Log a warning if a certifcate is invalid (FELIX-3604).
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@1365531 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java b/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
index bc4a0bd..1106423 100644
--- a/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
+++ b/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
@@ -202,7 +202,7 @@
}
SecurityProvider provider = new SecurityProviderImpl(crlList,
- typeList, passwdList, storeList, pai, cpai, action);
+ typeList, passwdList, storeList, pai, cpai, action, ((Felix) context.getBundle(0)).getLogger());
((Felix) context.getBundle(0)).setSecurityProvider(provider);
}
diff --git a/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java b/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
index e07a925..405f909 100644
--- a/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
+++ b/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
@@ -21,6 +21,7 @@
import java.security.Permission;
import java.security.ProtectionDomain;
+import org.apache.felix.framework.Logger;
import org.apache.felix.framework.ext.SecurityProvider;
import org.apache.felix.framework.security.condpermadmin.ConditionalPermissionAdminImpl;
import org.apache.felix.framework.security.permissionadmin.PermissionAdminImpl;
@@ -44,13 +45,13 @@
SecurityProviderImpl(String crlList, String typeList, String passwdList,
String storeList, PermissionAdminImpl pai,
- ConditionalPermissionAdminImpl cpai, SecureAction action)
+ ConditionalPermissionAdminImpl cpai, SecureAction action, Logger logger)
{
m_pai = pai;
m_cpai = cpai;
m_action = action;
m_parser = new BundleDNParser(new TrustManager(crlList, typeList,
- passwdList, storeList, m_action));
+ passwdList, storeList, m_action), logger);
}
/**
diff --git a/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java b/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
index 8eb555a..7cc2d81 100644
--- a/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
+++ b/framework.security/src/main/java/org/apache/felix/framework/security/verifier/BundleDNParser.java
@@ -35,6 +35,7 @@
import java.util.jar.JarInputStream;
import org.apache.felix.framework.BundleRevisionImpl;
+import org.apache.felix.framework.Logger;
import org.apache.felix.framework.security.util.BundleInputStream;
import org.apache.felix.framework.security.util.TrustManager;
/*
@@ -78,14 +79,16 @@
m_getCertificates = getCertificates;
}
+ private final Logger m_logger;
private final Map m_cache = new WeakHashMap();
private final Map m_allCache = new WeakHashMap();
private final TrustManager m_manager;
- public BundleDNParser(TrustManager manager)
+ public BundleDNParser(TrustManager manager, Logger logger)
{
m_manager = manager;
+ m_logger = logger;
}
public Map getCache()
@@ -442,7 +445,7 @@
}
catch (CertificateException ex)
{
- // TODO: log this or something
+ m_logger.log(Logger.LOG_WARNING, "Invalid Certificate", ex);
revoked = true;
}
}
@@ -508,7 +511,7 @@
catch (CertificateException ex)
{
// Not much we can do
- // TODO: log this or something
+ m_logger.log(Logger.LOG_WARNING, "Invalid Certificate", ex);
}
}
}
@@ -535,7 +538,7 @@
}
catch (Exception ex)
{
- // TODO: log this or something
+ m_logger.log(Logger.LOG_WARNING, "Invalid Certificate", ex);
}
}
}