This is an automated email from the ASF dual-hosted git repository.
justinchen pushed a commit to branch opc-small-fix
in repository https://gitbox.apache.org/repos/asf/iotdb.git
The following commit(s) were added to refs/heads/opc-small-fix by this push:
new eb66c035d15 fix
eb66c035d15 is described below
commit eb66c035d15c5d1de80fa987d146073fe314defb
Author: Caideyipi <[email protected]>
AuthorDate: Mon Mar 30 17:13:02 2026 +0800
fix
---
.../pipe/sink/protocol/opcua/server/OpcUaKeyStoreLoader.java | 12 +++++++++---
.../db/pipe/sink/protocol/opcua/server/OpcUaNameSpace.java | 7 +++++--
.../pipe/sink/protocol/opcua/server/OpcUaServerBuilder.java | 1 +
3 files changed, 15 insertions(+), 5 deletions(-)
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaKeyStoreLoader.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaKeyStoreLoader.java
index 56b231fb460..f79d15bb941 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaKeyStoreLoader.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaKeyStoreLoader.java
@@ -30,6 +30,8 @@ import org.slf4j.LoggerFactory;
import java.io.File;
import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.Key;
@@ -61,8 +63,8 @@ class OpcUaKeyStoreLoader {
LOGGER.info("Loading KeyStore at {}", serverKeyStore);
if (serverKeyStore.exists()) {
- try {
- keyStore.load(Files.newInputStream(serverKeyStore.toPath()), password);
+ try (InputStream is = Files.newInputStream(serverKeyStore.toPath())){
+ keyStore.load(is, password);
} catch (final IOException e) {
LOGGER.warn("Load keyStore failed, the existing keyStore may be stale,
re-constructing...");
FileUtils.deleteFileOrDirectory(serverKeyStore);
@@ -105,7 +107,9 @@ class OpcUaKeyStoreLoader {
keyStore.setKeyEntry(
SERVER_ALIAS, keyPair.getPrivate(), password, new X509Certificate[]
{certificate});
- keyStore.store(Files.newOutputStream(serverKeyStore.toPath()), password);
+ try (final OutputStream os =
Files.newOutputStream(serverKeyStore.toPath())) {
+ keyStore.store(os, password);
+ }
}
final Key serverPrivateKey = keyStore.getKey(SERVER_ALIAS, password);
@@ -114,6 +118,8 @@ class OpcUaKeyStoreLoader {
final PublicKey serverPublicKey = serverCertificate.getPublicKey();
serverKeyPair = new KeyPair(serverPublicKey, (PrivateKey)
serverPrivateKey);
+ } else {
+ throw new Exception("Invalid keyStore");
}
return this;
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaNameSpace.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaNameSpace.java
index 0969cea574d..3c79a3aa304 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaNameSpace.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaNameSpace.java
@@ -95,8 +95,11 @@ public class OpcUaNameSpace extends
ManagedNamespaceWithLifecycle {
@Override
public void shutdown() {
- getServer().shutdown();
- builder.close();
+ try {
+ getServer().shutdown();
+ } finally {
+ builder.close();
+ }
}
});
}
diff --git
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaServerBuilder.java
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaServerBuilder.java
index 61818ecf852..f029031b617 100644
---
a/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaServerBuilder.java
+++
b/iotdb-core/datanode/src/main/java/org/apache/iotdb/db/pipe/sink/protocol/opcua/server/OpcUaServerBuilder.java
@@ -117,6 +117,7 @@ public class OpcUaServerBuilder implements Closeable {
return this;
}
+ // Must be a modifiable set.
public OpcUaServerBuilder setSecurityPolicies(final Set<SecurityPolicy>
securityPolicies) {
this.securityPolicies = securityPolicies;
return this;
