Merge branch 'master' into feature/jakarta

peppol-lookup/src/main/java/network/oxalis/vefa/peppol/lookup/locator/BdxlLocator.java

@@ -26,6 +26,7 @@
 import network.oxalis.vefa.peppol.lookup.util.DynamicHostnameGenerator;
 import network.oxalis.vefa.peppol.lookup.util.EncodingUtils;
 import network.oxalis.vefa.peppol.mode.Mode;
+import org.apache.commons.lang3.StringUtils;
 import org.xbill.DNS.*;
 
 import java.net.InetAddress;
@@ -44,8 +45,9 @@
  */
 public class BdxlLocator extends AbstractLocator {
 
-    private long timeout = 30L;
-    private int maxRetries = 3;
+    private final long timeout;
+    private final int maxRetries;
+    private final boolean enablePublicDNS;
 
     private static final List<InetAddress> customDNSServers = new ArrayList<>();
     //Google DNS: faster, supported by multiple data centers all around the world
@@ -62,10 +64,11 @@ public BdxlLocator(Mode mode) {
                 mode.getString("lookup.locator.bdxl.prefix"),
                 mode.getString("lookup.locator.hostname"),
                 mode.getString("lookup.locator.bdxl.algorithm"),
-                EncodingUtils.get(mode.getString("lookup.locator.bdxl.encoding"))
+                EncodingUtils.get(mode.getString("lookup.locator.bdxl.encoding")),
+                Long.parseLong(mode.getString("lookup.locator.bdxl.timeout")),
+                Integer.parseInt(mode.getString("lookup.locator.bdxl.maxRetries")),
+                Boolean.parseBoolean(mode.getString("lookup.locator.bdxl.enablePublicDNS"))
         );
-        maxRetries = Integer.parseInt(mode.getString("lookup.locator.bdxl.maxRetries"));
-        timeout = Long.parseLong(mode.getString("lookup.locator.bdxl.timeout"));
 
         try {
             GOOGLE_PRIMARY_DNS = InetAddress.getByAddress((new byte[]{(byte) (8 & 0xff), (byte) (8 & 0xff), (byte) (8 & 0xff), (byte) (8 & 0xff)}));
@@ -77,10 +80,12 @@ public BdxlLocator(Mode mode) {
             //Unable to initialize Custom DNS server
         }
 
-        customDNSServers.add(GOOGLE_PRIMARY_DNS);
-        customDNSServers.add(GOOGLE_SECONDARY_DNS);
-        customDNSServers.add(CLOUDFLARE_PRIMARY_DNS);
-        customDNSServers.add(CLOUDFLARE_SECONDARY_DNS);
+        if (enablePublicDNS) {
+            customDNSServers.add(GOOGLE_PRIMARY_DNS);
+            customDNSServers.add(GOOGLE_SECONDARY_DNS);
+            customDNSServers.add(CLOUDFLARE_PRIMARY_DNS);
+            customDNSServers.add(CLOUDFLARE_SECONDARY_DNS);
+        }
     }
 
     /**
@@ -90,7 +95,7 @@ public BdxlLocator(Mode mode) {
      */
     @SuppressWarnings("unused")
     public BdxlLocator(String hostname) {
-        this(hostname, "SHA-256");
+        this("", hostname, "SHA-256", 30L, 3, false);
     }
 
     /**
@@ -100,7 +105,7 @@ public BdxlLocator(String hostname) {
      * @param digestAlgorithm Algorithm used for generation of hostname.
      */
     public BdxlLocator(String hostname, String digestAlgorithm) {
-        this("", hostname, digestAlgorithm);
+        this("", hostname, digestAlgorithm, 30L, 3, false);
     }
 
     /**
@@ -109,9 +114,12 @@ public BdxlLocator(String hostname, String digestAlgorithm) {
      * @param prefix          Value attached in front of calculated hash.
      * @param hostname        Hostname used as base for lookup.
      * @param digestAlgorithm Algorithm used for generation of hostname.
+     * @param timeout Lookup timeout
+     * @param maxRetries Maximum number of retries
+     * @param enablePublicDNS Enable custom DNS lookup
      */
-    public BdxlLocator(String prefix, String hostname, String digestAlgorithm) {
-        this(prefix, hostname, digestAlgorithm, BaseEncoding.base32());
+    public BdxlLocator(String prefix, String hostname, String digestAlgorithm, long timeout, int maxRetries, boolean enablePublicDNS) {
+        this(prefix, hostname, digestAlgorithm, BaseEncoding.base32(), timeout, maxRetries, enablePublicDNS);
     }
 
     /**
@@ -121,8 +129,14 @@ public BdxlLocator(String prefix, String hostname, String digestAlgorithm) {
      * @param hostname        Hostname used as base for lookup.
      * @param digestAlgorithm Algorithm used for generation of hostname.
      * @param encoding        Encoding of hash for hostname.
+     * @param timeout Lookup timeout
+     * @param maxRetries Maximum number of retries
+     * @param enablePublicDNS Enable custom DNS lookup
      */
-    public BdxlLocator(String prefix, String hostname, String digestAlgorithm, BaseEncoding encoding) {
+    public BdxlLocator(String prefix, String hostname, String digestAlgorithm, BaseEncoding encoding, long timeout, int maxRetries, boolean enablePublicDNS) {
+        this.timeout = timeout;
+        this.maxRetries = maxRetries;
+        this.enablePublicDNS = enablePublicDNS;
         hostnameGenerator = new DynamicHostnameGenerator(prefix, hostname, digestAlgorithm, encoding);
     }
 
@@ -131,8 +145,21 @@ public URI lookup(ParticipantIdentifier participantIdentifier) throws LookupExce
         // Create hostname for participant identifier.
         String hostname = hostnameGenerator.generate(participantIdentifier).replaceAll("=*", "");
 
+        ExtendedResolver extendedResolver;
         try {
-            ExtendedResolver extendedResolver = CustomExtendedDNSResolver.createExtendedResolver(customDNSServers, timeout, maxRetries);
+            if(enablePublicDNS) {
+                extendedResolver = CustomExtendedDNSResolver.createExtendedResolver(customDNSServers, timeout, maxRetries);
+            } else {
+                extendedResolver = new ExtendedResolver();
+                try {
+                    if (StringUtils.isNotBlank(hostname)) {
+                        extendedResolver.addResolver(new SimpleResolver(hostname));
+                    }
+                } catch (final UnknownHostException ex) {
+                    //Primary DNS lookup fail, now try with default resolver
+                }
+                extendedResolver.addResolver (Lookup.getDefaultResolver ());
+            }
             extendedResolver.setRetries(maxRetries);
             extendedResolver.setTimeout(Duration.ofSeconds(timeout));
 

peppol-lookup/src/main/java/network/oxalis/vefa/peppol/lookup/locator/BusdoxLocator.java

@@ -24,8 +24,10 @@
 import network.oxalis.vefa.peppol.lookup.api.NotFoundException;
 import network.oxalis.vefa.peppol.lookup.util.DynamicHostnameGenerator;
 import network.oxalis.vefa.peppol.mode.Mode;
+import org.apache.commons.lang3.StringUtils;
 import org.xbill.DNS.ExtendedResolver;
 import org.xbill.DNS.Lookup;
+import org.xbill.DNS.SimpleResolver;
 import org.xbill.DNS.TextParseException;
 
 import java.net.InetAddress;
@@ -37,8 +39,9 @@
 
 public class BusdoxLocator extends AbstractLocator {
 
-    private long timeout = 30L;
-    private int maxRetries = 3;
+    private final long timeout;
+    private final int maxRetries;
+    private final boolean enablePublicDNS;
 
     private static final List<InetAddress> customDNSServers = new ArrayList<>();
     //Google DNS: faster, supported by multiple data centers all around the world
@@ -54,10 +57,11 @@ public BusdoxLocator(Mode mode) {
         this(
                 mode.getString("lookup.locator.busdox.prefix"),
                 mode.getString("lookup.locator.hostname"),
-                mode.getString("lookup.locator.busdox.algorithm")
+                mode.getString("lookup.locator.busdox.algorithm"),
+                Long.parseLong(mode.getString("lookup.locator.busdox.timeout")),
+                Integer.parseInt(mode.getString("lookup.locator.busdox.maxRetries")),
+                Boolean.parseBoolean(mode.getString("lookup.locator.busdox.enablePublicDNS"))
         );
-        maxRetries = Integer.parseInt(mode.getString("lookup.locator.busdox.maxRetries"));
-        timeout = Long.parseLong(mode.getString("lookup.locator.busdox.timeout"));
 
         try {
             GOOGLE_PRIMARY_DNS = InetAddress.getByAddress((new byte[]{(byte) (8 & 0xff), (byte) (8 & 0xff), (byte) (8 & 0xff), (byte) (8 & 0xff)}));
@@ -69,18 +73,23 @@ public BusdoxLocator(Mode mode) {
             //Unable to initialize Custom DNS server
         }
 
-        customDNSServers.add(GOOGLE_PRIMARY_DNS);
-        customDNSServers.add(GOOGLE_SECONDARY_DNS);
-        customDNSServers.add(CLOUDFLARE_PRIMARY_DNS);
-        customDNSServers.add(CLOUDFLARE_SECONDARY_DNS);
+        if (enablePublicDNS) {
+            customDNSServers.add(GOOGLE_PRIMARY_DNS);
+            customDNSServers.add(GOOGLE_SECONDARY_DNS);
+            customDNSServers.add(CLOUDFLARE_PRIMARY_DNS);
+            customDNSServers.add(CLOUDFLARE_SECONDARY_DNS);
+        }
     }
 
     @SuppressWarnings("unused")
     public BusdoxLocator(String hostname) {
-        this("B-", hostname, "MD5");
+        this("B-", hostname, "MD5", 30L, 3, false);
     }
 
-    public BusdoxLocator(String prefix, String hostname, String algorithm) {
+    public BusdoxLocator(String prefix, String hostname, String algorithm, long timeout, int maxRetries, boolean enablePublicDNS) {
+        this.timeout = timeout;
+        this.maxRetries = maxRetries;
+        this.enablePublicDNS = enablePublicDNS;
         hostnameGenerator = new DynamicHostnameGenerator(prefix, hostname, algorithm);
     }
 
@@ -89,8 +98,21 @@ public URI lookup(ParticipantIdentifier participantIdentifier) throws LookupExce
         // Create hostname for participant identifier.
         String hostname = hostnameGenerator.generate(participantIdentifier);
 
+        ExtendedResolver extendedResolver;
         try {
-            ExtendedResolver extendedResolver = CustomExtendedDNSResolver.createExtendedResolver(customDNSServers, timeout, maxRetries);
+            if(enablePublicDNS) {
+                extendedResolver = CustomExtendedDNSResolver.createExtendedResolver(customDNSServers, timeout, maxRetries);
+            } else {
+                extendedResolver = new ExtendedResolver();
+                try {
+                    if (StringUtils.isNotBlank(hostname)) {
+                        extendedResolver.addResolver(new SimpleResolver(hostname));
+                    }
+                } catch (final UnknownHostException ex) {
+                    //Primary DNS lookup fail, now try with default resolver
+                }
+                extendedResolver.addResolver (Lookup.getDefaultResolver ());
+            }
             extendedResolver.setRetries(maxRetries);
             extendedResolver.setTimeout(Duration.ofSeconds(timeout));
 

peppol-lookup/src/main/resources/reference.conf

@@ -17,15 +17,17 @@ mode.default.lookup.locator = {
         prefix: ""
         algorithm: SHA-256
         encoding: base32
-        maxRetries: 3
         timeout: 30
+        maxRetries: 3
+        enablePublicDNS: false
     }
 
     busdox: {
         prefix: "B-"
         algorithm: MD5
-        maxRetries: 3
         timeout: 30
+        maxRetries: 3
+        enablePublicDNS: false
     }
 }
 

peppol-security/src/test/resources/ap-test.cer

@@ -1,34 +1,33 @@
 -----BEGIN CERTIFICATE-----
-MIIFvzCCA6egAwIBAgIQWd+YpUNgpRbU0EW3hC/uETANBgkqhkiG9w0BAQsFADBr
+MIIFwTCCA6mgAwIBAgIQZ1Cu7re4rmdelnaYimpAsDANBgkqhkiG9w0BAQsFADBr
 MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQT3BlblBFUFBPTCBBSVNCTDEWMBQGA1UE
 CxMNRk9SIFRFU1QgT05MWTEpMCcGA1UEAxMgUEVQUE9MIEFDQ0VTUyBQT0lOVCBU
-RVNUIENBIC0gRzIwHhcNMjQwMjE3MDAwMDAwWhcNMjYwMjA2MjM1OTU5WjBMMQsw
-CQYDVQQGEwJGSTEQMA4GA1UECgwHQmFzd2FyZTEXMBUGA1UECwwOUEVQUE9MIFRF
-U1QgQVAxEjAQBgNVBAMMCVBPUDAwMDAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAK7QxNco8xypV2QiIXFpqz6HX+B0w4Srpk8mEPt7HlNBCSHgbt5S
-V0z7wfjv6NI+ONx2mmh6LW0N/dJZ8Jcio3PtzGU45pyxNvKYi+y516OOKOBFGjhK
-6XiMADCzPteLisM7VpTq8UhzfPLOetLExk9asAXSVMkXN0qTG26Qn/9xhQo4ltm3
-fCFBRhd395rDw6QXJscaXqv6y949L0jZMTTVQnnhp1o6CjNlu9X/93F1+KBS3TOz
-BPb4pO/PlhBUDdXDVmhpqlC3K9tf7Cx8cLMItANHXWTcVMzO0SxlNqNliPVTxXJ6
-EFzJNIp2JNmv7xiRI3+taXwAMn+LBB7Coj8CAwEAAaOCAXwwggF4MAwGA1UdEwEB
-/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMCMB0G
-A1UdDgQWBBTeJvhvskx5uqIgZLY+DeUlia6+TzBdBgNVHR8EVjBUMFKgUKBOhkxo
-dHRwOi8vcGtpLWNybC5zeW1hdXRoLmNvbS9jYV82YTkzNzczNGEzOTNhMDgwNWJm
-MzNjZGE4YjMzMTA5My9MYXRlc3RDUkwuY3JsMDcGCCsGAQUFBwEBBCswKTAnBggr
-BgEFBQcwAYYbaHR0cDovL3BraS1vY3NwLnN5bWF1dGguY29tMB8GA1UdIwQYMBaA
-FGtvS7bxN7orPH8Yzborsrl8KjfrMC0GCmCGSAGG+EUBEAMEHzAdBhNghkgBhvhF
-ARABAgMBAYGpkOEDFgY5NTc2MDgwOQYKYIZIAYb4RQEQBQQrMCkCAQAWJGFIUjBj
-SE02THk5d2Eya3RjbUV1YzNsdFlYVjBhQzVqYjIwPTANBgkqhkiG9w0BAQsFAAOC
-AgEAko4EEbqOYeZnA8Afr3lRO91i/+Am+GRqG9huUn2tEFdNp2a0xVsOFi6ZvcCh
-lqBMddBQ2xUVznZ7CDz4GGKMHfrLeJzy83pjOrywPWRuhgFK3ct13o0QkFqUvfX9
-AweLq/J0+IIArW0Rf3vAFZmPXy8UiiSq1yjAf8mG1GUBuPtOIcxjGyg2ySBJRZtn
-sPQ5lJk0IbIlGK883jNCVy299DG2WdekYfg4eAENTLYhsABVjWmkkvHfWjEdQrEk
-PgM8A4GlaV+MqeAAX0jKODTrcWq0KS9gvOF2rD9w36DR9AbMZSXh9CVQN7Vwz5Gn
-Mu0WhVYYJ2Ax5qR9ZG7Gks8piXnu8i6M5oW9xoGb+kkwu7y3afP8a8enEknEvzVk
-+hj6lP6NIN2x5iLL5L+8UizVSMzaJWXPwE08NyxTw5XwHM9pVFVLT7GJdMUqXMGY
-rbgRq0CYjzA8SkEa3RQVUNsmX24qh9O3za9natt3+eVXkw3mfM5ulaL2Kt3hvBGN
-S9uMdeakhl9fjisVAZV4iqjtQW3FnrazmyuHN5MpAeN92iQu68B/B3GDykY3GP43
-TonVPZFIqoZEkMVCWDd80RGwAI9ky27+VQjScFa+/BC7bkahQub+NNijY56Pat/9
-XIUWeGL2olqYchldYmEz5+6QWWeBCLYoob+5ZW0xWV/oY+U=
+RVNUIENBIC0gRzIwHhcNMjQxMDEzMDAwMDAwWhcNMjYxMDAzMjM1OTU5WjBOMQsw
+CQYDVQQGEwJOTzESMBAGA1UECgwJTm9yc3RlbGxhMRcwFQYDVQQLDA5QRVBQT0wg
+VEVTVCBBUDESMBAGA1UEAwwJUE9QMDAwNzIzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAyI8FNdtGfcDJWvYzsm9gNot+BX5oQMXGclJ76Bass/4/DLDz
+bYF26CsXTjeRD3feH4kePDwVkPwGmGEctSDM7XfiXA9TdhiGbw0Jb9697VY9TN8z
+fvucFXtwQQ+/YqV71x7tVtkD8cJowvpmh5uCVLsRrW52l50fuUh2+iJuiDz1YW6N
+UyaXhKivDV5qzzVYs5gbVkF2C753rh0jWGSdXY7uJiddqLA5YF9YBiCnxs8C4o7q
+VK/E0HgH8EB4FBeRpTXpSyOU58cyG32tF+QhPD6777Rbc2KUMjK/5hhdc0SC0Bec
+AATeqZ8gwewTlt459u61Vn5A+AyjLdCoP6ChRQIDAQABo4IBfDCCAXgwDAYDVR0T
+AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIw
+HQYDVR0OBBYEFFhuQykIFzv6+cQ2Y18lDmf4LNmCMF0GA1UdHwRWMFQwUqBQoE6G
+TGh0dHA6Ly9wa2ktY3JsLnN5bWF1dGguY29tL2NhXzZhOTM3NzM0YTM5M2EwODA1
+YmYzM2NkYThiMzMxMDkzL0xhdGVzdENSTC5jcmwwNwYIKwYBBQUHAQEEKzApMCcG
+CCsGAQUFBzABhhtodHRwOi8vcGtpLW9jc3Auc3ltYXV0aC5jb20wHwYDVR0jBBgw
+FoAUa29LtvE3uis8fxjNuiuyuXwqN+swLQYKYIZIAYb4RQEQAwQfMB0GE2CGSAGG
++EUBEAECAwEBgamQ4QMWBjk1NzYwODA5BgpghkgBhvhFARAFBCswKQIBABYkYUhS
+MGNITTZMeTl3YTJrdGNtRXVjM2x0WVhWMGFDNWpiMjA9MA0GCSqGSIb3DQEBCwUA
+A4ICAQBhLIpa9LbuRi86IPbNsbWN2SyvRNEtZ4+ByupzqrcKXaIRXO0QZH0HBAbB
+F3bUAvg43bC0WQjSyM09p78o2C3zVNI9jqw9hpFO8nTKS9HdtjhUgeE/GxiH5H5i
+ysyAuSGlWKHbOlV1u+yv2yTxV8ZI+zHaciz3KECvoObbK3jCvaeE4ZcUR+ASAEef
+0MHXfAPUF/YaNvAidaKz7q50ZBMIE4XeLJcUw9xBKznZWfPup5trjqvg83C9Dg5u
+wgzFdIYjxtUvtz9ZuFhkygveCsDsuo7D60k6i3K9BH/i+vo3X53RnHkGGJcdfSTj
+Vz4zAPepHq+sADiBZ4tjDnsnOiEM2+fk1YMgoSSNqaKkvm8U1iKeddGswdqRRYU1
+tyoj3roWnSbA+i7pwSRU1wzpSqo5jgBZEDUiatn5nynOSjItPxPMc8JVg4/hAYRV
+UY+NuZ7TF0AD8RbQhUAk1AsmfFc6+2v5EeBLTa2VznnH3PGQ7ZLmx9PWBcpzTkYn
+1WmHiza81qzyNrQUKpq0w6fBFZudJ1qE10LU+5IEiAYilDxKvxbfACPBQ835/i1E
+SeGG0FDFxuy4f/lQHXIfK31h3VdyD2llNTMBQ/kVsT9asSxz3m7Kn5IVA4uK8oWK
+gxoOc7clPjodEtac4cNdTZToHblQL4ZzGQq0U1o9TCydjKe0Xg==
 -----END CERTIFICATE-----
-

pom.xml

@@ -104,8 +104,8 @@
         <commons-certvalidator.version>4.2.1-SNAPSHOT</commons-certvalidator.version>
         <peppol-lib.version>2.2.1-SNAPSHOT</peppol-lib.version>
         <httpclient.version>4.5.13</httpclient.version>
-        <dnsjava.version>3.6.2</dnsjava.version>
-        <guava.version>32.0.1-jre</guava.version>
+        <dnsjava.version>3.6.0</dnsjava.version>
+        <guava.version>33.3.1-jre</guava.version>
         <typesafe-config.version>1.4.2</typesafe-config.version>
         <javax-mail.version>1.4.7</javax-mail.version>
         <javax.servlet-api.version>4.0.1</javax.servlet-api.version>