Makeing it possible to active/deactivate traust validation by the trust-store
Change-Id: I8c935ff9b20fd6b55f192648a69ded1c8c67748d
diff --git a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/DfcHttpsClient.java b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/DfcHttpsClient.java
index 872f1e6..910897b 100644
--- a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/DfcHttpsClient.java
+++ b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/DfcHttpsClient.java
@@ -25,6 +25,7 @@
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
+import org.apache.commons.io.FileUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.config.RequestConfig;
@@ -91,6 +92,7 @@
HttpResponse httpResponse = makeCall(httpGet);
processResponse(httpResponse, localFile);
} catch (IOException e) {
+ logger.error("marker", e);
throw new DatafileTaskException("Error downloading file from server. ", e);
}
logger.trace("HTTPS collectFile OK");
@@ -131,11 +133,14 @@
EntityUtils.consume(httpResponse.getEntity());
if (isErrorInConnection(httpResponse)) {
+ logger.warn("Failed to download file, reason: {}, code: {}",
+ httpResponse.getStatusLine().getReasonPhrase(), httpResponse.getStatusLine());
throw new NonRetryableDatafileTaskException(HttpUtils.retryableResponse(getResponseCode(httpResponse)));
}
throw new DatafileTaskException(HttpUtils.nonRetryableResponse(getResponseCode(httpResponse)));
} catch (ConnectTimeoutException | UnknownHostException | HttpHostConnectException | SSLHandshakeException
| SSLPeerUnverifiedException e) {
+ logger.warn("Unable to get file from xNF: {}", e.getMessage());
throw new NonRetryableDatafileTaskException("Unable to get file from xNF. No retry attempts will be done.",
e);
}
@@ -168,6 +173,7 @@
}
protected long writeFile(Path localFile, InputStream stream) throws IOException {
+ FileUtils.forceMkdirParent(localFile.toFile());
return Files.copy(stream, localFile, StandardCopyOption.REPLACE_EXISTING);
}
diff --git a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/HttpsClientConnectionManagerUtil.java b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/HttpsClientConnectionManagerUtil.java
index d81d529..7769e53 100644
--- a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/HttpsClientConnectionManagerUtil.java
+++ b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/http/HttpsClientConnectionManagerUtil.java
@@ -82,8 +82,9 @@
try {
SSLContextBuilder sslBuilder = SSLContexts.custom();
sslBuilder = supplyKeyInfo(keyCertPath, keyCertPasswordPath, sslBuilder);
- // sslBuilder = supplyTrustInfo(trustedCaPath, trustedCaPasswordPath,
- // sslBuilder);
+ if (!trustedCaPath.isEmpty()) {
+ sslBuilder = supplyTrustInfo(trustedCaPath, trustedCaPasswordPath, sslBuilder);
+ }
SSLContext sslContext = sslBuilder.build();
@@ -112,12 +113,12 @@
return sslBuilder.loadKeyMaterial(keyFile, keyPass.toCharArray());
}
- private static KeyStore createKeyStore(String trustedCaPath, String trustedCaPassword)
+ private static KeyStore createKeyStore(String path, String storePassword)
throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
- logger.trace("Creating trust manager from file: {}", trustedCaPath);
- try (InputStream fis = createInputStream(trustedCaPath)) {
+ logger.trace("Creating manager from file: {}", path);
+ try (InputStream fis = createInputStream(path)) {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
- keyStore.load(fis, trustedCaPassword.toCharArray());
+ keyStore.load(fis, storePassword.toCharArray());
return keyStore;
}
}
diff --git a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java
index c09392a..a50b7ca 100644
--- a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java
+++ b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/FileCollector.java
@@ -119,16 +119,18 @@
counters.incNoOfCollectedFiles();
return Mono.just(Optional.of(createFilePublishInformation(fileData)));
} catch (NonRetryableDatafileTaskException nre) {
- logger.warn("Failed to download file: {} {}, reason: ", fileData.sourceName(), fileData.fileInfo.name, nre);
+ logger.warn("Failed to download file, not retryable: {} {}, reason: {}", fileData.sourceName(),
+ fileData.fileInfo.name, nre.getMessage());
incFailedAttemptsCounter(fileData);
return Mono.just(Optional.empty()); // Give up
} catch (DatafileTaskException e) {
- logger.warn("Failed to download file: {} {}, reason: ", fileData.sourceName(), fileData.fileInfo.name, e);
+ logger.warn("Failed to download file: {} {}, reason: {}", fileData.sourceName(), fileData.fileInfo.name,
+ e.getMessage());
incFailedAttemptsCounter(fileData);
return Mono.error(e);
} catch (Exception throwable) {
logger.warn("Failed to close client: {} {}, reason: {}", fileData.sourceName(), fileData.fileInfo.name,
- throwable.toString(), throwable);
+ throwable.getMessage(), throwable);
return Mono.just(Optional.of(createFilePublishInformation(fileData)));
}
}
@@ -179,9 +181,10 @@
protected FtpesClient createFtpesClient(FileData fileData) throws DatafileTaskException {
CertificateConfig config = appConfig.getCertificateConfiguration();
+ Path trustedCa = config.trustedCa.isEmpty() ? null : Paths.get(config.trustedCa);
- return new FtpesClient(fileData.fileServerData(), Paths.get(config.keyCert), config.keyPasswordPath,
- Paths.get(config.trustedCa), config.trustedCaPasswordPath);
+ return new FtpesClient(fileData.fileServerData(), Paths.get(config.keyCert), config.keyPasswordPath, trustedCa,
+ config.trustedCaPasswordPath);
}
protected FileCollectClient createHttpClient(FileData fileData) {
diff --git a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/ScheduledTasks.java b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/ScheduledTasks.java
index 7d93a70..7eaab8f 100644
--- a/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/ScheduledTasks.java
+++ b/datafile/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/tasks/ScheduledTasks.java
@@ -223,13 +223,13 @@
return createFileCollector() //
.collectFile(fileData.fileData, FILE_TRANSFER_MAX_RETRIES, FILE_TRANSFER_INITIAL_RETRY_TIMEOUT,
fileData.context) //
- .onErrorResume(exception -> handleFetchFileFailure(fileData));
+ .onErrorResume(exception -> handleFetchFileFailure(fileData, exception));
}
- private Mono<FilePublishInformation> handleFetchFileFailure(FileDataWithContext fileData) {
+ private Mono<FilePublishInformation> handleFetchFileFailure(FileDataWithContext fileData, Throwable t) {
MDC.setContextMap(fileData.context);
Path localFilePath = fileData.fileData.getLocalFilePath(this.appConfig);
- logger.error("File fetching failed, fileData {}", fileData.fileData);
+ logger.error("File fetching failed, path {}, reason: {}", fileData.fileData.remoteFilePath(), t.getMessage());
deleteFile(localFilePath, fileData.context);
publishedFilesCache.remove(localFilePath);
if (Scheme.isFtpScheme(fileData.fileData.scheme())) {
@@ -270,7 +270,7 @@
try {
Files.delete(localFile);
} catch (Exception e) {
- logger.trace("Could not delete file: {}", localFile, e);
+ logger.trace("Could not delete file: {}, reason: {}", localFile, e.getMessage());
}
}
}
diff --git a/datafile/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/MockDatafile.java b/datafile/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/MockDatafile.java
index d69c3b8..6061269 100644
--- a/datafile/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/MockDatafile.java
+++ b/datafile/datafile-app-server/src/test/java/org/onap/dcaegen2/collectors/datafile/MockDatafile.java
@@ -26,9 +26,12 @@
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
+import java.io.File;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
+import org.apache.commons.io.FileUtils;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.onap.dcaegen2.collectors.datafile.configuration.AppConfig;
@@ -55,7 +58,7 @@
"app.ssl.key-store-password-file=./config/ftps_keystore.pass", //
"app.ssl.key-store=./config/ftps_keystore.p12", //
"app.ssl.trust-store-password-file=./config/truststore.pass", //
- "app.ssl.trust-store=./config/truststore.jks", //
+ "app.ssl.trust-store=", // No trust validation
"logging.file.name=/tmp/datafile.log", //
"spring.main.allow-bean-definition-overriding=true"
// "app.webclient.trust-store=./datafile-app-server/config/truststore.jks", //
@@ -169,6 +172,10 @@
@BeforeEach
void init() {
+ try {
+ FileUtils.deleteDirectory(new File(this.appConfig.collectedFilesPath));
+ } catch (IOException e) {
+ }
if (kafkaReceiver == null) {
kafkaReceiver = new KafkaReceiver(this.appConfig, this.appConfig.collectedFileTopic);
}