mirror of
https://gitee.com/BTAJL/repchain.git
synced 2024-12-05 05:08:29 +08:00
Merge remote-tracking branch 'origin/dev_rc_jdk13_2.0.0' into dev_rc_jdk13_2.0.0
# Conflicts: # src/main/scala/rep/app/management/ManagementService.scala
This commit is contained in:
commit
36e8319468
@ -1,6 +1,8 @@
|
||||
package rep.app.management
|
||||
|
||||
|
||||
import java.io.StringWriter
|
||||
|
||||
import java.io.File
|
||||
|
||||
import scala.concurrent.ExecutionContext
|
||||
@ -24,9 +26,6 @@ import javax.ws.rs.core.MediaType
|
||||
|
||||
import scala.util.{Failure, Success}
|
||||
|
||||
|
||||
|
||||
|
||||
@Path("/management")
|
||||
class ManagementService(handler: ActorRef,isCheckPeerCertificate:Boolean)(implicit executionContext: ExecutionContext)
|
||||
extends Directives {
|
||||
@ -58,12 +57,15 @@ class ManagementService(handler: ActorRef,isCheckPeerCertificate:Boolean)(implic
|
||||
try{
|
||||
val client_cert = sslSession.getPeerCertificates
|
||||
val cert = client_cert(0).asInstanceOf[X509Certificate]
|
||||
System.err.println(cert)
|
||||
//todo verify cert
|
||||
rejectEmptyResponse {
|
||||
onSuccess((handler ? SystemStart(nodeName))) { response =>
|
||||
complete(response.toString)
|
||||
if(cert != null){
|
||||
//System.err.println(cert)
|
||||
rejectEmptyResponse {
|
||||
onSuccess((handler ? SystemStart(nodeName))) { response =>
|
||||
complete(response.toString)
|
||||
}
|
||||
}
|
||||
}else{
|
||||
complete("Failed to get client certificate")
|
||||
}
|
||||
}catch {
|
||||
case e: SSLPeerUnverifiedException =>
|
||||
@ -101,6 +103,7 @@ class ManagementService(handler: ActorRef,isCheckPeerCertificate:Boolean)(implic
|
||||
val cert = client_cert(0).asInstanceOf[X509Certificate]
|
||||
System.err.println(cert)
|
||||
//todo verify cert
|
||||
if(cert != null)
|
||||
rejectEmptyResponse {
|
||||
onSuccess((handler ? SystemStatusQuery(nodeName))) { response =>
|
||||
complete(response.toString)
|
||||
@ -276,9 +279,6 @@ class ManagementService(handler: ActorRef,isCheckPeerCertificate:Boolean)(implic
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,6 +1,10 @@
|
||||
package rep.authority.check
|
||||
|
||||
|
||||
import java.io.{StringWriter, Writer}
|
||||
import java.security.cert.X509Certificate
|
||||
|
||||
import org.bouncycastle.openssl.jcajce.JcaPEMWriter
|
||||
import rep.app.system.RepChainSystemContext
|
||||
import rep.authority.cache.SignerCache.signerData
|
||||
import rep.authority.cache.{AuthenticateBindToCertCache, AuthenticateCache, CertificateCache, CertificateHashCache, OperateCache, PermissionCacheManager, SignerCache}
|
||||
@ -150,6 +154,10 @@ class PermissionVerify(ctx: RepChainSystemContext) {
|
||||
}
|
||||
}
|
||||
|
||||
def CheckPermissionOfX509Certificate(cert: X509Certificate, opName: String, dbInstance: BlockPreload): Boolean = {
|
||||
CheckPermissionOfCertHash(this.ctx.getHashTool.hashstr(toPemString(cert)), opName, dbInstance)
|
||||
}
|
||||
|
||||
def CheckPermissionOfDeployContract(doTrans: DoTransactionOfSandboxInSingle): Boolean = {
|
||||
var r = true
|
||||
val cid = doTrans.t.cid.get
|
||||
@ -219,4 +227,19 @@ class PermissionVerify(ctx: RepChainSystemContext) {
|
||||
}
|
||||
r
|
||||
}
|
||||
|
||||
private def toPemString(x509: X509Certificate): String = {
|
||||
val writer = new StringWriter
|
||||
val pemWriter = new JcaPEMWriter(writer)
|
||||
try{
|
||||
pemWriter.writeObject(x509)
|
||||
writer.toString
|
||||
}catch{
|
||||
case e:Exception=>
|
||||
""
|
||||
}finally {
|
||||
try{pemWriter.close()}catch {case e:Exception=>e.printStackTrace()}
|
||||
try{writer.close()}catch {case e:Exception=>e.printStackTrace()}
|
||||
}
|
||||
}
|
||||
}
|
@ -2,6 +2,7 @@ package rep.network.cache
|
||||
|
||||
import akka.actor.Props
|
||||
import rep.log.RepLogger
|
||||
import rep.log.httplog.AlertInfo
|
||||
import rep.network.autotransaction.Topic
|
||||
import rep.network.base.ModuleBase
|
||||
import rep.network.module.cfrd.CFRDActorType
|
||||
@ -48,14 +49,17 @@ class TransactionChecker (moduleName: String) extends ModuleBase(moduleName){
|
||||
result = true
|
||||
}
|
||||
} else {
|
||||
resultMsg = s"The transaction(${t.id}) is not completed"
|
||||
RepLogger.sendAlertToDB(pe.getRepChainContext.getHttpLogger(),
|
||||
new AlertInfo("API", 5, s"txid=${t.id},msg=签名验证失败."))
|
||||
//失败处理
|
||||
resultMsg = s"${t.id} 交易签名验证失败"
|
||||
}
|
||||
} catch {
|
||||
case e: RuntimeException => throw e
|
||||
case e: RuntimeException =>
|
||||
RepLogger.sendAlertToDB(pe.getRepChainContext.getHttpLogger(),
|
||||
new AlertInfo("API", 5, s"txid=${t.id},msg=签名验证异常,error=${e.getMessage}."))
|
||||
throw e
|
||||
}
|
||||
/*}else{
|
||||
result = true
|
||||
}*/
|
||||
|
||||
TransactionChecker.CheckedTransactionResult(result, resultMsg)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user