Code Review / netconf.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: b282860)
Return immutable set from findAllowedKeys() 74/104274/3
authorRobert Varga <robert.varga@pantheon.tech>
Mon, 6 Feb 2023 15:31:48 +0000 (16:31 +0100)
committerRobert Varga <robert.varga@pantheon.tech>
Mon, 6 Feb 2023 20:34:20 +0000 (21:34 +0100)
We are returning a mutable HashSet, let's use a simple Set.copyOf()
instead. Also update the sole caller to perform this operation only
once, closing a TOCTOE race.

JIRA: NETCONF-949
Change-Id: If49fb938b8ac09e63bdfdef229ef22635c9bb652
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/SslHandlerFactoryAdapter.java patch | blob | history
apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/TlsAllowedDevicesMonitorImpl.java patch | blob | history

diff --git a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/SslHandlerFactoryAdapter.java b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/SslHandlerFactoryAdapter.java
index a012ff7a103822fcc65904628d644b5e6e7981cd..a64357ee0212f6ee5890652356b4f5e320bfabc3 100644 (file)
--- a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/SslHandlerFactoryAdapter.java
+++ b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/SslHandlerFactoryAdapter.java
@@ -36,14 +36,16 @@ public class SslHandlerFactoryAdapter implements SslHandlerFactory {
 
     @Override
     public SslHandler createSslHandler(final Set<String> allowedKeys) {
+        // FIXME: we are ignoring passed in keys?!
         return createSslHandlerFilteredByKeys();
     }
 
     private SslHandler createSslHandlerFilteredByKeys() {
-        if (allowedDevicesMonitor.findAllowedKeys().isEmpty()) {
+        final var allowedKeys = allowedDevicesMonitor.findAllowedKeys();
+        if (allowedKeys.isEmpty()) {
             LOG.error("No associated keys for TLS authentication were found");
             throw new IllegalStateException("No associated keys for TLS authentication were found");
         }
-        return sslHandlerFactory.createSslHandler(allowedDevicesMonitor.findAllowedKeys());
+        return sslHandlerFactory.createSslHandler(allowedKeys);
     }
 }
\ No newline at end of file
diff --git a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/TlsAllowedDevicesMonitorImpl.java b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/TlsAllowedDevicesMonitorImpl.java
index 2aba9bda5194ff5d6074c053683ea4c676e1628b..f0e5ac5ae2b055a73d5009040cf98230bca41421 100644 (file)
--- a/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/TlsAllowedDevicesMonitorImpl.java
+++ b/apps/callhome-provider/src/main/java/org/opendaylight/netconf/callhome/mount/tls/TlsAllowedDevicesMonitorImpl.java
@@ -17,7 +17,6 @@ import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.util.Base64;
 import java.util.Collection;
-import java.util.HashSet;
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
@@ -90,7 +89,7 @@ public class TlsAllowedDevicesMonitorImpl implements TlsAllowedDevicesMonitor, A
 
     @Override
     public Set<String> findAllowedKeys() {
-        return new HashSet<>(deviceToPrivateKey.values());
+        return Set.copyOf(deviceToPrivateKey.values());
     }
 
     @Override
Netconf