summaryrefslogtreecommitdiffstats
path: root/security-utils
diff options
context:
space:
mode:
authorBjørn Christian Seime <bjorncs@verizonmedia.com>2019-07-03 15:48:02 +0200
committerBjørn Christian Seime <bjorncs@verizonmedia.com>2019-07-03 15:48:02 +0200
commit33414201cba1f7c4a98880976cdc2c12bde09ef1 (patch)
treee1b2a8cc3d823a021923c5c1abdd5b04ad121604 /security-utils
parentead6d2f4a592be23e790740a4a1d41bb42eef65b (diff)
Make access to hashmap and current manager synchronized
Diffstat (limited to 'security-utils')
-rw-r--r--security-utils/src/main/java/com/yahoo/security/tls/MutableX509KeyManager.java39
1 files changed, 26 insertions, 13 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/MutableX509KeyManager.java b/security-utils/src/main/java/com/yahoo/security/tls/MutableX509KeyManager.java
index a63ca28c793..efd4d8ece87 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/MutableX509KeyManager.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/MutableX509KeyManager.java
@@ -20,25 +20,34 @@ import java.util.WeakHashMap;
*/
public class MutableX509KeyManager extends X509ExtendedKeyManager {
- // Not using ThreadLocal as we want the x509 key manager instances to be collected
+ private final Object monitor = new Object();
+ // Not using ThreadLocal as we want the thread local x509 key manager instances to be garbage collected
// when either the thread dies or the MutableX509KeyManager instance is collected (latter not the case for ThreadLocal).
private final WeakHashMap<Thread, X509ExtendedKeyManager> threadLocalManager = new WeakHashMap<>();
- private volatile X509ExtendedKeyManager currentManager;
+ private X509ExtendedKeyManager currentManager;
public MutableX509KeyManager(KeyStore keystore, char[] password) {
- this.currentManager = KeyManagerUtils.createDefaultX509KeyManager(keystore, password);
+ synchronized (monitor) {
+ this.currentManager = KeyManagerUtils.createDefaultX509KeyManager(keystore, password);
+ }
}
public MutableX509KeyManager() {
- this.currentManager = KeyManagerUtils.createDefaultX509KeyManager();
+ synchronized (monitor) {
+ this.currentManager = KeyManagerUtils.createDefaultX509KeyManager();
+ }
}
public void updateKeystore(KeyStore keystore, char[] password) {
- this.currentManager = KeyManagerUtils.createDefaultX509KeyManager(keystore, password);
+ synchronized (monitor) {
+ this.currentManager = KeyManagerUtils.createDefaultX509KeyManager(keystore, password);
+ }
}
public void useDefaultKeystore() {
- this.currentManager = KeyManagerUtils.createDefaultX509KeyManager();
+ synchronized (monitor) {
+ this.currentManager = KeyManagerUtils.createDefaultX509KeyManager();
+ }
}
@Override
@@ -78,9 +87,11 @@ public class MutableX509KeyManager extends X509ExtendedKeyManager {
}
private X509ExtendedKeyManager updateAndGetThreadLocalManager() {
- X509ExtendedKeyManager currentManager = this.currentManager;
- threadLocalManager.put(Thread.currentThread(), currentManager);
- return currentManager;
+ synchronized (monitor) {
+ X509ExtendedKeyManager currentManager = this.currentManager;
+ threadLocalManager.put(Thread.currentThread(), currentManager);
+ return currentManager;
+ }
}
@Override
@@ -98,11 +109,13 @@ public class MutableX509KeyManager extends X509ExtendedKeyManager {
}
private X509ExtendedKeyManager getThreadLocalManager() {
- X509ExtendedKeyManager manager = threadLocalManager.get(Thread.currentThread());
- if (manager == null) {
- throw new IllegalStateException("Methods to retrieve valid aliases has not been called previously from this thread");
+ synchronized (monitor) {
+ X509ExtendedKeyManager manager = threadLocalManager.get(Thread.currentThread());
+ if (manager == null) {
+ throw new IllegalStateException("Methods to retrieve valid aliases has not been called previously from this thread");
+ }
+ return manager;
}
- return manager;
}
}