-
Notifications
You must be signed in to change notification settings - Fork 280
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ELY-2084] Split Elytron SSL into its own subsystem and layer
Removing the dependency of SSL classes on auth-related code
- Loading branch information
1 parent
7f56efb
commit 96136d1
Showing
71 changed files
with
640 additions
and
95 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,8 +21,6 @@ | |
import static org.jboss.logging.Logger.Level.WARN; | ||
|
||
import java.security.NoSuchAlgorithmException; | ||
import java.security.Principal; | ||
import java.security.cert.CertificateException; | ||
|
||
import javax.net.ssl.SSLException; | ||
import javax.net.ssl.SSLHandshakeException; | ||
|
@@ -36,11 +34,12 @@ | |
import org.jboss.logging.annotations.MessageLogger; | ||
import org.jboss.logging.annotations.ValidIdRange; | ||
import org.jboss.logging.annotations.ValidIdRanges; | ||
import org.wildfly.security.auth.server.RealmUnavailableException; | ||
|
||
/** | ||
* Log messages and exceptions for Elytron. | ||
* | ||
* @apiNote Security domain-specific messages are included in {@code ElytronMessages} from module | ||
* {@code wildfly-elytron-ssl}. The interfaces share message IDs, and they should always be modified together. | ||
* @author <a href="mailto:[email protected]">David M. Lloyd</a> | ||
* @author <a href="mailto:[email protected]">Darran Lofthouse</a> | ||
*/ | ||
|
@@ -51,10 +50,10 @@ | |
@ValidIdRange(min = 5015, max = 5017), | ||
@ValidIdRange(min = 15000, max = 15999) | ||
}) | ||
interface ElytronMessages extends BasicLogger { | ||
interface BaseElytronMessages extends BasicLogger { | ||
|
||
ElytronMessages log = Logger.getMessageLogger(ElytronMessages.class, "org.wildfly.security"); | ||
ElytronMessages tls = Logger.getMessageLogger(ElytronMessages.class, "org.wildfly.security.tls"); | ||
BaseElytronMessages log = Logger.getMessageLogger(BaseElytronMessages.class, "org.wildfly.security"); | ||
BaseElytronMessages tls = Logger.getMessageLogger(BaseElytronMessages.class, "org.wildfly.security.tls"); | ||
|
||
@LogMessage(level = WARN) | ||
@Message(id = 1066, value = "Invalid string count for mechanism database entry \"%s\"") | ||
|
@@ -107,15 +106,6 @@ interface ElytronMessages extends BasicLogger { | |
@Message(id = 4001, value = "No algorithm found matching TLS/SSL protocol selection criteria") | ||
NoSuchAlgorithmException noAlgorithmForSslProtocol(); | ||
|
||
@Message(id = 4002, value = "Empty certificate chain is not trusted") | ||
CertificateException emptyChainNotTrusted(); | ||
|
||
@Message(id = 4003, value = "Certificate not trusted due to realm failure for principal [%s]") | ||
CertificateException notTrustedRealmProblem(@Cause RealmUnavailableException e, Principal principal); | ||
|
||
@Message(id = 4004, value = "Credential validation failed: certificate is not trusted for principal [%s]") | ||
CertificateException notTrusted(Principal principal); | ||
|
||
@Message(id = 4005, value = "No default trust manager available") | ||
NoSuchAlgorithmException noDefaultTrustManager(); | ||
|
||
|
@@ -167,9 +157,6 @@ interface ElytronMessages extends BasicLogger { | |
@Message(id = 4026, value = "Could not create trust manager [%s]") | ||
IllegalStateException sslErrorCreatingTrustManager(String name, @Cause Throwable cause); | ||
|
||
@Message(id = 4027, value = "SecurityDomain of SSLContext does not support X509PeerCertificateChainEvidence verification") | ||
IllegalArgumentException securityDomainOfSSLContextDoesNotSupportX509(); | ||
|
||
@Message(id = 4029, value = "Default context cannot be null") | ||
IllegalStateException defaultContextCannotBeNull(); | ||
|
||
|
Oops, something went wrong.