axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Daniels <gdani...@macromedia.com>
Subject RE: cvs commit: xml-axis/java/src/org/apache/axis/components/net IBMJSSESocketFactory.java JSSESocketFactory.java SunJSSESocketFactory.jav a
Date Sun, 08 Jun 2003 14:25:34 GMT

Hi dims:

I just cut the 1.1 bits (they're in dist/1_1) late last night, and was about to ask the folks
here to give them a quick test before I announce to the world at large... should I rebuild
the kits with these changes?

--Glen

> -----Original Message-----
> From: dims@apache.org [mailto:dims@apache.org]
> Sent: Sunday, June 08, 2003 10:24 AM
> To: xml-axis-cvs@apache.org
> Subject: cvs commit: xml-axis/java/src/org/apache/axis/components/net
> IBMJSSESocketFactory.java JSSESocketFactory.java
> SunJSSESocketFactory.java
> 
> 
> dims        2003/06/08 07:23:40
> 
>   Modified:    java/src/org/apache/axis/components/net
>                         IBMJSSESocketFactory.java 
> JSSESocketFactory.java
>                         SunJSSESocketFactory.java
>   Log:
>   Cleanup and tested non-default socket factories
>   
>   Revision  Changes    Path
>   1.6       +2 -133    
> xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocket
> Factory.java
>   
>   Index: IBMJSSESocketFactory.java
>   ===================================================================
>   RCS file: 
> /home/cvs/xml-axis/java/src/org/apache/axis/components/net/IBM
> JSSESocketFactory.java,v
>   retrieving revision 1.5
>   retrieving revision 1.6
>   diff -u -r1.5 -r1.6
>   --- IBMJSSESocketFactory.java	22 Apr 2003 19:34:11 
> -0000	1.5
>   +++ IBMJSSESocketFactory.java	8 Jun 2003 14:23:40 
> -0000	1.6
>   @@ -83,7 +83,7 @@
>     *
>     * @author Davanum Srinivas (dims@yahoo.com)
>     */
>   -public class IBMJSSESocketFactory extends 
> DefaultSocketFactory implements SecureSocketFactory {
>   +public class IBMJSSESocketFactory extends 
> JSSESocketFactory implements SecureSocketFactory {
>    
>        /** Field keystoreType           */
>        private String keystoreType;
>   @@ -103,9 +103,6 @@
>        /** Field clientAuth           */
>        private boolean clientAuth = false;
>    
>   -    /** Field sslFactory           */
>   -    private SSLSocketFactory sslFactory = null;
>   -
>        /** Field defaultKeystoreFile           */
>        static String defaultKeystoreFile =
>            System.getProperty("user.home") + "/.keystore";
>   @@ -123,134 +120,6 @@
>        }
>    
>        /**
>   -     * creates a secure socket
>   -     *
>   -     * @param host
>   -     * @param port
>   -     * @param otherHeaders
>   -     * @param useFullURL
>   -     *
>   -     * @return Socket
>   -     * @throws Exception
>   -     */
>   -    public Socket create(
>   -            String host, int port, StringBuffer 
> otherHeaders, BooleanHolder useFullURL)
>   -            throws Exception {
>   -        Socket sslSocket = null;
>   -        if (sslFactory == null) {
>   -            initFactory();
>   -        }
>   -        if (port == -1) {
>   -            port = 443;
>   -        }
>   -
>   -        TransportClientProperties tcp = 
> TransportClientPropertiesFactory.create("https");
>   -
>   -        boolean hostInNonProxyList = 
> isHostInNonProxyList(host, tcp.getNonProxyHosts());
>   -
>   -        if (tcp.getProxyHost().length() == 0 || 
> hostInNonProxyList) {
>   -            // direct SSL connection
>   -            sslSocket = sslFactory.createSocket(host, port);
>   -        } else {
>   -
>   -            // Default proxy port is 80, even for https
>   -            int tunnelPort = (tcp.getProxyPort().length() != 0)
>   -                             ? Integer.parseInt(tcp.getProxyPort())
>   -                             : 80;
>   -            if (tunnelPort < 0)
>   -                tunnelPort = 80;
>   -
>   -            // Create the regular socket connection to the proxy
>   -            Socket tunnel = new Socket(tcp.getProxyHost(), 
> tunnelPort);
>   -
>   -            // The tunnel handshake method (condensed and 
> made reflexive)
>   -            OutputStream tunnelOutputStream = 
> tunnel.getOutputStream();
>   -            PrintWriter out = new PrintWriter(
>   -                    new BufferedWriter(new 
> OutputStreamWriter(tunnelOutputStream)));
>   -
>   -            // More secure version... engage later?
>   -            // PasswordAuthentication pa =
>   -            // Authenticator.requestPasswordAuthentication(
>   -            // InetAddress.getByName(tunnelHost),
>   -            // tunnelPort, "SOCK", "Proxy","HTTP");
>   -            // if(pa == null){
>   -            // printDebug("No Authenticator set.");
>   -            // }else{
>   -            // printDebug("Using Authenticator.");
>   -            // tunnelUser = pa.getUserName();
>   -            // tunnelPassword = new String(pa.getPassword());
>   -            // }
>   -            out.print("CONNECT " + host + ":" + port + " 
> HTTP/1.0\r\n"
>   -                    + "User-Agent: AxisClient");
>   -            if (tcp.getProxyUser().length() != 0 &&
>   -                tcp.getProxyPassword().length() != 0) {
>   -
>   -                // add basic authentication header for the proxy
>   -                String encodedPassword = 
> XMLUtils.base64encode((tcp.getProxyUser()
>   -                        + ":"
>   -                        + tcp.getProxyPassword()).getBytes());
>   -
>   -                out.print("\nProxy-Authorization: Basic " 
> + encodedPassword);
>   -            }
>   -            out.print("\nContent-Length: 0");
>   -            out.print("\nPragma: no-cache");
>   -            out.print("\r\n\r\n");
>   -            out.flush();
>   -            InputStream tunnelInputStream = 
> tunnel.getInputStream();
>   -
>   -            if (log.isDebugEnabled()) {
>   -                log.debug(Messages.getMessage("isNull00", 
> "tunnelInputStream",
>   -                        "" + (tunnelInputStream
>   -                        == null)));
>   -            }
>   -            String replyStr = "";
>   -
>   -            // Make sure to read all the response from the 
> proxy to prevent SSL negotiation failure
>   -            // Response message terminated by two 
> sequential newlines
>   -            int newlinesSeen = 0;
>   -            boolean headerDone = false;    /* Done on 
> first newline */
>   -
>   -            while (newlinesSeen < 2) {
>   -                int i = tunnelInputStream.read();
>   -
>   -                if (i < 0) {
>   -                    throw new IOException("Unexpected EOF 
> from proxy");
>   -                }
>   -                if (i == '\n') {
>   -                    headerDone = true;
>   -                    ++newlinesSeen;
>   -                } else if (i != '\r') {
>   -                    newlinesSeen = 0;
>   -                    if (!headerDone) {
>   -                        replyStr += String.valueOf((char) i);
>   -                    }
>   -                }
>   -            }
>   -            if (!replyStr.startsWith("HTTP/1.0 200")
>   -                    && !replyStr.startsWith("HTTP/1.1 200")) {
>   -                throw new 
> IOException(Messages.getMessage("cantTunnel00",
>   -                        new String[]{
>   -                            tcp.getProxyHost(),
>   -                            "" + tunnelPort,
>   -                            replyStr}));
>   -            }
>   -
>   -            // End of condensed reflective tunnel handshake method
>   -            sslSocket = sslFactory.createSocket(tunnel, 
> host, port, true);
>   -            if (log.isDebugEnabled()) {
>   -                log.debug(Messages.getMessage("setupTunnel00",
>   -                          tcp.getProxyHost(),
>   -                        "" + tunnelPort));
>   -            }
>   -        }
>   -        ((SSLSocket) sslSocket).startHandshake();
>   -        if (log.isDebugEnabled()) {
>   -            log.debug(Messages.getMessage("createdSSL00"));
>   -        }
>   -        return sslSocket;
>   -    }
>   -
>   -    /**
>         * Read the keystore, init the SSL socket factory
>         *
>         * @throws IOException
>   @@ -259,7 +128,7 @@
>    
>            try {
>                Security.addProvider(new com.ibm.jsse.JSSEProvider());
>   -            Security.addProvider(new 
> com.ibm.crypto.provider.IBMJCA());
>   +            Security.addProvider(new 
> com.ibm.crypto.provider.IBMJCE());
>    
>                if(attributes == null) {
>                    //No configuration specified. Get the default.
>   
>   
>   
>   1.12      +12 -1     
> xml-axis/java/src/org/apache/axis/components/net/JSSESocketFac
> tory.java
>   
>   Index: JSSESocketFactory.java
>   ===================================================================
>   RCS file: 
> /home/cvs/xml-axis/java/src/org/apache/axis/components/net/JSS
> ESocketFactory.java,v
>   retrieving revision 1.11
>   retrieving revision 1.12
>   diff -u -r1.11 -r1.12
>   --- JSSESocketFactory.java	22 Apr 2003 19:34:11 -0000	1.11
>   +++ JSSESocketFactory.java	8 Jun 2003 14:23:40 -0000	1.12
>   @@ -80,7 +80,7 @@
>    public class JSSESocketFactory extends 
> DefaultSocketFactory implements SecureSocketFactory {
>    
>        /** Field sslFactory           */
>   -    private static final SSLSocketFactory sslFactory = 
> (SSLSocketFactory)SSLSocketFactory.getDefault();
>   +    protected SSLSocketFactory sslFactory = null;
>    
>        /**
>         * Constructor JSSESocketFactory
>   @@ -92,6 +92,14 @@
>        }
>    
>        /**
>   +     * Initialize the SSLSocketFactory
>   +     * @throws IOException
>   +     */ 
>   +    protected void initFactory() throws IOException {
>   +        sslFactory = 
> (SSLSocketFactory)SSLSocketFactory.getDefault();
>   +    }
>   +    
>   +    /**
>         * creates a secure socket
>         *
>         * @param host
>   @@ -105,6 +113,9 @@
>        public Socket create(
>                String host, int port, StringBuffer 
> otherHeaders, BooleanHolder useFullURL)
>                throws Exception {
>   +        if (sslFactory == null) {
>   +            initFactory();
>   +        }
>            if (port == -1) {
>                port = 443;
>            }
>   
>   
>   
>   1.6       +2 -133    
> xml-axis/java/src/org/apache/axis/components/net/SunJSSESocket
> Factory.java
>   
>   Index: SunJSSESocketFactory.java
>   ===================================================================
>   RCS file: 
> /home/cvs/xml-axis/java/src/org/apache/axis/components/net/Sun
> JSSESocketFactory.java,v
>   retrieving revision 1.5
>   retrieving revision 1.6
>   diff -u -r1.5 -r1.6
>   --- SunJSSESocketFactory.java	6 Jun 2003 20:16:44 
> -0000	1.5
>   +++ SunJSSESocketFactory.java	8 Jun 2003 14:23:40 
> -0000	1.6
>   @@ -79,7 +79,7 @@
>     *
>     * @author Davanum Srinivas (dims@yahoo.com)
>     */
>   -public class SunJSSESocketFactory extends 
> DefaultSocketFactory implements SecureSocketFactory {
>   +public class SunJSSESocketFactory extends 
> JSSESocketFactory implements SecureSocketFactory {
>    
>        /** Field keystoreType           */
>        private String keystoreType;
>   @@ -99,9 +99,6 @@
>        /** Field clientAuth           */
>        private boolean clientAuth = false;
>    
>   -    /** Field sslFactory           */
>   -    private SSLSocketFactory sslFactory = null;
>   -
>        /** Field defaultKeystoreFile           */
>        static String defaultKeystoreFile =
>            System.getProperty("user.home") + "/.keystore";
>   @@ -119,139 +116,11 @@
>        }
>    
>        /**
>   -     * creates a secure socket
>   -     *
>   -     * @param host
>   -     * @param port
>   -     * @param otherHeaders
>   -     * @param useFullURL
>   -     *
>   -     * @return Socket
>   -     * @throws Exception
>   -     */
>   -    public Socket create(
>   -            String host, int port, StringBuffer 
> otherHeaders, BooleanHolder useFullURL)
>   -            throws Exception {
>   -        Socket sslSocket = null;
>   -        if (sslFactory == null) {
>   -            initFactory();
>   -        }
>   -        if (port == -1) {
>   -            port = 443;
>   -        }
>   -
>   -        TransportClientProperties tcp = 
> TransportClientPropertiesFactory.create("https");
>   -
>   -        boolean hostInNonProxyList = 
> isHostInNonProxyList(host, tcp.getNonProxyHosts());
>   -
>   -        if (tcp.getProxyHost().length() == 0 || 
> hostInNonProxyList) {
>   -            // direct SSL connection
>   -            sslSocket = sslFactory.createSocket(host, port);
>   -        } else {
>   -
>   -            // Default proxy port is 80, even for https
>   -            int tunnelPort = (tcp.getProxyPort().length() != 0)
>   -                             ? Integer.parseInt(tcp.getProxyPort())
>   -                             : 80;
>   -            if (tunnelPort < 0)
>   -                tunnelPort = 80;
>   -
>   -            // Create the regular socket connection to the proxy
>   -            Socket tunnel = new Socket(tcp.getProxyHost(), 
> tunnelPort);
>   -
>   -            // The tunnel handshake method (condensed and 
> made reflexive)
>   -            OutputStream tunnelOutputStream = 
> tunnel.getOutputStream();
>   -            PrintWriter out = new PrintWriter(
>   -                    new BufferedWriter(new 
> OutputStreamWriter(tunnelOutputStream)));
>   -
>   -            // More secure version... engage later?
>   -            // PasswordAuthentication pa =
>   -            // Authenticator.requestPasswordAuthentication(
>   -            // InetAddress.getByName(tunnelHost),
>   -            // tunnelPort, "SOCK", "Proxy","HTTP");
>   -            // if(pa == null){
>   -            // printDebug("No Authenticator set.");
>   -            // }else{
>   -            // printDebug("Using Authenticator.");
>   -            // tunnelUser = pa.getUserName();
>   -            // tunnelPassword = new String(pa.getPassword());
>   -            // }
>   -            out.print("CONNECT " + host + ":" + port + " 
> HTTP/1.0\r\n"
>   -                    + "User-Agent: AxisClient");
>   -            if (tcp.getProxyUser().length() != 0 &&
>   -                tcp.getProxyPassword().length() != 0) {
>   -
>   -                // add basic authentication header for the proxy
>   -                String encodedPassword = 
> XMLUtils.base64encode((tcp.getProxyUser()
>   -                        + ":"
>   -                        + tcp.getProxyPassword()).getBytes());
>   -
>   -                out.print("\nProxy-Authorization: Basic " 
> + encodedPassword);
>   -            }
>   -            out.print("\nContent-Length: 0");
>   -            out.print("\nPragma: no-cache");
>   -            out.print("\r\n\r\n");
>   -            out.flush();
>   -            InputStream tunnelInputStream = 
> tunnel.getInputStream();
>   -
>   -            if (log.isDebugEnabled()) {
>   -                log.debug(Messages.getMessage("isNull00", 
> "tunnelInputStream",
>   -                        "" + (tunnelInputStream
>   -                        == null)));
>   -            }
>   -            String replyStr = "";
>   -
>   -            // Make sure to read all the response from the 
> proxy to prevent SSL negotiation failure
>   -            // Response message terminated by two 
> sequential newlines
>   -            int newlinesSeen = 0;
>   -            boolean headerDone = false;    /* Done on 
> first newline */
>   -
>   -            while (newlinesSeen < 2) {
>   -                int i = tunnelInputStream.read();
>   -
>   -                if (i < 0) {
>   -                    throw new IOException("Unexpected EOF 
> from proxy");
>   -                }
>   -                if (i == '\n') {
>   -                    headerDone = true;
>   -                    ++newlinesSeen;
>   -                } else if (i != '\r') {
>   -                    newlinesSeen = 0;
>   -                    if (!headerDone) {
>   -                        replyStr += String.valueOf((char) i);
>   -                    }
>   -                }
>   -            }
>   -            if (!replyStr.startsWith("HTTP/1.0 200")
>   -                    && !replyStr.startsWith("HTTP/1.1 200")) {
>   -                throw new 
> IOException(Messages.getMessage("cantTunnel00",
>   -                        new String[]{
>   -                            tcp.getProxyHost(),
>   -                            "" + tunnelPort,
>   -                            replyStr}));
>   -            }
>   -
>   -            // End of condensed reflective tunnel handshake method
>   -            sslSocket = sslFactory.createSocket(tunnel, 
> host, port, true);
>   -            if (log.isDebugEnabled()) {
>   -                log.debug(Messages.getMessage("setupTunnel00",
>   -                          tcp.getProxyHost(),
>   -                        "" + tunnelPort));
>   -            }
>   -        }
>   -        ((SSLSocket) sslSocket).startHandshake();
>   -        if (log.isDebugEnabled()) {
>   -            log.debug(Messages.getMessage("createdSSL00"));
>   -        }
>   -        return sslSocket;
>   -    }
>   -
>   -    /**
>         * Read the keystore, init the SSL socket factory
>         *
>         * @throws IOException
>         */
>   -    private void initFactory() throws IOException {
>   +    protected void initFactory() throws IOException {
>    
>            try {
>                Security.addProvider(new sun.security.provider.Sun());
>   
>   
>   
> 

Mime
View raw message