commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1170844 - in /commons/sandbox/runtime/trunk/src/main/native: include/acr/ssl.h modules/openssl/api.c modules/openssl/ctx.c
Date Wed, 14 Sep 2011 20:46:41 GMT
Author: mturk
Date: Wed Sep 14 20:46:41 2011
New Revision: 1170844

URL: http://svn.apache.org/viewvc?rev=1170844&view=rev
Log:
Add more of ssl api

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Wed Sep 14 20:46:41 2011
@@ -293,6 +293,7 @@ typedef struct acr_ssl_ctxt_t {
     int              ca_certs;
     int              shutdown_type;
     char            *rand_file;
+    ssl_pass_cb_t   *password_callback;
 
     /* for client or downstream server authentication */
     int              verify_depth;

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Wed Sep 14 20:46:41
2011
@@ -139,6 +139,8 @@ struct SSLAPIst {
     /*** PEM      ***/
     DH*                 (*fpPEM_read_bio_DHparams)(BIO *, DH **, pem_password_cb *, void
*);
     X509*               (*fpPEM_read_bio_X509)(BIO *, X509 **, pem_password_cb *, void *);
+    X509*               (*fpPEM_read_bio_X509_AUX)(BIO *, X509 **, pem_password_cb *, void
*);
+    EVP_PKEY*           (*fpPEM_read_bio_PrivateKey)(BIO *, EVP_PKEY **, pem_password_cb
*, void *);
 
     /*** RAND     ***/
     int                 (*fpRAND_bytes)(unsigned char *, int);
@@ -197,6 +199,7 @@ struct SSLAPIst {
     void                (*fpX509_free)(X509 *);
     void                (*fpX509_STORE_free)(X509_STORE *);
     int                 (*fpX509_STORE_set_flags)(X509_STORE *, unsigned long);
+    X509*               (*fpd2i_X509_bio)(BIO *, X509 **);
 
     /*** _STACK   ***/
     void                (*fpsk_pop_free)(SSLAPI_STACK *, void (*)(void *));
@@ -350,6 +353,8 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     /*** PEM      ***/
     CRYPTO_FPLOAD(PEM_read_bio_DHparams);
     CRYPTO_FPLOAD(PEM_read_bio_X509);
+    CRYPTO_FPLOAD(PEM_read_bio_X509_AUX);
+    CRYPTO_FPLOAD(PEM_read_bio_PrivateKey);
 
     /*** RAND     ***/
     CRYPTO_FPLOAD(RAND_bytes);
@@ -366,7 +371,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
     CRYPTO_FPLOAD(X509_free);
     CRYPTO_FPLOAD(X509_STORE_free);
     CRYPTO_FPLOAD(X509_STORE_set_flags);
-
+    CRYPTO_FPLOAD(d2i_X509_bio);
     /*** _STACK   ***/
     CRYPTO_FPLOAD(sk_pop_free);
     /* Optional functions
@@ -702,6 +707,16 @@ X509 *PEM_read_bio_X509(BIO *bp, X509 **
     return SSLAPI_CALL(PEM_read_bio_X509)(bp, x, cb, u);
 }
 
+X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u)
+{
+    return SSLAPI_CALL(PEM_read_bio_X509_AUX)(bp, x, cb, u);
+}
+
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
+{
+    return SSLAPI_CALL(PEM_read_bio_PrivateKey)(bp, x, cb, u);
+}
+
 int RAND_bytes(unsigned char *buf, int num)
 {
     return SSLAPI_CALL(RAND_bytes)(buf, num);
@@ -867,6 +882,11 @@ void X509_free(X509 *x)
     SSLAPI_CALL(X509_free)(x);
 }
 
+X509 *d2i_X509_bio(BIO *bp,X509 **x509)
+{
+    return SSLAPI_CALL(d2i_X509_bio)(bp, x509);
+}
+
 void X509_STORE_free(X509_STORE *v)
 {
     SSLAPI_CALL(X509_STORE_free)(v);

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c Wed Sep 14 20:46:41
2011
@@ -249,3 +249,61 @@ ACR_SSL_EXPORT(void, SSLContext, setveri
     }
     SSL_CTX_set_verify(c->ctx, verify, 0 /* ssl_callback_ssl_verify */);
 }
+
+ACR_SSL_EXPORT(void, SSLContext, setpasscb0)(JNI_STDARGS, jlong ctx,
+                                             jlong cb)
+{
+    acr_ssl_ctxt_t *c = J2P(ctx, acr_ssl_ctxt_t *);
+    c->password_callback = J2P(cb, ssl_pass_cb_t *);
+}
+
+EVP_PKEY *load_pem_key(acr_ssl_ctxt_t *c, const char *file)
+{
+    BIO *bio = 0;
+    EVP_PKEY *key = 0;
+    int i;
+
+    if ((bio = BIO_new(BIO_s_file())) == NULL) {
+        return NULL;
+    }
+    if (BIO_read_filename(bio, file) <= 0) {
+        BIO_free(bio);
+        return NULL;
+    }
+    for (i = 0; i < 3; i++) {
+        key = PEM_read_bio_PrivateKey(bio, 0,
+                                      ssl_password_callback,
+                                      c->password_callback);
+        if (key != 0)
+            break;
+        if (c->password_callback) {
+            ACR_MFREE(c->password_callback->password);
+        }
+        BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+    }
+    BIO_free(bio);
+    return key;
+}
+
+X509 *load_pem_cert(acr_ssl_ctxt_t *c, const char *file)
+{
+    BIO  *bio  = 0;
+    X509 *cert = 0;
+
+    if ((bio = BIO_new(BIO_s_file())) == 0)
+        return 0;
+    if (BIO_read_filename(bio, file) <= 0) {
+        BIO_free(bio);
+        return 0;
+    }
+    cert = PEM_read_bio_X509_AUX(bio, 0,
+                                 ssl_password_callback,
+                                 c->password_callback);
+    if (cert == 0 && ERR_GET_REASON(ERR_get_error()) == PEM_R_NO_START_LINE) {
+        ERR_clear_error();
+        BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+        cert = d2i_X509_bio(bio, 0);
+    }
+    BIO_free(bio);
+    return cert;
+}



Mime
View raw message