
+import java.net.Socket;
 import java.net.URI;
 import java.net.URL;
 import java.net.URLClassLoader;
@@ -84,6 +85,7 @@
 import sun.security.x509.*;
 
 import static java.security.KeyStore.*;
+import javax.net.ssl.*;
 import static sun.security.tools.KeyTool.Command.*;
 import static sun.security.tools.KeyTool.Option.*;
 
@@ -2321,18 +2323,31 @@
             SSLContext sc = SSLContext.getInstance("SSL");
             final boolean[] certPrinted = new boolean[1];
             sc.init(null, new TrustManager[] {
-                new X509TrustManager() {
-
-                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-                        return null;
+                new X509ExtendedTrustManager() {
+                    @Override
+                    public X509Certificate[] getAcceptedIssuers() {
+                        return new X509Certificate[0];
                     }
-
+                    @Override
                     public void checkClientTrusted(
-                        java.security.cert.X509Certificate[] certs, String authType) {
+                            X509Certificate[] certs, String authType) {
+                        throw new UnsupportedOperationException();
                     }
-
+                    @Override
+                    public void checkClientTrusted(X509Certificate[] chain,
+                            String authType, Socket socket)
+                            throws CertificateException {
+                        throw new UnsupportedOperationException();
+                    }
+                    @Override
+                    public void checkClientTrusted(X509Certificate[] chain,
+                            String authType, SSLEngine engine) throws
+                            CertificateException {
+                        throw new UnsupportedOperationException();
+                    }
+                    @Override
                     public void checkServerTrusted(
-                            java.security.cert.X509Certificate[] certs, String authType) {
+                            X509Certificate[] certs, String authType) {
                         for (int i=0; i<certs.length; i++) {
                             X509Certificate cert = certs[i];
                             try {
@@ -2356,6 +2371,18 @@
                             certPrinted[0] = true;
                         }
                     }
+                    @Override
+                    public void checkServerTrusted(X509Certificate[] chain,
+                            String authType, Socket socket)
+                            throws CertificateException {
+                        checkServerTrusted(chain, authType);
+                    }
+                    @Override
+                    public void checkServerTrusted(X509Certificate[] chain,
+                            String authType, SSLEngine engine)
+                            throws CertificateException {
+                        checkServerTrusted(chain, authType);
+                    }
                 }
             }, null);
             HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());