mirror of
https://github.com/danieldemus/openhab-core.git
synced 2025-01-25 19:55:48 +01:00
Remove deprecated MQTT transport code (#1668)
Related to #1408 Signed-off-by: Wouter Born <github@maindrain.net>
This commit is contained in:
Wouter Born
GitHub
parent
6b97328189
commit
245a692705
@ -38,8 +38,6 @@ import org.openhab.core.io.transport.mqtt.internal.client.MqttAsyncClientWrapper
|
||||
import org.openhab.core.io.transport.mqtt.reconnect.AbstractReconnectStrategy;
|
||||
import org.openhab.core.io.transport.mqtt.reconnect.PeriodicReconnectStrategy;
|
||||
import org.openhab.core.io.transport.mqtt.ssl.CustomTrustManagerFactory;
|
||||
import org.openhab.core.io.transport.mqtt.sslcontext.CustomSSLContextProvider;
|
||||
import org.openhab.core.io.transport.mqtt.sslcontext.SSLContextProvider;
|
||||
import org.osgi.service.cm.ConfigurationException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@ -91,7 +89,6 @@ public class MqttBrokerConnection {
|
||||
protected final MqttVersion mqttVersion;
|
||||
|
||||
private @Nullable TrustManagerFactory trustManagerFactory = InsecureTrustManagerFactory.INSTANCE;
|
||||
private SSLContextProvider sslContextProvider = new CustomSSLContextProvider(trustManagerFactory);
|
||||
protected final String clientId;
|
||||
private @Nullable String user;
|
||||
private @Nullable String password;
|
||||
@ -298,7 +295,6 @@ public class MqttBrokerConnection {
|
||||
} else {
|
||||
trustManagerFactory = null;
|
||||
}
|
||||
sslContextProvider = new CustomSSLContextProvider(trustManagerFactory);
|
||||
}
|
||||
|
||||
public TrustManager[] getTrustManagers() {
|
||||
@ -506,26 +502,6 @@ public class MqttBrokerConnection {
|
||||
return keepAliveInterval;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the ssl context provider.
|
||||
*/
|
||||
@Deprecated
|
||||
public SSLContextProvider getSSLContextProvider() {
|
||||
return sslContextProvider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the ssl context provider. The default provider is {@see AcceptAllCertifcatesSSLContext}.
|
||||
*
|
||||
* @return The ssl context provider. Should not be null, but the ssl context will in fact
|
||||
* only be used if a ssl:// url is given.
|
||||
*/
|
||||
@Deprecated
|
||||
public void setSSLContextProvider(SSLContextProvider sslContextProvider) {
|
||||
this.sslContextProvider = sslContextProvider;
|
||||
trustManagerFactory = new CustomTrustManagerFactory(sslContextProvider);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true if there are subscribers registered via {@link #subscribe(String, MqttMessageSubscriber)}.
|
||||
* Call {@link #unsubscribe(String, MqttMessageSubscriber)} or {@link #unsubscribeAll()} if necessary.
|
||||
|
||||
@ -12,22 +12,14 @@
|
||||
*/
|
||||
package org.openhab.core.io.transport.mqtt.ssl;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.security.KeyStore;
|
||||
|
||||
import javax.net.ssl.ManagerFactoryParameters;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||
import org.eclipse.jdt.annotation.Nullable;
|
||||
import org.openhab.core.io.transport.mqtt.sslcontext.SSLContextProvider;
|
||||
import org.osgi.service.cm.ConfigurationException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
|
||||
import io.netty.handler.ssl.util.SimpleTrustManagerFactory;
|
||||
|
||||
/**
|
||||
@ -37,38 +29,12 @@ import io.netty.handler.ssl.util.SimpleTrustManagerFactory;
|
||||
*/
|
||||
@NonNullByDefault
|
||||
public class CustomTrustManagerFactory extends SimpleTrustManagerFactory {
|
||||
private final Logger logger = LoggerFactory.getLogger(CustomTrustManagerFactory.class);
|
||||
private final TrustManager[] trustManagers;
|
||||
|
||||
public CustomTrustManagerFactory(TrustManager[] trustManagers) {
|
||||
this.trustManagers = trustManagers;
|
||||
}
|
||||
|
||||
@Deprecated
|
||||
public CustomTrustManagerFactory(SSLContextProvider contextProvider) {
|
||||
TrustManager[] tm;
|
||||
try {
|
||||
SSLContext ctx = contextProvider.getContext();
|
||||
|
||||
// get SSLContextImpl
|
||||
Field contextSpiField = ctx.getClass().getDeclaredField("contextSpi");
|
||||
contextSpiField.setAccessible(true);
|
||||
Object sslContextImpl = contextSpiField.get(ctx);
|
||||
Class<?> sslContextImplClass = sslContextImpl.getClass().getSuperclass().getSuperclass();
|
||||
|
||||
// get trustmanager
|
||||
Field trustManagerField = sslContextImplClass.getDeclaredField("trustManager");
|
||||
trustManagerField.setAccessible(true);
|
||||
Object trustManagerObj = trustManagerField.get(sslContextImpl);
|
||||
|
||||
tm = new TrustManager[] { (X509TrustManager) trustManagerObj };
|
||||
} catch (IllegalAccessException | NoSuchFieldException | ConfigurationException e) {
|
||||
logger.warn("using default insecure trustmanager, could not extract trustmanager from SSL context:", e);
|
||||
tm = InsecureTrustManagerFactory.INSTANCE.getTrustManagers();
|
||||
}
|
||||
trustManagers = tm;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void engineInit(@Nullable KeyStore keyStore) throws Exception {
|
||||
}
|
||||
|
||||
@ -1,66 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2010-2020 Contributors to the openHAB project
|
||||
*
|
||||
* See the NOTICE file(s) distributed with this work for additional
|
||||
* information.
|
||||
*
|
||||
* This program and the accompanying materials are made available under the
|
||||
* terms of the Eclipse Public License 2.0 which is available at
|
||||
* http://www.eclipse.org/legal/epl-2.0
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.openhab.core.io.transport.mqtt.sslcontext;
|
||||
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||
import org.eclipse.jdt.annotation.Nullable;
|
||||
import org.osgi.service.cm.ConfigurationException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* This SSLContextProvider returns an {@link SSLContext} that accepts all connections and doesn't perform any
|
||||
* certificate validations. This implementation forces a TLS v1.2 {@link SSLContext} instance.
|
||||
*
|
||||
* @author David Graeff - Initial contribution
|
||||
*/
|
||||
@Deprecated
|
||||
@NonNullByDefault
|
||||
public class AcceptAllCertificatesSSLContext implements SSLContextProvider {
|
||||
private final Logger logger = LoggerFactory.getLogger(AcceptAllCertificatesSSLContext.class);
|
||||
|
||||
TrustManager trustManager = new X509TrustManager() {
|
||||
@Override
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return new X509Certificate[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkClientTrusted(X509Certificate @Nullable [] certs, @Nullable String authType) {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkServerTrusted(X509Certificate @Nullable [] certs, @Nullable String authType) {
|
||||
}
|
||||
};
|
||||
|
||||
@Override
|
||||
public SSLContext getContext() throws ConfigurationException {
|
||||
try {
|
||||
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
|
||||
sslContext.init(null, new TrustManager[] { trustManager }, null);
|
||||
return sslContext;
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
logger.warn("SSL configuration failed", e);
|
||||
throw new ConfigurationException("ssl", e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,58 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2010-2020 Contributors to the openHAB project
|
||||
*
|
||||
* See the NOTICE file(s) distributed with this work for additional
|
||||
* information.
|
||||
*
|
||||
* This program and the accompanying materials are made available under the
|
||||
* terms of the Eclipse Public License 2.0 which is available at
|
||||
* http://www.eclipse.org/legal/epl-2.0
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.openhab.core.io.transport.mqtt.sslcontext;
|
||||
|
||||
import java.security.KeyManagementException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.TrustManagerFactory;
|
||||
|
||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||
import org.eclipse.jdt.annotation.Nullable;
|
||||
import org.osgi.service.cm.ConfigurationException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* This SSLContextProvider returns an {@link SSLContext} that accepts all connections and doesn't perform any
|
||||
* certificate validations. This implementation forces a TLS v1.2 {@link SSLContext} instance.
|
||||
*
|
||||
* @author Jan N. Klug - Initial contribution
|
||||
*/
|
||||
@Deprecated
|
||||
@NonNullByDefault
|
||||
public class CustomSSLContextProvider implements SSLContextProvider {
|
||||
private final Logger logger = LoggerFactory.getLogger(CustomSSLContextProvider.class);
|
||||
private final @Nullable TrustManagerFactory factory;
|
||||
|
||||
public CustomSSLContextProvider(@Nullable TrustManagerFactory factory) {
|
||||
this.factory = factory;
|
||||
}
|
||||
|
||||
@Override
|
||||
public SSLContext getContext() throws ConfigurationException {
|
||||
try {
|
||||
if (factory == null) {
|
||||
return SSLContext.getDefault();
|
||||
} else {
|
||||
SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
|
||||
sslContext.init(null, factory.getTrustManagers(), null);
|
||||
return sslContext;
|
||||
}
|
||||
} catch (KeyManagementException | NoSuchAlgorithmException e) {
|
||||
logger.warn("SSL configuration failed", e);
|
||||
throw new ConfigurationException("ssl", e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,36 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2010-2020 Contributors to the openHAB project
|
||||
*
|
||||
* See the NOTICE file(s) distributed with this work for additional
|
||||
* information.
|
||||
*
|
||||
* This program and the accompanying materials are made available under the
|
||||
* terms of the Eclipse Public License 2.0 which is available at
|
||||
* http://www.eclipse.org/legal/epl-2.0
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.openhab.core.io.transport.mqtt.sslcontext;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
|
||||
import org.eclipse.jdt.annotation.NonNullByDefault;
|
||||
import org.openhab.core.io.transport.mqtt.MqttBrokerConnection;
|
||||
import org.osgi.service.cm.ConfigurationException;
|
||||
|
||||
/**
|
||||
* Implement this and provide a {@link SSLContext} instance to be used by the {@link MqttBrokerConnection} for secure
|
||||
* Mqtt broker connections where the URL starts with 'ssl://'. Register your implementation with
|
||||
* {@link MqttBrokerConnection.setSSLContextProvider}.
|
||||
*
|
||||
* @author David Graeff - Initial contribution
|
||||
*/
|
||||
@Deprecated
|
||||
@NonNullByDefault
|
||||
public interface SSLContextProvider {
|
||||
/**
|
||||
* Return an {@link SSLContext} to be used by secure Mqtt broker connections. Never return null here. If you are not
|
||||
* able to create an {@link SSLContext} instance, fail with a ConfigurationException instead.
|
||||
*/
|
||||
SSLContext getContext() throws ConfigurationException;
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user