Skip to content

Commit

Permalink
Forbid setting empty prefixes for RedisSecurityStore
Browse files Browse the repository at this point in the history
  • Loading branch information
@aliakseiz
aliakseiz committed Mar 2, 2023
1 parent 58270cc commit bd8b389
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 24 deletions.
2 changes: 1 addition & 1 deletion ...test/java/org/eclipse/leshan/integration/tests/util/RedisSecureIntegrationTestHelper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ protected SecurityStore createSecurityStore() {
} else {
jedis = new JedisPool();
}
securityStore = new RedisSecurityStore.Builder(jedis).build();
securityStore = new RedisSecurityStore(jedis);
return securityStore;
}
}
10 changes: 4 additions & 6 deletions leshan-server-demo/src/main/java/org/eclipse/leshan/server/demo/LeshanServerDemo.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
import org.eclipse.californium.elements.util.CertPathUtil;
import org.eclipse.californium.scandium.config.DtlsConfig;
import org.eclipse.californium.scandium.config.DtlsConfig.DtlsRole;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig.Builder;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.webapp.WebAppContext;
Expand Down Expand Up @@ -162,7 +162,7 @@ public static LeshanServer createLeshanServer(LeshanServerDemoCLI cli) throws Ex
securityStore = new FileSecurityStore();
} else {
// use Redis Store
securityStore = new RedisSecurityStore.Builder(cli.main.redis).build();
securityStore = new RedisSecurityStore(cli.main.redis);
builder.setRegistrationStore(new RedisRegistrationStore(cli.main.redis));
}
builder.setSecurityStore(securityStore);
Expand Down Expand Up @@ -190,10 +190,8 @@ public CaliforniumServerEndpointFactory createDefaultEndpointFactory(URI uri) {
return new CoapsServerEndpointFactory(uri) {

@Override
protected DtlsConnectorConfig.Builder createDtlsConnectorConfigBuilder(
Configuration endpointConfiguration) {
DtlsConnectorConfig.Builder dtlsConfigBuilder = super.createDtlsConnectorConfigBuilder(
endpointConfiguration);
protected Builder createDtlsConnectorConfigBuilder(Configuration endpointConfiguration) {
Builder dtlsConfigBuilder = super.createDtlsConnectorConfigBuilder(endpointConfiguration);

// Add MDC for connection logs
if (cli.helpsOptions.getVerboseLevel() > 0)
Expand Down
50 changes: 33 additions & 17 deletions leshan-server-redis/src/main/java/org/eclipse/leshan/server/redis/RedisSecurityStore.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,11 @@ public class RedisSecurityStore implements EditableSecurityStore {

private final List<SecurityStoreListener> listeners = new CopyOnWriteArrayList<>();

private RedisSecurityStore(Builder builder) {
public RedisSecurityStore(Pool<Jedis> pool) {
this(new Builder(pool));
}

protected RedisSecurityStore(Builder builder) {
this.pool = builder.pool;
this.securityInfoByEndpointPrefix = builder.securityInfoByEndpointPrefix;
this.endpointByPskIdKey = builder.endpointByPskIdKey;
Expand Down Expand Up @@ -186,29 +190,24 @@ public static class Builder {

private String prefix;

/**
* Set the Redis connection pool for the {@link RedisSecurityStore}.
*/
public void setPool(Pool<Jedis> pool) {
this.pool = pool;
}

/**
* Set the key prefix for security info lookup by endpoint.
* <p>
* Default value is {@literal SEC#EP#}.
* Default value is {@literal SEC#EP#}. Should not be {@code null} or empty.
*/
public void setSecurityInfoByEndpointPrefix(String securityInfoByEndpointPrefix) {
public Builder setSecurityInfoByEndpointPrefix(String securityInfoByEndpointPrefix) {
this.securityInfoByEndpointPrefix = securityInfoByEndpointPrefix;
return this;
}

/**
* Set the key for endpoint lookup by PSK identity.
* <p>
* Default value is {@literal EP#PSKID}.
* Default value is {@literal EP#PSKID}. Should not be {@code null} or empty.
*/
public void setEndpointByPskIdKey(String endpointByPskIdKey) {
public Builder setEndpointByPskIdKey(String endpointByPskIdKey) {
this.endpointByPskIdKey = endpointByPskIdKey;
return this;
}

/**
Expand All @@ -217,8 +216,9 @@ public void setEndpointByPskIdKey(String endpointByPskIdKey) {
* <p>
* Default value is {@literal SECSTORE#}.
*/
public void setPrefix(String prefix) {
public Builder setPrefix(String prefix) {
this.prefix = prefix;
return this;
}

public Builder(Pool<Jedis> pool) {
Expand All @@ -231,11 +231,27 @@ public Builder(Pool<Jedis> pool) {
/**
* Create the {@link RedisSecurityStore}.
* <p>
* @return the Redis security store.
* Throws {@link IllegalArgumentException} when {@link #securityInfoByEndpointPrefix} or
* {@link #endpointByPskIdKey} are not set or are equal to each other.
*/
public RedisSecurityStore build() {
this.securityInfoByEndpointPrefix = this.prefix + this.securityInfoByEndpointPrefix;
this.endpointByPskIdKey = this.prefix + this.endpointByPskIdKey;
public RedisSecurityStore build() throws IllegalArgumentException {
if (this.securityInfoByEndpointPrefix == null || this.securityInfoByEndpointPrefix.isEmpty()) {
throw new IllegalArgumentException("securityInfoByEndpointPrefix should not be empty");
}

if (this.endpointByPskIdKey == null || this.endpointByPskIdKey.isEmpty()) {
throw new IllegalArgumentException("endpointByPskIdKey should not be empty");
}

if (this.securityInfoByEndpointPrefix.equals(this.endpointByPskIdKey)) {
throw new IllegalArgumentException(
"securityInfoByEndpointPrefix should not be equal to endpointByPskIdKey");
}

if (this.prefix != null) {
this.securityInfoByEndpointPrefix = this.prefix + this.securityInfoByEndpointPrefix;
this.endpointByPskIdKey = this.prefix + this.endpointByPskIdKey;
}

return new RedisSecurityStore(this);
}
Expand Down

0 comments on commit bd8b389

Please sign in to comment.