Author: mturk
Date: Thu Sep 8 12:11:57 2011
New Revision: 1166647
URL: http://svn.apache.org/viewvc?rev=1166647&view=rev
Log:
Add ssl password prompt callback
Added:
commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
(with props)
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (with props)
Modified:
commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
Added: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java?rev=1166647&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
(added)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
Thu Sep 8 12:11:57 2011
@@ -0,0 +1,105 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.commons.runtime.ssl;
+
+import org.apache.commons.runtime.Callback;
+
+/**
+ * Abstract password prompt handler.
+ */
+public abstract class PasswordCallback implements Callback
+{
+ private String prompt
+ private long handler;
+ private native long new0();
+ private native void def0(long handler);
+ private native void del0(long handler);
+ private native void set0(long handler, String password);
+
+ private static final String defaultPrompt = "Some of your private key files are encrypted
for security reasons.\n" +
+ "In order to read them you have to provide
the pass phrases.\n" +
+ "Enter password :";
+
+ private static Object lock;
+ static {
+ lock = new Object();
+ }
+
+ /**
+ * Creates a new object instance
+ */
+ protected PasswordCallback()
+ {
+ handler = new0();
+ prompt = defaultPrompt;
+ }
+
+ @Override
+ public int handler(Object thiz, int code)
+ {
+ try {
+ String pass = onPromptPassword(prompt);
+ set0(handler, pass);
+ return 1;
+ } catch (Exception x) {
+ return 0;
+ }
+ }
+
+ /**
+ * Set this callback as default for all password prompts.
+ */
+ public final void setDefault()
+ {
+ synchronized(lock) {
+ def0(handler);
+ }
+ }
+
+ public final void setPrompt(String prompt)
+ {
+ this.prompt = prompt;
+ }
+
+ public final void setPassword(String password)
+ {
+ set0(handler, password);
+ }
+
+ /**
+ * Application provided handler method.
+ */
+ protected abstract String onPromptPassword(String prompt)
+ throws Exception;
+
+ /**
+ * Called by the garbage collector when the object is destroyed.
+ * The class will free internal resources allocated by the
+ * Operating system only if there are no additional references
+ * to this object.
+ *
+ * @see Object#finalize()
+ * @throws Throwable the {@code Exception} raised by this method.
+ */
+ @Override
+ protected final void finalize()
+ throws Throwable
+ {
+ del0(handler);
+ }
+
+}
Propchange: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java?rev=1166647&r1=1166646&r2=1166647&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Random.java
Thu Sep 8 12:11:57 2011
@@ -28,15 +28,21 @@ import java.io.File;
public final class Random
{
+ private byte buf[];
+ private int pos;
+
/**
* Creates a new random number generator.
*/
public Random()
{
+ buf = new byte[1024];
+ pos = 0;
}
private static native boolean seed0(String path);
private static native boolean seed1();
+ private static native boolean seed2(byte[] b, int off, int len);
private static native String getdef0();
private static native void setdef0(String path);
@@ -50,6 +56,18 @@ public final class Random
return seed1();
}
+ private static boolean seed(byte[] b, int off, int len)
+ {
+ if (off < 0 || off + len > b.length)
+ throw new IndexOutOfBoundsException();
+ return seed2(b, off, len);
+ }
+
+ private static boolean seed(byte[] b)
+ {
+ return seed2(b, 0, b.length);
+ }
+
public static void setSeedFile(File path)
throws SystemException
{
Modified: commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in?rev=1166647&r1=1166646&r2=1166647&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in (original)
+++ commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in Thu Sep 8 12:11:57 2011
@@ -151,6 +151,7 @@ LIBSOURCES=\
SSLSOURCES=\
$(TOPDIR)/modules/openssl/api.c \
$(TOPDIR)/modules/openssl/init.c \
+ $(TOPDIR)/modules/openssl/password.c \
$(TOPDIR)/modules/openssl/util.c
CXXSOURCES=
Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1166647&r1=1166646&r2=1166647&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Thu Sep 8 12:11:57 2011
@@ -212,14 +212,13 @@ typedef struct ssl_pkc_t {
typedef struct ssl_pass_cb_t {
char *password;
- char *prompt;
- acr_callback_t cb;
+ acr_callback_t *cb;
} ssl_pass_cb_t;
/* Default password callback that
* directly prompts the console
*/
-extern ssl_pass_cb_t ACRSSL_password_cb;
+extern ssl_pass_cb_t *ACRSSL_password_cb;
/* Server context */
typedef struct acr_ssl_ctxt_t {
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c?rev=1166647&r1=1166646&r2=1166647&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c Thu Sep 8 12:11:57
2011
@@ -29,7 +29,6 @@
void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX];
static char ssl_global_rand_file[PATH_MAX] = { 0 };
-ssl_pass_cb_t ACRSSL_password_cb;
/* Dynamic lock structure */
struct CRYPTO_dynlock_value {
@@ -385,6 +384,20 @@ ACR_SSL_EXPORT(jboolean, Random, seed1)(
return ACRSSL_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE;
}
+ACR_SSL_EXPORT(jboolean, Random, seed2)(JNI_STDARGS, jbyteArray ba,
+ jint off, jint len)
+{
+ jboolean rv = JNI_FALSE;
+ jbyte *sb = (*env)->GetPrimitiveArrayCritical(env, ba, 0);
+
+ if (sb) {
+ RAND_seed(sb + off, len);
+ if (RAND_status() > 0)
+ rv = JNI_TRUE;
+ }
+ return rv;
+}
+
ACR_SSL_EXPORT(jstring, Random, getdef0)(JNI_STDARGS)
{
char buffer[PATH_MAX];
Added: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1166647&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (added)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Thu Sep 8 12:11:57
2011
@@ -0,0 +1,74 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "acr/clazz.h"
+#include "acr/error.h"
+#include "acr/misc.h"
+#include "acr/string.h"
+#include "arch_sync.h"
+#include "acr/ssl.h"
+
+#if !HAVE_OPENSSL
+#error "Cannot compile this file without HAVE_OPENSSL defined"
+#endif
+
+/* Global password callback */
+ssl_pass_cb_t *ACRSSL_password_cb;
+
+ACR_SSL_EXPORT(jlong, PasswordCallback, new0)(JNI_STDARGS)
+{
+ ssl_pass_cb_t *pc;
+
+ pc = ACR_TALLOC(ssl_pass_cb_t);
+ if (pc == 0)
+ return 0;
+ pc->cb = AcrCallbackAttach(env, obj, 0, 0, ACR_CALLBACK_NORMAL, 0);
+ if (pc->cb == 0) {
+ AcrFree(pc);
+ return 0;
+ }
+ return P2J(pc);
+}
+
+ACR_SSL_EXPORT(void, PasswordCallback, del0)(JNI_STDARGS, jlong ph)
+{
+ ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
+
+ if (pc != 0) {
+ /* TODO: clanse password */
+ if (pc == ACRSSL_password_cb)
+ ACRSSL_password_cb = 0;
+ AcrFree(pc->password);
+ AcrFree(pc);
+ }
+}
+
+ACR_SSL_EXPORT(void, PasswordCallback, def0)(JNI_STDARGS, jlong ph)
+{
+ ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
+ ACRSSL_password_cb = pc;
+}
+
+ACR_SSL_EXPORT(void, PasswordCallback, set0)(JNI_STDARGS, jlong ph, jstring password)
+{
+ ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
+ if (pc != 0) {
+ AcrFree(pc->password);
+ WITH_DSTR(password) {
+ pc->password = J2S(password);
+ } DONE_WITH_STR(password);
+ }
+}
Propchange: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
------------------------------------------------------------------------------
svn:eol-style = native
|