From 3ad367ca8a9a11c026938459f7b852f6391bd341 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 5 Sep 2018 22:46:23 +0300
Subject: KeystoreManager shares keystore between XMPP and ActivityPub

---
 .../src/main/java/com/juick/server/XMPPServer.java       | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)

(limited to 'juick-server/src/main/java/com/juick/server/XMPPServer.java')

diff --git a/juick-server/src/main/java/com/juick/server/XMPPServer.java b/juick-server/src/main/java/com/juick/server/XMPPServer.java
index 675d79da..f2e41750 100644
--- a/juick-server/src/main/java/com/juick/server/XMPPServer.java
+++ b/juick-server/src/main/java/com/juick/server/XMPPServer.java
@@ -70,10 +70,6 @@ public class XMPPServer implements ConnectionListener {
     private Jid jid;
     @Value("${s2s_port:5269}")
     private int s2sPort;
-    @Value("${keystore:juick.p12}")
-    public String keystore;
-    @Value("${keystore_password:secret}")
-    public String keystorePassword;
     @Value("${broken_ssl_hosts:}")
     public String[] brokenSSLhosts;
     @Value("${banned_hosts:}")
@@ -111,21 +107,17 @@ public class XMPPServer implements ConnectionListener {
     private BasicXmppSession session;
     @Inject
     private UserService userService;
+    @Inject
+    private KeystoreManager keystoreManager;
 
     @PostConstruct
     public void init() throws KeyStoreException {
         closeFlag.set(false);
-        KeyStore ks = KeyStore.getInstance("PKCS12");
-        try (InputStream ksIs = new FileInputStream(keystore)) {
-            ks.load(ksIs, keystorePassword.toCharArray());
-            KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
-                    .getDefaultAlgorithm());
-            kmf.init(ks, keystorePassword.toCharArray());
+        try {
             sc = SSLContext.getInstance("TLSv1.2");
-            sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom());
+            sc.init(keystoreManager.getKeymanagerFactory().getKeyManagers(), trustAllCerts, new SecureRandom());
             TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-
             Set<TrustAnchor> ca = new HashSet<>();
             trustManagerFactory.init((KeyStore)null);
             Arrays.stream(trustManagerFactory.getTrustManagers()).forEach(t -> Arrays.stream(((X509TrustManager)t).getAcceptedIssuers()).forEach(cert -> ca.add(new TrustAnchor(cert, null))));
-- 
cgit v1.2.3