commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1166589 - in /commons/sandbox/runtime/trunk: ./ src/main/java/org/apache/commons/runtime/ssl/ src/main/native/include/acr/ src/main/native/modules/openssl/ src/main/test/org/apache/commons/runtime/
Date Thu, 08 Sep 2011 09:37:42 GMT
Author: mturk
Date: Thu Sep  8 09:37:41 2011
New Revision: 1166589

URL: http://svn.apache.org/viewvc?rev=1166589&view=rev
Log:
Rename classes and add initial OpenSSL test suite

Added:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Library.java
      - copied, changed from r1166147, commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSL.java
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java
  (with props)
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java
  (with props)
    commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
  (with props)
Modified:
    commons/sandbox/runtime/trunk/build.xml
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSL.java
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ShutdownType.java
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
    commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestMain.java

Modified: commons/sandbox/runtime/trunk/build.xml
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/build.xml?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/build.xml (original)
+++ commons/sandbox/runtime/trunk/build.xml Thu Sep  8 09:37:41 2011
@@ -396,7 +396,9 @@ The Apache Software Foundation (http://w
     <target name="test" depends="tests">
         <runtest groups="init,core,private,${systemid.subsystem}"/>
     </target>
-
+    <target name="testopenssl" depends="tests">
+        <runtest groups="init,openssl" name="openssl"/>
+    </target>
     <target name="testsemaphore" depends="tests">
         <parallel>
             <sequential>

Copied: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Library.java
(from r1166147, commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSL.java)
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Library.java?p2=commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Library.java&p1=commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSL.java&r1=1166147&r2=1166589&rev=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/SSL.java (original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Library.java
Thu Sep  8 09:37:41 2011
@@ -23,13 +23,14 @@ import org.apache.commons.runtime.System
 import java.io.File;
 
 /**
- * SSL library
+ * OpenSSL library
  */
-public final class SSL
+public final class Library
 {
     private static boolean inited = false;
     private static Object  lock;
-    private SSL()
+
+    private Library()
     {
         // No instance
     }
@@ -40,28 +41,18 @@ public final class SSL
     }
 
 
-    private static native int           init0();
-    private static native void          fipsmode0(int mode)
+    private static native int           init0(String engine);
+    private static native void          fipsmode0(boolean enable)
         throws UnsupportedOperationException;
 
     private static native void          rndfile0(String path);
-    private static native void          engine0(String name);
 
-    public static void setFipsMode(int mode)
-        throws IllegalStateException,
-               UnsupportedOperationException
-    {
-        if (!inited)
-            throw new IllegalStateException();
-        fipsmode0(mode);
-    }
-
-    public static void initialize()
+    public static void initialize(String engine)
         throws SystemException
     {
         synchronized(lock) {
             if (!inited) {
-                int rc = init0();
+                int rc = init0(engine);
                 if (rc != 0)
                     throw new SystemException(Status.describe(rc));
                 inited = true;
@@ -69,6 +60,26 @@ public final class SSL
         }
     }
 
+    public static boolean initialized()
+    {
+        synchronized(lock) {
+            return inited;
+        }
+    }
+
+    public static native boolean hasFipsMode();
+
+    public static void enableFipsMode(boolean enable)
+        throws IllegalStateException,
+               UnsupportedOperationException
+    {
+        if (!hasFipsMode())
+            throw new UnsupportedOperationException(Local.sm.get("fips.ENOTIMPL"));
+        if (!inited)
+            throw new IllegalStateException();
+        fipsmode0(enable);
+    }
+
     public static void setRandomFile(File path)
         throws IllegalArgumentException
     {
@@ -78,12 +89,5 @@ public final class SSL
         rndfile0(fpath);
     }
 
-    public static void setCryptoEngine(String name)
-        throws IllegalArgumentException
-    {
-        if (name == null || name.length() < 1)
-            throw new IllegalArgumentException();
-        engine0(name);
-    }
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/LocalStrings.properties
Thu Sep  8 09:37:41 2011
@@ -12,3 +12,5 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+
+fips.ENOTIMPL=FIPS was not available at build time. You will need an OpenSSL with FIPS support.

Added: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java?rev=1166589&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java
Thu Sep  8 09:37:41 2011
@@ -0,0 +1,69 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+/**
+ * Represents the SSL protocol method.
+ */
+public enum ProtocolMethod
+{
+    /**
+     * Unset mode.
+     */
+    NONE(       0),
+    /**
+     * SSLv2.
+     */
+    SSLv2(      1),
+    /**
+     * SSLv3.
+     */
+    SSLv3(      2),
+    /**
+     * SSLv3 but can rollback to v2.
+     */
+    SSLv23(     3),
+    /**
+     * TLSv1.0.
+     */
+    TLSv1(      4),
+    /**
+     * DTLSv1.0.
+     */
+    DTLSv1(     5);
+
+    private int value;
+    private ProtocolMethod(int v)
+    {
+        value = v;
+    }
+
+    public int valueOf()
+    {
+        return value;
+    }
+
+    public static ProtocolMethod valueOf(int value)
+    {
+        for (ProtocolMethod e : values()) {
+            if (e.value == value)
+                return e;
+        }
+        return NONE;
+    }
+
+}

Propchange: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMethod.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java?rev=1166589&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java
Thu Sep  8 09:37:41 2011
@@ -0,0 +1,58 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+/**
+ * Represents the SSL protocol mode.
+ */
+public enum ProtocolMode
+{
+
+    /**
+     * Client mode.
+     */
+    CLIENT(     0),
+    /**
+     * Server mode.
+     */
+    SERVER(     1),
+    /**
+     * Combined client server mode.
+     */
+    COMBINED(   2);
+
+    private int value;
+    private ProtocolMode(int v)
+    {
+        value = v;
+    }
+
+    public int valueOf()
+    {
+        return value;
+    }
+
+    public static ProtocolMode valueOf(int value)
+    {
+        for (ProtocolMode e : values()) {
+            if (e.value == value)
+                return e;
+        }
+        return COMBINED;
+    }
+
+}

Propchange: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ProtocolMode.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ShutdownType.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ShutdownType.java?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ShutdownType.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/ShutdownType.java
Thu Sep  8 09:37:41 2011
@@ -49,11 +49,6 @@ public enum ShutdownType
         return value;
     }
 
-    public boolean isLocal()
-    {
-        return value > 1;
-    }
-
     public static ShutdownType valueOf(int value)
     {
         for (ShutdownType e : values()) {

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Thu Sep  8 09:37:41 2011
@@ -19,6 +19,7 @@
 
 #include "acr/stdtypes.h"
 #include "acr/callback.h"
+#include "acr/time.h"
 #if HAVE_OPENSSL
 
 /* Exclude unused OpenSSL features
@@ -111,10 +112,11 @@
  * Define the SSL Protocol options
  */
 #define SSL_PROTOCOL_NONE       (0)
-#define SSL_PROTOCOL_SSLV2      (1<<0)
-#define SSL_PROTOCOL_SSLV3      (1<<1)
-#define SSL_PROTOCOL_TLSV1      (1<<2)
-#define SSL_PROTOCOL_ALL        (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
+#define SSL_PROTOCOL_SSLV2      (1)
+#define SSL_PROTOCOL_SSLV3      (2)
+#define SSL_PROTOCOL_SSLV23     (3)
+#define SSL_PROTOCOL_TLSV1      (4)
+#define SSL_PROTOCOL_DTLSV1     (5)
 
 #define SSL_MODE_CLIENT         (0)
 #define SSL_MODE_SERVER         (1)
@@ -124,7 +126,6 @@
 #define SSL_BIO_FLAG_CALLBACK   (1<<1)
 #define SSL_DEFAULT_CACHE_SIZE  (256)
 #define SSL_MAX_STR_LEN         (2048)
-#define SSL_MAX_PASSWORD_LEN    (256)
 
 #define SSL_CVERIFY_UNSET           (-1)
 #define SSL_CVERIFY_NONE            (0)
@@ -210,23 +211,27 @@ typedef struct ssl_pkc_t {
 } ssl_pkc_t;
 
 typedef struct ssl_pass_cb_t {
-    char            password[SSL_MAX_PASSWORD_LEN];
-    const char     *prompt;
+    char     *password;
+    char     *prompt;
     acr_callback_t  cb;
 } ssl_pass_cb_t;
 
+/* Default password callback that
+ * directly prompts the console
+ */
 extern ssl_pass_cb_t ACRSSL_password_cb;
 
+/* Server context */
 typedef struct acr_ssl_ctxt_t {
     SSL_CTX         *ctx;
     BIO             *bio_os;
     BIO             *bio_is;
 
-    unsigned char   context_id[MD5_DIGEST_LENGTH];
+    unsigned char    context_id[MD5_DIGEST_LENGTH];
 
-    int             protocol;
-    /* we are one or the other */
-    int             mode;
+    int              protocol;
+    int              mode;
+    int              ssl_proxy;
 
     /* certificate revocation list */
     X509_STORE      *crl;
@@ -237,20 +242,30 @@ typedef struct acr_ssl_ctxt_t {
     X509            *certs[SSL_AIDX_MAX];
     EVP_PKEY        *keys[SSL_AIDX_MAX];
 
-    int             ca_certs;
-    int             shutdown_type;
+    int              ca_certs;
+    int              shutdown_type;
     char            *rand_file;
 
     const char      *cipher_suite;
     /* for client or downstream server authentication */
-    int             verify_depth;
-    int             verify_mode;
+    int              verify_depth;
+    int              verify_mode;
+
+    int              ocsp_enabled;       /* true if OCSP verification enabled */
+    int              ocsp_force_default; /* true if the default responder URL is
+                                          * used regardless of per-cert URL
+                                          */
+    const char      *ocsp_responder;     /* default responder URL */
+    long             ocsp_resptime_skew;
+    long             ocsp_resp_maxage;
+    acr_time_t       ocsp_responder_timeout;
+    
 } acr_ssl_ctxt_t;
 
-#define SSL_CTX_get_extra_certs(ctx)        ((ctx)->extra_certs)
-#define SSL_CTX_set_extra_certs(ctx, value) \
-    do {                                    \
-        (ctx)->extra_certs = (value);       \
+#define ACRSSL_CTX_get_extra_certs(ctx)        ((ctx)->extra_certs)
+#define ACRSSL_CTX_set_extra_certs(ctx, value)  \
+    do {                                        \
+        (ctx)->extra_certs = (value);           \
     } while (0)
 
 

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c Thu Sep  8 09:37:41
2011
@@ -19,7 +19,6 @@
 #include "acr/misc.h"
 #include "acr/dso.h"
 #include "acr/string.h"
-#include "acr/time.h"
 #include "acr/port.h"
 #include "arch_sync.h"
 #include "acr/ssl.h"
@@ -30,7 +29,6 @@
 
 void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX];
 static char ssl_global_rand_file[PATH_MAX] = { 0 };
-static char ssl_global_engine[64]          = { 0 };
 ssl_pass_cb_t ACRSSL_password_cb;
 
 /* Dynamic lock structure */
@@ -74,7 +72,7 @@ struct CRYPTO_dynlock_value {
 
 static int ssl_tmp_key_init_rsa(int bits, int idx)
 {
-    if ((ACRSSL_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) != 0)
+    if ((ACRSSL_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) == 0)
         return 1;
     else
         return 0;
@@ -82,7 +80,7 @@ static int ssl_tmp_key_init_rsa(int bits
 
 static int ssl_tmp_key_init_dh(int bits, int idx)
 {
-    if ((ACRSSL_temp_keys[idx] = ACRSSL_dh_get_tmp_param(bits)) != 0)
+    if ((ACRSSL_temp_keys[idx] = ACRSSL_dh_get_tmp_param(bits)) == 0)
         return 1;
     else
         return 0;
@@ -257,7 +255,7 @@ static int ssl_rand_load_file(const char
 int ACRSSL_rand_seed(const char *file)
 {
     unsigned char stackdata[256];
-    static volatile int counter = 0;
+    static volatile unsigned int counter = 0;
 
     if (ssl_rand_load_file(file) < 0) {
         int n;
@@ -268,9 +266,8 @@ int ACRSSL_rand_seed(const char *file)
             unsigned int  u;
         } _ssl_seed;
         if (counter == 0) {
-            unsigned int *p = (unsigned int *)stackdata;
-            for (n = 0; n < 64; n++)
-                p[n] = _bsd_arc4random();
+            for (n = 0; n < 256; n++)
+                stackdata[n] = (unsigned char)_bsd_arc4random();
             RAND_seed(stackdata, 128);
         }
         _ssl_seed.t = AcrTimeNow();
@@ -282,15 +279,15 @@ int ACRSSL_rand_seed(const char *file)
         /*
          * seed in some current state of the run-time stack (128 bytes)
          */
-        n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1);
-        RAND_seed(stackdata + n, 128);
+        n = ssl_rand_choosenum(0, 127);
+        RAND_seed(stackdata + n,  128);
     }
     return RAND_status();
 }
 
 static int ssl_initialized = 0;
 
-ACR_SSL_EXPORT(jint, SSL, init0)(JNI_STDARGS)
+ACR_SSL_EXPORT(jint, Library, init0)(JNI_STDARGS, jstring engine)
 {
     int rc;
 
@@ -312,25 +309,27 @@ ACR_SSL_EXPORT(jint, SSL, init0)(JNI_STD
         return rc;
 
 #ifndef OPENSSL_NO_ENGINE
-    if (ssl_global_engine[0] != 0) {
-        ENGINE *ee = 0;
-        if (strcmp(ssl_global_engine, "auto") == 0) {
-            ENGINE_register_all_complete();
-        }
-        else {
-            if ((ee = ENGINE_by_id(ssl_global_engine)) == 0 &&
-                (ee = ssl_try_load_engine(ssl_global_engine)) == 0)
-                rc = ACR_ENOTIMPL;
+    if (engine != 0) {
+        WITH_CSTR(engine) {
+            ENGINE *ee = 0;
+            if (strcmp(J2S(engine), "auto") == 0) {
+                ENGINE_register_all_complete();
+            }
             else {
-                if (strcmp(ssl_global_engine, "chil") == 0)
-                    ENGINE_ctrl(ee, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
-                if (!ENGINE_set_default(ee, ENGINE_METHOD_ALL))
+                if ((ee = ENGINE_by_id(J2S(engine))) == 0 &&
+                    (ee = ssl_try_load_engine(J2S(engine))) == 0)
                     rc = ACR_ENOTIMPL;
+                else {
+                    if (strcmp(J2S(engine), "chil") == 0)
+                        ENGINE_ctrl(ee, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
+                    if (!ENGINE_set_default(ee, ENGINE_METHOD_ALL))
+                        rc = ACR_ENOTIMPL;
+                }
+                /* Free our "structural" reference. */
+                if (ee != 0)
+                    ENGINE_free(ee);
             }
-            /* Free our "structural" reference. */
-            if (ee != 0)
-                ENGINE_free(ee);
-        }
+        } DONE_WITH_STR(engine);
     }
 #endif
     if (rc != 0) {
@@ -348,31 +347,34 @@ ACR_SSL_EXPORT(jint, SSL, init0)(JNI_STD
 
     SSL_TMP_KEYS_INIT(rc);
     if (rc != 0) {
-
+        /* One of the inits failed
+         */
         return ACR_EINIT;
     }
     ssl_initialized = 1;
     return 0;
 }
 
-ACR_SSL_EXPORT(void, SSL, rndfile0)(JNI_STDARGS, jstring path)
+ACR_SSL_EXPORT(void, Library, rndfile0)(JNI_STDARGS, jstring path)
 {
     WITH_CSTR(path) {
         strlcpy(ssl_global_rand_file, J2S(path), PATH_MAX);
     } DONE_WITH_STR(path);
 }
 
-ACR_SSL_EXPORT(void, SSL, engine0)(JNI_STDARGS, jstring name)
+ACR_SSL_EXPORT(jboolean, Library, hasFipsMode)(JNI_STDARGS)
 {
-    WITH_CSTR(name) {
-        strlcpy(ssl_global_engine, J2S(name), 64);
-    } DONE_WITH_STR(name);
+#if defined(OPENSSL_FIPS)
+    return JNI_TRUE;
+#else
+    return JNI_FALSE;
+#endif
 }
 
-ACR_SSL_EXPORT(void, SSL, fipsmode0)(JNI_STDARGS, jint mode)
+ACR_SSL_EXPORT(void, Library, fipsmode0)(JNI_STDARGS, jboolean on)
 {
 #if defined(OPENSSL_FIPS)
-    if(FIPS_mode_set((int)mode) == 0) {
+    if(FIPS_mode_set(on ? 1 : 0) == 0) {
       unsigned long err = ERR_get_error();
       char msg[256];
 

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Thu Sep  8 09:37:41
2011
@@ -273,12 +273,12 @@ RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, i
         break;
         case 2048:
             idx = SSL_TMP_KEY_RSA_2048;
-            if (ACRSSL_temp_keys[idx] == NULL)
+            if (ACRSSL_temp_keys[idx] == 0)
                 idx = SSL_TMP_KEY_RSA_1024;
         break;
         case 4096:
             idx = SSL_TMP_KEY_RSA_4096;
-            if (ACRSSL_temp_keys[idx] == NULL)
+            if (ACRSSL_temp_keys[idx] == 0)
                 idx = SSL_TMP_KEY_RSA_2048;
         break;
         case 1024:
@@ -352,7 +352,7 @@ int ACRSSL_CTX_use_certificate_chain(SSL
     int n;
     STACK_OF(X509) *extra_certs;
 
-    if ((bio = BIO_new(BIO_s_file_internal())) == NULL)
+    if ((bio = BIO_new(BIO_s_file_internal())) == 0)
         return -1;
     if (BIO_read_filename(bio, file) <= 0) {
         BIO_free(bio);
@@ -360,21 +360,21 @@ int ACRSSL_CTX_use_certificate_chain(SSL
     }
     /* optionally skip a leading server certificate */
     if (skipfirst) {
-        if ((x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) {
+        if ((x509 = PEM_read_bio_X509(bio, 0, 0, 0)) == 0) {
             BIO_free(bio);
             return -1;
         }
         X509_free(x509);
     }
     /* free a perhaps already configured extra chain */
-    extra_certs = SSL_CTX_get_extra_certs(ctx);
-    if (extra_certs != NULL) {
+    extra_certs = ACRSSL_CTX_get_extra_certs(ctx);
+    if (extra_certs != 0) {
         sk_X509_pop_free(extra_certs, X509_free);
-        SSL_CTX_set_extra_certs(ctx,NULL);
+        ACRSSL_CTX_set_extra_certs(ctx, 0);
     }
     /* create new extra chain by loading the certs */
     n = 0;
-    while ((x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL)) != NULL) {
+    while ((x509 = PEM_read_bio_X509(bio, 0, 0, 0)) != 0) {
         if (!SSL_CTX_add_extra_chain_cert(ctx, x509)) {
             X509_free(x509);
             BIO_free(bio);

Modified: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestMain.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestMain.java?rev=1166589&r1=1166588&r2=1166589&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestMain.java (original)
+++ commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestMain.java Thu
Sep  8 09:37:41 2011
@@ -39,9 +39,6 @@ public class TestMain extends Assert
         System.out.print(", Debug=" + Native.HAS_MAINTAINER_MODE);
         System.out.println(".");
         System.out.flush();
-        if (Native.HAS_OPENSSL) {
-            assertTrue(Native.ldopenssl());
-        }
         String[] args = Vm.arguments();
         assertNotNull(args[0]);
     }

Added: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java?rev=1166589&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
Thu Sep  8 09:37:41 2011
@@ -0,0 +1,44 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+import org.testng.annotations.*;
+import org.testng.Assert;
+import java.io.IOException;
+import java.io.File;
+import org.apache.commons.runtime.Native;
+
+public class TestOpenSSL extends Assert
+{
+
+    @BeforeSuite(groups = { "openssl" })
+    public void setUp()
+    {
+        if (Native.HAS_OPENSSL) {
+            assertTrue(Native.ldopenssl());
+        }
+    }
+
+    @Test(groups = { "openssl" })
+    public void sslInit()
+    {
+        Library.initialize(null);
+        assertTrue(Library.initialized());
+    }
+
+
+}

Propchange: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message