import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.List;
+import java.util.Locale;
import java.util.Properties;
import java.util.TimeZone;
public class Launcher {
public static void main(String[] args) throws Exception {
+ System.setProperty("jdk.tls.ephemeralDHKeySize", "4096");
+ boot();
+ }
+
+ public static void boot() throws Exception {
+ Locale.setDefault(Locale.ENGLISH);
TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
+
GigiConfig conf = GigiConfig.parse(System.in);
ServerConstants.init(conf.getMainProps());
initEmails(conf);
HandlerList hl = new HandlerList();
hl.setHandlers(new Handler[] {
- generateStaticContext(), generateGigiContexts(conf.getMainProps()), generateAPIContext()
+ generateStaticContext(), generateGigiContexts(conf.getMainProps(), conf.getTrustStore()), generateAPIContext()
});
s.setHandler(hl);
s.start();
Log.getLogger(Launcher.class).warn("Couldn't set uid!");
}
}
+ if (conf.getMainProps().containsKey("testrunner")) {
+ DevelLauncher.addDevelPage();
+ }
}
private static ServerConnector createConnector(GigiConfig conf, Server s, HttpConfiguration httpConfig, boolean doHttps) throws GeneralSecurityException, IOException {
if (doHttps) {
connector = new ServerConnector(s, createConnectionFactory(conf), new HttpConnectionFactory(httpConfig));
} else {
- connector = new ServerConnector(s);
+ connector = new ServerConnector(s, new HttpConnectionFactory(httpConfig));
}
connector.setHost(conf.getMainProps().getProperty("host"));
- if(doHttps) {
+ if (doHttps) {
connector.setPort(ServerConstants.getSecurePort());
} else {
connector.setPort(ServerConstants.getPort());
};
}
- private static Handler generateGigiContexts(Properties conf) {
- ServletHolder webAppServlet = new ServletHolder(new Gigi(conf));
+ private static Handler generateGigiContexts(Properties conf, KeyStore trust) {
+ ServletHolder webAppServlet = new ServletHolder(new Gigi(conf, trust));
ContextHandler ch = generateGigiServletContext(webAppServlet);
ch.setVirtualHosts(new String[] {
servlet.addServlet(webAppServlet, "/*");
ErrorPageErrorHandler epeh = new ErrorPageErrorHandler();
epeh.addErrorPage(404, "/error");
+ epeh.addErrorPage(403, "/denied");
servlet.setErrorHandler(epeh);
HandlerList hl = new HandlerList();
scf.setRenegotiationAllowed(false);
scf.setProtocol("TLS");
+ scf.setIncludeProtocols("TLSv1", "TLSv1.1", "TLSv1.2");
scf.setTrustStore(conf.getTrustStore());
KeyStore privateStore = conf.getPrivateStore();
scf.setKeyStorePassword(conf.getPrivateStorePw());