From 60cd0000fb9d9d036c02f4e7a263072fc12d7d9e Mon Sep 17 00:00:00 2001
From: Robert Goldmann <deadlocker@gmx.de>
Date: Sat, 25 Nov 2017 11:39:49 +0100
Subject: [PATCH] Fixed #148 - include self-signed certificate for easy usage
 of server in LAN

---
 .../server/SparkServer.java                   |  13 ++++++++++--
 .../certificate/default_certificate.crt       |  19 ++++++++++++++++++
 .../certificate/default_keystore.jks          | Bin 0 -> 2150 bytes
 .../budgetmasterserver/settings.json          |   4 ++--
 4 files changed, 32 insertions(+), 4 deletions(-)
 create mode 100644 BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_certificate.crt
 create mode 100644 BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_keystore.jks

diff --git a/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmasterserver/server/SparkServer.java b/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmasterserver/server/SparkServer.java
index 9f47f2ca5..3a0f1d91b 100644
--- a/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmasterserver/server/SparkServer.java
+++ b/BudgetMasterServer/src/main/java/de/deadlocker8/budgetmasterserver/server/SparkServer.java
@@ -88,8 +88,17 @@ public class SparkServer
 			{
 				throw new Exception("empty string is no valid keystorePath");
 			}
-			File keystoreFile = new File(filePath);		
-			secure(keystoreFile.getAbsolutePath(), settings.getKeystorePassword(), null, null);						
+			else if(settings.getKeystorePath().equals("default"))
+			{
+				Logger.info("Connections are secured with default keystore");
+				Logger.warning("The Server is running with the default keystore. This is only recommended if the server is running in a local area network and is not exposed to the internet. Please check if this is intended.");
+				secure(SparkServer.class.getClassLoader().getResource("de/deadlocker8/budgetmasterserver/certificate/default_keystore.jks").toString(), settings.getKeystorePassword(), null, null);
+			}
+			else
+			{
+				Logger.info("Connections are secured with custom keystore");
+				secure(new File(filePath).getAbsolutePath(), settings.getKeystorePassword(), null, null);
+			}
 		}
 		catch(Exception e)
 		{
diff --git a/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_certificate.crt b/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_certificate.crt
new file mode 100644
index 000000000..e64160ce6
--- /dev/null
+++ b/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_certificate.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDHjCCAgYCCQDMkgYSh6618zANBgkqhkiG9w0BAQsFADBQMQswCQYDVQQGEwJE
+RTEUMBIGA1UECgwLZGVhZGxvY2tlcjgxFTATBgNVBAsMDEJ1ZGdldE1hc3RlcjEU
+MBIGA1UEAwwLZGVhZGxvY2tlcjgwIBcNMTcxMTI1MTAwMzM3WhgPMjA4NTEyMTIx
+MDAzMzdaMFAxCzAJBgNVBAYTAkRFMRQwEgYDVQQKDAtkZWFkbG9ja2VyODEVMBMG
+A1UECwwMQnVkZ2V0TWFzdGVyMRQwEgYDVQQDDAtkZWFkbG9ja2VyODCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALzI08zIpuoK2zbgbOtAAEfwYxRZTeJr
+d0+iFAYPoCgDruh2ldO6BXGpanw1QYh0dFkW/o+DhfuYnFknpwxQrBWmlG/hjFbz
+QdT+5zefc1q6rX7tOJMFUY1Qj5s3l1ZFHAuD4kOUr8lgDQqoc4l4B+WTXiXPYnJh
++DcTH6oBHJVu40YXsTyGwBW+DDBn5VvkrhNkqqfedL/qQ0Nl41UTLOSG5Lg7hezP
+DQiG3mEbpugGbqWV5t2CgyPr0eZMQKKo2srKPm+aIDp0kWyOIR3B7Bv9Onp70/QM
+etMyLa9QWJyaGHaFkl7xwBwCl2L209iTYmJSC1GZQ252uT701VwIX70CAwEAATAN
+BgkqhkiG9w0BAQsFAAOCAQEAZSH6BN4J7vLhBnZAVXrqVv/+ALEuKOpWG9pk8jfF
+k1DWvH6NwIjrgrY13e6iEai/YbplGrb3U90bDF+kSH3fCu+9DueoSRlZ/pPmMDGT
+1hFXU0QNNV8rjWYlttndpzaHqnxitJ4ERBcts4sFLUFq+aIQdGYR5/gpQQcXmk10
+l3suT7O8NeSM7QGFO5rMm6k6XdLOBVvzaFwzuOwxOSvxV5dFwuRFuMxYddCnBGYH
+kyPom4WfRKCvcbNT6RvJWQvBX5YOjIXpOV4gmwVtBbmhxrkSQvE56zrc2mewH6MN
+dDTJmV5ZYlA4hXxSELOvmNqPE1SPtK3rNjtH55BtXuqvQQ==
+-----END CERTIFICATE-----
diff --git a/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_keystore.jks b/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/certificate/default_keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..5850e6d1244ed95c4abe60eaed0faee3ca80f247
GIT binary patch
literal 2150
zcmezO_TO6u1_mYu1_nkjW;A4AV2uB?QbmV>ftAUiiRGUG9~+l88zT#&7Ly<&BP#<-
z6U(bzj$8T{x8Cwt<Tyh;>+Y`9<uQ)01VYwF+}XP}Nmt8@|D$EijtO$24BL6qghMqo
z|9tKL6y`C15?}o<TP1G`ErFMrOR`!jqL$vj%~W&r^wpHm`sA$(yz8t@c1y1nlz69n
z@%X(^@nc7#t=w!F=bWrjv2mH3xA3RXvRhUs@*gd~U|?Fm=+A=H#p{cFRofg3AL^tA
z$r_y8(0%y2)!B5$eLuIYJRCeFGW>XE(rLf@yhof*2A%e_oXOhv_l?q-U97KvA25Ex
zwNmQcJ~l4})1(;|?I#;lq>r;`mewV(uc%;lc@t%;-ktOANBZ<LkIppzJN3DHefLqz
zlvQ@woh1t{%iayzc(d$V$i63ivML=+$^L$S%_jG~-gu$9Gs=GPqYVe{`|o6{`jA)S
zpw}Ypc>Hy4g=~S|(oL@<fA82o=bxp9i{Todizg#G!W&lXRxya@t9N~WweOABPJSQl
zJ4VrV2d8JrD9K76sz~=-A}P_My|Mn+Ij>L|5zhm4ix*$l3s=ySSf|`lIr+6DOShKi
zq~@ZD;=&JV3L;-{X^Ab|_C@S<>f^r&o9FJm{MlY~>jJ0LGaU)ZZ!U)G8+s*Qf8@N^
z>&?WY<{$5xee;Oqda&4XlX#huP@mYWbs`FxLC<P-UfRH)R`~bJ*$!1%;U!Tg&6-q?
zE&Wv<G<~YT?1j%PpENaXt>$rDIqS#&vi|$BK3rd%g%%oxM~MGzEXm2+FZD#*Ky!`c
z#>odmy5quTg<9Ru)jGZJO+>q{vFM~@OWj;P%{<Mgc}qX)gRR>G54X&YsvqKJ^}+7`
zvGJK|-t#|p+B0g)<R9~VC$&s;&xSj4Tjsh*WWIgT(Ax63uS#lVY$%`YcHUAkWee*w
zz6bs<$^Sg<Rqvzgo=k}sC(LU*?>alY{owbm<sF|3a&|O->U62t*>HGL$wI@7t9(~?
zaUHp*!sPVEyRDgTyFnH6jo!Aa+ow+bo6vD@-|C}*r@47qnL88L&n;tfSS5ZyKUnIW
zwBXH!Gt9ZJefU{B@&B3^KR?{?3e%_y(|%D@`s{hJ^F|v*UZv}5TuT?-b?u09*Y|J!
z{hz&elfet`h`>ieriKFlmtOxDabNAZw5x?&NNCj3W~ZZ911%cf&E`Bizh1wvZok8a
zllwpTep3Ht{%U)1&8k;x9hb`SY_M{-`<-l9>YGt}dl^?u-HGdSZ=QQI)x>`G-0iOu
zn@^f9e5jwxeX4B2iRs^?PrqSE>aM#cB69cC-E}rP3+mYy^qskoQgz*hQ|O~4bHbAK
zmo4~KI-Py`>ABD1h01}p>ir?i59V9Gne(Ck&q?j~J8#=Qe|g=YurIe+%yiiy`+IXr
z6Yf;2Yn^_(&7sO)`)17oKT!?qVon#Iu5^*hJRdtG_2Wwyr!Aj2@7Vo6hxPt6SSKn5
zxmR4z=)JZqB6DWQyvy3t*_;2@%>LN=C*E2(Ax@^@%67x8i@t1ZE=k%VdUfsHt=+fR
zS64mH?s)93SGO{*>HU>;Uzamn-1FP@aO#ic;rA!(_`4y?g?CzS{_&(mvzzXFoCx{x
zdlPG>X4C$FB1Or$J0jHiHm=GGcgq)S{<~z|c_!9Jc^;20SbVB1NuQeYMD_7mL;g=W
z=UJ5gCryxfzn<T?Rk8Z@Wi!8@pJrR|_PVe?ceKjbWR%`^rDujs5_5jj%%F!e`7hS%
z%nQE|aP;l^MN3rlS*JIyUB8mOp!n21{nH-R;6jl#LeJE|l7WF)$)Jf@&Y+2jjfs=t
z%p^9U_H|o78}PDmYPET^edlFl<Yr|s2r%R};ACSCWnmL$a&a{jF%SZAxOlizQWH~h
z@{_Yui!2O94TM3W+&nx^r77vDCBBKpC8<R)#mp#*4HU$A4b2S=jZ6&<42+G<qa^r^
z3@l6yjSP*T0yMC*iBSpJV~nf}%uS5^3<gb%Tue=jj0}5DTt0JR*(<KwW)E^+J21F^
zNEV6oeUx49zet3Qe}M+`x))_rFYjV4T$xp4>ex|I5-Iktzq$4Ij5(3&%XtFUh%TFw
z|F9?Qv*VS2&&}r-N9|f$_ts)EYhZ6c|7`Q=VXiXV&5xX?tUsB+%eA7ovx5EU<T%yy
zNkxf2%!TDwG0IHMd+a8@(WdQy=sq5U^rz8J)(NMqT7Iu&|0`$b)W@O1I#1f3?67Wq
zbDo!@?OvkvvKMT5OQ$}&+tjT5`r<Pmhea!HojPTgKTE-?WMWRAqU^yp(toY0sxN=x
zsk&^WyFMUd&Mb+t)=6<656Cc0Px^NG#^j`=Anw4K&Us}!?Y>-%;fUYM#LURRh#W%P
z;1FVDNLBpBa*y-fr-y814xv@A!v6nb*r=!RDopxT$|v)qlLM~psp~z^@w#c7>D_mW
z1Xt`&+?6V|?R)TDX`c8c9<}$m-tXmmzQR*7^55iV28NTb35Ex|@S4VJ_ok_CyLorH
zS^KJ*q%HGUT*P%ZceCm`X8l|wP?9G2{D-C^yZ9{MlIhiY{+suhKIwVO*lIoN%<Pp`
zv6s%VMt{zTG2ZdU&{F$j_;lApPh5ALi736WoF$EYvhs`Bt@B+LtS{Ug{8IX4B=^Di
zX?#7cFD>H~X0zt9?p%0mr;yV}%hy(SZl!OKU(8!#a&l%|WKw`dYfX^A=Jhjf^$Ume
nZ&~}=%-a3=gxt7S>m564cZk(TNV0Ui6x$eRE@3ETCEEl5fqT2F

literal 0
HcmV?d00001

diff --git a/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/settings.json b/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/settings.json
index d2281ffa1..fa065f988 100644
--- a/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/settings.json
+++ b/BudgetMasterServer/src/main/resources/de/deadlocker8/budgetmasterserver/settings.json
@@ -5,6 +5,6 @@
 	"databasePassword": "",
 	"serverPort": 9000,
 	"serverSecret": "geheim",
-	"keystorePath": "",
-	"keystorePassword": ""
+	"keystorePath": "default",
+	"keystorePassword": "BudgetMaster"
 }
\ No newline at end of file
-- 
GitLab