diff --git a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/RevocationConfig.kt b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/RevocationConfig.kt index b54ad3f776..6e8c695387 100644 --- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/RevocationConfig.kt +++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/protonwrapper/netty/RevocationConfig.kt @@ -11,7 +11,6 @@ import java.security.cert.PKIXRevocationChecker * Data structure for controlling the way how Certificate Revocation Lists are handled. */ @CustomConfigParser(parser = RevocationConfigParser::class) -// TODO This and RevocationConfigImpl should really be a single sealed data type interface RevocationConfig { enum class Mode { @@ -47,15 +46,13 @@ interface RevocationConfig { */ val externalCrlSource: CrlSource? - /** - * Creates a copy of [RevocationConfig] enriched by a [CrlSource]. - */ - fun enrichExternalCrlSource(sourceFunc: (() -> CrlSource)?): RevocationConfig - fun createPKIXRevocationChecker(): PKIXRevocationChecker { return when (mode) { Mode.OFF -> AllowAllRevocationChecker - Mode.EXTERNAL_SOURCE -> CordaRevocationChecker(externalCrlSource!!, softFail = true) + Mode.EXTERNAL_SOURCE -> { + val externalCrlSource = requireNotNull(externalCrlSource) { "externalCrlSource must be specfied for EXTERNAL_SOURCE" } + CordaRevocationChecker(externalCrlSource, softFail = true) + } Mode.SOFT_FAIL -> CordaRevocationChecker(CertDistPointCrlSource(), softFail = true) Mode.HARD_FAIL -> CordaRevocationChecker(CertDistPointCrlSource(), softFail = false) } @@ -67,24 +64,7 @@ interface RevocationConfig { */ fun Boolean.toRevocationConfig() = if(this) RevocationConfigImpl(RevocationConfig.Mode.SOFT_FAIL) else RevocationConfigImpl(RevocationConfig.Mode.HARD_FAIL) -data class RevocationConfigImpl(override val mode: RevocationConfig.Mode, override val externalCrlSource: CrlSource? = null) : RevocationConfig { - init { - if (mode == RevocationConfig.Mode.EXTERNAL_SOURCE) { - requireNotNull(externalCrlSource) { "externalCrlSource must not be null" } - } - } - - // TODO This doesn't really need to be a member method. All it does is change externalCrlSource if applicable, which is the same as - // just creating a new RevocationConfigImpl with that CrlSource. - override fun enrichExternalCrlSource(sourceFunc: (() -> CrlSource)?): RevocationConfig { - return if (mode != RevocationConfig.Mode.EXTERNAL_SOURCE) { - this - } else { - val func = requireNotNull(sourceFunc) { "There should be a way to obtain CrlSource" } - copy(externalCrlSource = func()) - } - } -} +data class RevocationConfigImpl(override val mode: RevocationConfig.Mode, override val externalCrlSource: CrlSource? = null) : RevocationConfig class RevocationConfigParser : ConfigParser { override fun parse(config: Config): RevocationConfig { diff --git a/node/src/integration-test/kotlin/net/corda/node/amqp/CertificateRevocationListNodeTests.kt b/node/src/integration-test/kotlin/net/corda/node/amqp/CertificateRevocationListNodeTests.kt index 3596d5d439..b99060a732 100644 --- a/node/src/integration-test/kotlin/net/corda/node/amqp/CertificateRevocationListNodeTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/amqp/CertificateRevocationListNodeTests.kt @@ -201,7 +201,7 @@ class CertificateRevocationListNodeTests { verifyAMQPConnection( crlCheckSoftFail = true, nodeCrlDistPoint = "http://${newUnreachableIpAddress()}/crl/unreachable.crl", - sslHandshakeTimeout = crlConnectTimeout * 2, + sslHandshakeTimeout = crlConnectTimeout * 3, expectedConnectStatus = true ) val timeoutExceptions = (amqpServer.softFailExceptions + amqpClient.softFailExceptions)