commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1167009 - in /commons/sandbox/runtime/trunk/src/main: java/org/apache/commons/runtime/ssl/ native/ native/include/acr/ native/modules/openssl/ test/org/apache/commons/runtime/
Date Fri, 09 Sep 2011 05:47:31 GMT
Author: mturk
Date: Fri Sep  9 05:47:30 2011
New Revision: 1167009

URL: http://svn.apache.org/viewvc?rev=1167009&view=rev
Log:
Split RAND code from init.c and make engine as a non-global class

Added:
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c   (with props)
Modified:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Engine.java
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
    commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
    commons/sandbox/runtime/trunk/src/main/native/include/acr/stdtypes.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
    commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Engine.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Engine.java?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Engine.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/Engine.java
Fri Sep  9 05:47:30 2011
@@ -25,32 +25,40 @@ import java.io.File;
 /**
  * OpenSSL Engine
  */
-public final class Engine
+public final class Engine extends NativePointer
 {
-    private static boolean inited = false;
     private static Object  lock;
+    private static Engine  global;
 
     private Engine()
     {
         // No instance
     }
 
+    private Engine(long pointer)
+    {
+        super.pointer = pointer;
+    }
+
     static {
-        lock = new Object();
+        lock   = new Object();
+        global = null;
     }
 
 
-    private static native int           init0(String name);
+    // Hide NativePointer
+    private final long  pointer = 0L;
+    private static native long         init0(String name)
+        throws SystemException;
+    private static native void         free0(long e);
 
     public static void initialize(String name)
         throws SystemException
     {
         synchronized(lock) {
-            if (!inited) {
-                int rc = init0(name);
-                if (rc != 0)
-                    throw new SystemException(Status.describe(rc));
-                inited = true;
+            if (global == null) {
+                // Create global Engine instance.
+                global = new Engine(init0(name));
             }
         }
     }
@@ -58,9 +66,31 @@ public final class Engine
     public static boolean initialized()
     {
         synchronized(lock) {
-            return inited;
+            return global != null;
         }
     }
 
+    public Engine(String name)
+        throws SystemException
+    {
+        super.pointer = init0(name);
+    }
+
+    /**
+     * Called by the garbage collector when the object is destroyed.
+     * The class will free internal resources allocated by the
+     * Operating system only if there are no additional references
+     * to this object.
+     *
+     * @see Object#finalize()
+     * @throws Throwable the {@code Exception} raised by this method.
+     */
+    @Override
+    protected final void finalize()
+        throws Throwable
+    {
+        free0(super.pointer);
+    }
+
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
Fri Sep  9 05:47:30 2011
@@ -27,7 +27,8 @@ public abstract class PasswordCallback
 
     // Hide NativePointer
     private final long  pointer = 0L;
-    
+
+    private boolean     echoOn;
     private String      prompt;
     private native long new0();
     private native void def0(long pointer);
@@ -45,23 +46,25 @@ public abstract class PasswordCallback
     protected PasswordCallback()
     {
         super.pointer = new0();
-        prompt  = Local.sm.get("password.PROMPT");
+        prompt = Local.sm.get("password.PROMPT");
+        echoOn = false;
     }
 
     /**
      * Creates a new object instance
      */
-    protected PasswordCallback(String prompt)
+    protected PasswordCallback(String prompt, boolean echoOn)
     {
         super.pointer = new0();
         this.prompt   = prompt;
+        this.echoOn   = echoOn;
     }
 
     @Override
     public int handler(Object thiz, int code)
     {
         try {
-            String pass = onPasswordPrompt(prompt);
+            String pass = getPassword();
             set0(super.pointer, pass);
             return 1;
         } catch (Exception x) {
@@ -89,10 +92,20 @@ public abstract class PasswordCallback
         set0(super.pointer, password);
     }
 
+    public final String getPrompt()
+    {
+        return prompt;
+    }
+
+    public final boolean isEchoOn()
+    {
+        return echoOn;
+    }
+
     /**
      * Application provided handler method.
      */
-    protected abstract String onPasswordPrompt(String prompt)
+    protected abstract String getPassword()
         throws Exception;
 
     /**

Modified: commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in (original)
+++ commons/sandbox/runtime/trunk/src/main/native/Makefile.unx.in Fri Sep  9 05:47:30 2011
@@ -152,6 +152,7 @@ SSLSOURCES=\
 	$(TOPDIR)/modules/openssl/api.c \
 	$(TOPDIR)/modules/openssl/init.c \
 	$(TOPDIR)/modules/openssl/password.c \
+	$(TOPDIR)/modules/openssl/rand.c \
 	$(TOPDIR)/modules/openssl/util.c
 
 CXXSOURCES=

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/stdtypes.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/stdtypes.h?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/stdtypes.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/stdtypes.h Fri Sep  9 05:47:30
2011
@@ -54,6 +54,7 @@ typedef  unsigned int       acr_u32_t;
 typedef  int                acr_i32_t;
 typedef  unsigned int       acr_size_t;
 typedef  int                acr_ssize_t;
+typedef  unsigned long      acr_ulong_t;
 
 #if defined(_MSC_VER)
 typedef  ptrdiff_t          ssize_t;

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c Fri Sep  9 05:47:30
2011
@@ -28,7 +28,6 @@
 #endif
 
 void *acr_ssl_temp_keys[SSL_TMP_KEY_MAX];
-static char ssl_global_rand_file[PATH_MAX] = { 0 };
 
 /* Dynamic lock structure */
 struct CRYPTO_dynlock_value {
@@ -119,23 +118,12 @@ static void ssl_thread_lock(int mode, in
     }
 }
 
-static unsigned long ssl_thread_id(void)
+unsigned long ssl_thread_id()
 {
-    /* OpenSSL needs this to return an unsigned long.  On OS/390, the pthread
-     * id is a structure twice that big.  Use the TCB pointer instead as a
-     * unique unsigned long.
-     */
-#ifdef __MVS__
-    struct PSA {
-        char unmapped[540];
-        unsigned long PSATOLD;
-    } *psaptr = 0;
-
-    return psaptr->PSATOLD;
-#elif defined(WIN32)
+#if defined(WINDOWS)
     return (unsigned long)GetCurrentThreadId();
 #else
-    return (unsigned long)(pthread_self());
+    return (unsigned long)pthread_self();
 #endif
 }
 
@@ -187,75 +175,6 @@ static void ssl_dynlock_destroy(struct C
     AcrFree(l);
 }
 
-static int ssl_rand_choosenum(int l, int h)
-{
-    int i;
-    char buf[50];
-
-    snprintf(buf, sizeof(buf), "%.0f", (((double)(_bsd_arc4random() % RAND_MAX) / RAND_MAX)
* (h - l)));
-    i = atoi(buf) + 1;
-    if (i < l) i = l;
-    if (i > h) i = h;
-    return i;
-}
-
-static int ssl_rand_load_file(const char *file)
-{
-    char buffer[PATH_MAX];
-    int n;
-
-    if (file == 0)
-        file = ssl_global_rand_file;
-    if (strcmp(file, "builtin") == 0)
-        return -1;
-    if (*file == '\0')
-        file = RAND_file_name(buffer, sizeof(buffer));
-    if (file != 0 && *file != '\0') {
-        if (strncmp(file, "egd:", 4) == 0) {
-            if ((n = RAND_egd(file + 4)) > 0)
-                return n;
-            else
-                return -1;
-        }
-        if ((n = RAND_load_file(file, -1)) > 0)
-            return n;
-    }
-    return -1;
-}
-
-int ssl_rand_seed(const char *file)
-{
-    unsigned char stackdata[256];
-    static volatile unsigned int counter = 0;
-
-    if (ssl_rand_load_file(file) < 0) {
-        int n;
-        struct {
-            acr_time_t    t;
-            pid_t         p;
-            unsigned long i;
-            unsigned int  u;
-        } _ssl_seed;
-        if (counter == 0) {
-            for (n = 0; n < 256; n++)
-                stackdata[n] = (unsigned char)_bsd_arc4random();
-            RAND_seed(stackdata, 128);
-        }
-        _ssl_seed.t = AcrTimeNow();
-        _ssl_seed.p = getpid();
-        _ssl_seed.i = ssl_thread_id();
-        counter++;
-        _ssl_seed.u = counter;
-        RAND_seed((unsigned char *)&_ssl_seed, sizeof(_ssl_seed));
-        /*
-         * seed in some current state of the run-time stack (128 bytes)
-         */
-        n = ssl_rand_choosenum(0, 127);
-        RAND_seed(stackdata + n,  128);
-    }
-    return RAND_status();
-}
-
 static int ssl_initialized = 0;
 
 ACR_SSL_EXPORT(jint, Library, init0)(JNI_STDARGS)
@@ -335,13 +254,13 @@ ACR_SSL_EXPORT(void, Library, fipsmode0)
 #endif
 }
 
-ACR_SSL_EXPORT(jint, Engine, init0)(JNI_STDARGS, jstring name)
+ACR_SSL_EXPORT(jlong, Engine, init0)(JNI_STDARGS, jstring name)
 {
+    jlong ep = 0;
+    int   rc = 0;
 #ifndef OPENSSL_NO_ENGINE
-    int rc = 0;
     WITH_CSTR(name) {
         ENGINE *ee = 0;
-        rc = 0;
         if (strcmp(J2S(name), "auto") == 0) {
             ENGINE_register_all_complete();
         }
@@ -355,63 +274,25 @@ ACR_SSL_EXPORT(jint, Engine, init0)(JNI_
                 if (!ENGINE_set_default(ee, ENGINE_METHOD_ALL))
                     rc = ACR_ENOTIMPL;
             }
-            /* Free our "structural" reference. */
             if (ee != 0)
-                ENGINE_free(ee);
+                ep = P2J(ee);
         }
     } DONE_WITH_STR(name);
-    return rc;
 #else
-    return ACR_ENOTIMPL;
+    rc = ACR_ENOTIMPL;
 #endif
+    if (rc != 0)
+        ACR_THROW_SYS_ERROR(rc);
+    return ep;
 }
 
-ACR_SSL_EXPORT(jboolean, Random, seed0)(JNI_STDARGS, jstring file)
+ACR_SSL_EXPORT(void, Engine, free0)(JNI_STDARGS, jlong ep)
 {
-    int rc = 0;
-    /* Initialize PRNG
-     * This will in most cases call the builtin
-     * low entropy seed.
-     */
-    WITH_CSTR(file) {
-        rc = ssl_rand_seed(J2S(file));
-    } DONE_WITH_STR(file);
-    return rc == 0 ? JNI_FALSE : JNI_TRUE;
-}
-
-ACR_SSL_EXPORT(jboolean, Random, seed1)(JNI_STDARGS)
-{
-    return ssl_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE;
-}
-
-ACR_SSL_EXPORT(jboolean, Random, seed2)(JNI_STDARGS, jbyteArray ba,
-                                        jint off, jint len)
-{
-    jboolean rv = JNI_FALSE;
-    jbyte *sb = (*env)->GetPrimitiveArrayCritical(env, ba, 0);
-
-    if (sb) {
-        RAND_seed(sb + off, len);
-        if (RAND_status() > 0)
-            rv = JNI_TRUE;
-    }
-    return rv;
-}
-
-ACR_SSL_EXPORT(jstring, Random, getdef0)(JNI_STDARGS)
-{
-    char buffer[PATH_MAX];
-    if (ssl_global_rand_file[0] != '\0')
-        return AcrNewJavaStringA(env, ssl_global_rand_file);
-    if (RAND_file_name(buffer, sizeof(buffer)) != 0)
-        return AcrNewJavaStringA(env, buffer);
-    else
-        return 0;
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE *ee = J2P(ep, ENGINE *);
+    /* Free our "structural" reference. */
+    if (ee != 0)
+        ENGINE_free(ee);
+#endif
 }
 
-ACR_SSL_EXPORT(void, Random, setdef0)(JNI_STDARGS, jstring path)
-{
-    WITH_CSTR(path) {
-        strlcpy(ssl_global_rand_file, J2S(path), PATH_MAX);
-    } DONE_WITH_STR(path);
-}

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Fri Sep  9 05:47:30
2011
@@ -77,6 +77,7 @@ ACR_SSL_EXPORT(void, PasswordCallback, d
             /* XXX: Should we allow that ? */
             acr_ssl_password_cb = 0;
         }
+        AcrCallbackFree(env, pc->cb);
         AcrMemCleanse(pc->password, 0);
         AcrFree(pc->password);
         AcrFree(pc);
@@ -106,7 +107,8 @@ ACR_SSL_EXPORT(int, TestOpenSSL, runPass
 {
     if (acr_ssl_password_cb != 0) {
         AcrCallbackRun(0, acr_ssl_password_cb->cb, 0, 0, 0);
-        if (acr_ssl_password_cb->password && strcmp(acr_ssl_password_cb->password,
"secret") == 0)
+        if (acr_ssl_password_cb->password != 0 &&
+            strcmp(acr_ssl_password_cb->password, "secret") == 0)
             return 0;
         else
             return ACR_EINVAL;

Added: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c?rev=1167009&view=auto
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c (added)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c Fri Sep  9 05:47:30
2011
@@ -0,0 +1,154 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "acr/clazz.h"
+#include "acr/error.h"
+#include "acr/misc.h"
+#include "acr/string.h"
+#include "acr/port.h"
+#include "acr/ssl.h"
+#include "arch_sync.h"
+
+#if !HAVE_OPENSSL
+#error "Cannot compile this file without HAVE_OPENSSL defined"
+#endif
+
+static char ssl_global_rand_file[PATH_MAX] = { 0 };
+static int ssl_rand_choosenum(int l, int h)
+{
+    int i;
+    char buf[50];
+
+    snprintf(buf, sizeof(buf), "%.0f", (((double)(_bsd_arc4random() % RAND_MAX) / RAND_MAX)
* (h - l)));
+    i = atoi(buf) + 1;
+    if (i < l) i = l;
+    if (i > h) i = h;
+    return i;
+}
+
+static int ssl_rand_load_file(const char *file)
+{
+    char buffer[PATH_MAX];
+    int n;
+
+    if (file == 0)
+        file = ssl_global_rand_file;
+    if (strcmp(file, "builtin") == 0)
+        return -1;
+    if (*file == '\0')
+        file = RAND_file_name(buffer, sizeof(buffer));
+    if (file != 0 && *file != '\0') {
+        if (strncmp(file, "egd:", 4) == 0) {
+            if ((n = RAND_egd(file + 4)) > 0)
+                return n;
+            else
+                return -1;
+        }
+        if ((n = RAND_load_file(file, -1)) > 0)
+            return n;
+    }
+    return -1;
+}
+
+int ssl_rand_seed(const char *file)
+{
+    unsigned char stackdata[256];
+    static volatile unsigned int counter = 0;
+
+    if (ssl_rand_load_file(file) < 0) {
+        int n;
+        struct {
+            acr_time_t    t;
+            pid_t         p;
+#if defined(WINDOWS)
+            DWORD         i;
+#else
+            pthread_t     i;
+#endif
+            unsigned int  u;
+        } _ssl_seed;
+        if (counter == 0) {
+            for (n = 0; n < 256; n++)
+                stackdata[n] = (unsigned char)_bsd_arc4random();
+            RAND_seed(stackdata, 128);
+        }
+        _ssl_seed.t = AcrTimeNow();
+        _ssl_seed.p = getpid();
+#if defined(WINDOWS)
+        _ssl_seed.i = GetCurrentThreadId();
+#else
+        _ssl_seed.i = pthread_self();
+#endif
+        _ssl_seed.u = ++counter;
+        RAND_seed((unsigned char *)&_ssl_seed, sizeof(_ssl_seed));
+        /*
+         * seed in some current state of the run-time stack (128 bytes)
+         */
+        n = ssl_rand_choosenum(0, 127);
+        RAND_seed(stackdata + n,  128);
+    }
+    return RAND_status();
+}
+
+ACR_SSL_EXPORT(jboolean, Random, seed0)(JNI_STDARGS, jstring file)
+{
+    int rc = 0;
+    /* Initialize PRNG
+     * This will in most cases call the builtin
+     * low entropy seed.
+     */
+    WITH_CSTR(file) {
+        rc = ssl_rand_seed(J2S(file));
+    } DONE_WITH_STR(file);
+    return rc == 0 ? JNI_FALSE : JNI_TRUE;
+}
+
+ACR_SSL_EXPORT(jboolean, Random, seed1)(JNI_STDARGS)
+{
+    return ssl_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE;
+}
+
+ACR_SSL_EXPORT(jboolean, Random, seed2)(JNI_STDARGS, jbyteArray ba,
+                                        jint off, jint len)
+{
+    jboolean rv = JNI_FALSE;
+    jbyte *sb = (*env)->GetPrimitiveArrayCritical(env, ba, 0);
+
+    if (sb) {
+        RAND_seed(sb + off, len);
+        if (RAND_status() > 0)
+            rv = JNI_TRUE;
+    }
+    return rv;
+}
+
+ACR_SSL_EXPORT(jstring, Random, getdef0)(JNI_STDARGS)
+{
+    char buffer[PATH_MAX];
+    if (ssl_global_rand_file[0] != '\0')
+        return AcrNewJavaStringA(env, ssl_global_rand_file);
+    if (RAND_file_name(buffer, sizeof(buffer)) != 0)
+        return AcrNewJavaStringA(env, buffer);
+    else
+        return 0;
+}
+
+ACR_SSL_EXPORT(void, Random, setdef0)(JNI_STDARGS, jstring path)
+{
+    WITH_CSTR(path) {
+        strlcpy(ssl_global_rand_file, J2S(path), PATH_MAX);
+    } DONE_WITH_STR(path);
+}

Propchange: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/rand.c
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java?rev=1167009&r1=1167008&r2=1167009&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
Fri Sep  9 05:47:30 2011
@@ -34,11 +34,14 @@ public class TestOpenSSL extends Assert
         }
 
         @Override
-        public String onPasswordPrompt(String prompt)
+        public String getPassword()
             throws Exception
         {
-            System.out.print(prompt);
+            System.out.print(getPrompt());
             System.out.println();
+            // This would be the place where application
+            // would obtain the password from the user or
+            // from some configuration.
             return "secret";
         }
     }



Mime
View raw message