test(server): fix ApplyConfigurationTest.java

diennea · Oct 2, 2024 · 9fa84aa · 9fa84aa
1 parent 12cdd0c
commit 9fa84aa
Show file tree

Hide file tree

Showing 6 changed files with 216 additions and 228 deletions.
diff --git a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/CertificatesUtils.java
@@ -115,6 +115,9 @@ public static Certificate[] readChainFromKeystore(byte[] data) throws GeneralSec
      * @throws CertificateException     if any of the certificates in the keystore could not be loaded
      */
     public static Certificate[] readChainFromKeystore(KeyStore keystore) throws GeneralSecurityException {
+        if (keystore == null) {
+            return new Certificate[0];
+        }
         Iterator<String> iter = keystore.aliases().asIterator();
         while (iter.hasNext()) {
             Certificate[] chain = keystore.getCertificateChain(iter.next());

diff --git a/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java b/carapace-server/src/main/java/org/carapaceproxy/core/ssl/SniMapper.java
@@ -49,8 +49,9 @@ public SniMapper(
     ) {
         this.parent = parent;
         /*
-         * todo I don't think we actually need to store these data that should already be in the `parent`...
-         *  sadly, this breaks reload of configuration after replacing the ConfigurationStore;
+         * todo:
+         *  I don't think we actually need to store these data that should already be in the `parent`...
+         *  sadly, this breaks the reload of the configuration after replacing the ConfigurationStore;
          *  one problem at a time though, this should be a different GitHub issue!
          */
         this.runtimeConfiguration = runtimeConfiguration;
@@ -82,9 +83,10 @@ public SslContext computeContext(final String sniHostname) throws ConfigurationN
                 final var defaultCertificate = listenerConfiguration.getDefaultCertificate();
                 var chosen = Listeners.chooseCertificate(runtimeConfiguration, sniHostname, defaultCertificate);
                 if (chosen == null) {
-                    throw new ConfigurationNotValidException("cannot find a certificate for snihostname " + sniHostname
-                                                             + ", with default cert for listener as '" + defaultCertificate
-                                                             + "', available " + runtimeConfiguration.getCertificates().keySet());
+                    throw new ConfigurationNotValidException(
+                            "cannot find a certificate for snihostname " + sniHostname
+                            + ", with default cert for listener as '" + defaultCertificate
+                            + "', available " + runtimeConfiguration.getCertificates().keySet());
                 }
                 int port = listenerConfiguration.getPort() + parent.getListenersOffsetPort();
                 try {
@@ -156,6 +158,7 @@ private List<String> getSslCiphers() {
         }
         return null;
     }
+
     public Consumer<SslProvider.SslContextSpec> sslContextSpecConsumer() {
         return this::configureSpec;
     }

diff --git a/...erver/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java b/...erver/src/main/java/org/carapaceproxy/server/certificates/DynamicCertificatesManager.java
@@ -22,6 +22,8 @@
 import static java.util.function.Predicate.not;
 import static org.carapaceproxy.configstore.ConfigurationStoreUtils.base64DecodeCertificateChain;
 import static org.carapaceproxy.configstore.ConfigurationStoreUtils.base64EncodeCertificateChain;
+import static org.carapaceproxy.core.ssl.CertificatesUtils.isCertificateExpired;
+import static org.carapaceproxy.core.ssl.CertificatesUtils.readChainFromKeystore;
 import static org.carapaceproxy.server.certificates.DynamicCertificateState.AVAILABLE;
 import static org.carapaceproxy.server.certificates.DynamicCertificateState.DNS_CHALLENGE_WAIT;
 import static org.carapaceproxy.server.certificates.DynamicCertificateState.DOMAIN_UNREACHABLE;
@@ -32,8 +34,6 @@
 import static org.carapaceproxy.server.certificates.DynamicCertificateState.VERIFYING;
 import static org.carapaceproxy.server.certificates.DynamicCertificateState.WAITING;
 import static org.carapaceproxy.server.config.SSLCertificateConfiguration.CertificateMode.MANUAL;
-import static org.carapaceproxy.core.ssl.CertificatesUtils.isCertificateExpired;
-import static org.carapaceproxy.core.ssl.CertificatesUtils.readChainFromKeystore;
 import com.google.common.annotations.VisibleForTesting;
 import java.io.File;
 import java.io.FileOutputStream;
@@ -608,7 +608,7 @@ private RuntimeServerConfiguration getConfig() {
      * @return PKCS12 Keystore content
      */
     public byte[] getCertificateForDomain(String domain) {
-        CertificateData cert = certificates.get(domain); // certs always retrived from cache
+        CertificateData cert = certificates.get(domain); // certs always retrieved from cache
         if (cert == null || cert.getKeystoreData() == null || cert.getKeystoreData().length == 0) {
             LOG.log(Level.SEVERE, "No dynamic certificate available for domain {0}", domain);
             return null;