commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1171401 - in /commons/sandbox/runtime/trunk/src/main: java/org/apache/commons/runtime/ssl/ native/include/acr/ native/modules/openssl/ native/shared/ test/org/apache/commons/runtime/
Date Fri, 16 Sep 2011 06:57:53 GMT
Author: mturk
Date: Fri Sep 16 06:57:52 2011
New Revision: 1171401

URL: http://svn.apache.org/viewvc?rev=1171401&view=rev
Log:
Add description context for password callbacks

Modified:
    commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
    commons/sandbox/runtime/trunk/src/main/native/shared/callback.c
    commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java

Modified: commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/java/org/apache/commons/runtime/ssl/PasswordCallback.java
Fri Sep 16 06:57:52 2011
@@ -34,6 +34,7 @@ public abstract class PasswordCallback
     private native void def0(long pointer);
     private native void del0(long pointer);
     private native void set0(long pointer, String password);
+    private native void set1(long pointer, byte[] password);
 
     private static Object lock;
     static {
@@ -61,10 +62,10 @@ public abstract class PasswordCallback
     }
 
     @Override
-    public int handler(Object thiz, int code)
+    public int handler(Object data, int code)
     {
         try {
-            String pass = getPassword();
+            String pass = getPassword((String)data);
             set0(super.pointer, pass);
             return 1;
         } catch (Exception x) {
@@ -92,6 +93,11 @@ public abstract class PasswordCallback
         set0(super.pointer, password);
     }
 
+    public final void setPassword(byte[] password)
+    {
+        set1(super.pointer, password);
+    }
+
     public final String getPrompt()
     {
         return prompt;
@@ -105,7 +111,7 @@ public abstract class PasswordCallback
     /**
      * Application provided handler method.
      */
-    protected abstract String getPassword()
+    protected abstract String getPassword(String desc)
         throws Exception;
 
     /**

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Fri Sep 16 06:57:52 2011
@@ -262,7 +262,10 @@ typedef struct ssl_pkc_t {
 } ssl_pkc_t;
 
 typedef struct ssl_pass_cb_t {
-    char     *password;
+    char           *password;
+    int             password_len;
+    const char     *desc;
+    char            buf[256];
     acr_callback_t *cb;
 } ssl_pass_cb_t;
 

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c Fri Sep 16 06:57:52
2011
@@ -259,16 +259,15 @@ ACR_SSL_EXPORT(void, SSLContext, setpass
 
 EVP_PKEY *load_pem_key(acr_ssl_ctxt_t *c, const char *file)
 {
-    BIO *bio = 0;
+    BIO      *bio = 0;
     EVP_PKEY *key = 0;
     int i;
 
-    if ((bio = BIO_new(BIO_s_file())) == NULL) {
-        return NULL;
-    }
+    if ((bio = BIO_new(BIO_s_file())) == 0)
+        return 0;
     if (BIO_read_filename(bio, file) <= 0) {
         BIO_free(bio);
-        return NULL;
+        return 0;
     }
     for (i = 0; i < 3; i++) {
         key = PEM_read_bio_PrivateKey(bio, 0,
@@ -276,7 +275,7 @@ EVP_PKEY *load_pem_key(acr_ssl_ctxt_t *c
                                       c->password_callback);
         if (key != 0)
             break;
-        if (c->password_callback) {
+        if (c->password_callback != 0) {
             ACR_MFREE(c->password_callback->password);
         }
         BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Fri Sep 16 06:57:52
2011
@@ -46,14 +46,24 @@ int ssl_password_callback(char *buf, int
     if (pcb == 0)
         return -1;
     if (pcb->password == 0) {
+        jstring str = 0;
+        JNIEnv *env = AcrGetJNIEnv();
+        if (IS_INVALID_HANDLE(env))
+            return -1;
+        if (pcb->desc != 0) {
+            str = AcrNewJavaStringA(env, pcb->desc);
+            if (str == 0)
+                return -1;
+        }
         /* Call PasswordCallback.handler()
          */
-        AcrCallbackRun(0, pcb->cb, 0, 0, 0);
+        if (AcrCallbackRun(env, pcb->cb, str, 0, 0) != 0)
+            return -1;
     }
     if (pcb->password != 0) {
         /* Return already obtained password */
         strlcpy(buf, pcb->password, bufsiz);
-        return (int)strlen(buf);
+        return pcb->password_len;
     }
     return -1;
 }
@@ -70,6 +80,7 @@ ACR_SSL_EXPORT(jlong, PasswordCallback, 
         AcrFree(pc);
         return 0;
     }
+    pc->password_len = UNSET;
     return P2J(pc);
 }
 
@@ -83,8 +94,7 @@ ACR_SSL_EXPORT(void, PasswordCallback, d
             acr_ssl_password_cb = 0;
         }
         AcrCallbackFree(env, pc->cb);
-        AcrMemCleanse(pc->password, 0);
-        AcrFree(pc->password);
+        AcrMemCleanse(pc->buf, sizeof(pc->buf));
         AcrFree(pc);
     }
 }
@@ -99,11 +109,35 @@ ACR_SSL_EXPORT(void, PasswordCallback, s
 {
     ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
     if (pc != 0) {
-        AcrMemCleanse(pc->password, 0);
-        ACR_MFREE(pc->password);
-        WITH_CSTR(password) {
-            pc->password = AcrStrdup(env, J2S(password));
-        } DONE_WITH_STR(password);
+        AcrMemCleanse(pc->buf, sizeof(pc->buf));
+        pc->password     = 0;
+        pc->password_len = UNSET;
+        if (password != 0) {
+            WITH_CSTR(password) {
+                strlcpy(pc->buf, J2S(password), sizeof(pc->buf));
+                pc->password_len = strlen(pc->buf);
+                pc->password     = pc->buf;
+            } DONE_WITH_STR(password);
+        }
+    }
+}
+
+ACR_SSL_EXPORT(void, PasswordCallback, set1)(JNI_STDARGS, jlong ph,
+                                             jbyteArray password)
+{
+    ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
+    if (pc != 0) {
+        AcrMemCleanse(pc->buf, sizeof(pc->buf));
+        pc->password     = 0;
+        pc->password_len = UNSET;
+        if (password != 0) {
+            int sz = (*env)->GetArrayLength(env, password);
+            if (sz > 0 && sz < ISIZEOF(pc->buf)) {
+                (*env)->GetByteArrayRegion(env, password, 0, sz, (jbyte *)pc->buf);
+                pc->password_len = sz;
+                pc->password     = pc->buf;
+            }
+        }
     }
 }
 
@@ -111,7 +145,8 @@ ACR_SSL_EXPORT(void, PasswordCallback, s
 ACR_SSL_EXPORT(int, TestOpenSSL, runPasswordCallback)(JNI_STDARGS)
 {
     if (acr_ssl_password_cb != 0) {
-        AcrCallbackRun(0, acr_ssl_password_cb->cb, 0, 0, 0);
+        jstring str = AcrNewJavaStringA(env, "/foo/bar");
+        AcrCallbackRun(env, acr_ssl_password_cb->cb, str, 0, 0);
         if (acr_ssl_password_cb->password != 0 &&
             strcmp(acr_ssl_password_cb->password, "secret") == 0)
             return 0;

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Fri Sep 16 06:57:52
2011
@@ -37,19 +37,17 @@
  * also note that OpenSSL increments at static variable when
  * SSL_get_ex_new_index() is called, so we _must_ do this at startup.
  */
-static int app_data2_idx = -1;
+static int app_data2_idx = UNSET;
 
-void ssl_init_app_data2_idx(void)
+void ssl_init_app_data2_idx()
 {
     int i;
 
-    if (app_data2_idx > -1) {
+    if (app_data2_idx != UNSET)
         return;
-    }
     /* we _do_ need to call this twice */
-    for (i = 0; i <= 1; i++) {
+    for (i = 0; i <= 1; i++)
         app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", 0, 0,
0);
-    }
 }
 
 void *ssl_get_app_data2(SSL *ssl)

Modified: commons/sandbox/runtime/trunk/src/main/native/shared/callback.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/callback.c?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/callback.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/callback.c Fri Sep 16 06:57:52 2011
@@ -136,7 +136,7 @@ AcrCallbackRun(JNI_STDENV, acr_callback_
         if (IS_INVALID_HANDLE(env))
             return ACR_ENOJNIENV;
     }
-    if (cb->handler) {
+    if (cb->handler != 0) {
         /* This is native callback
          */
         if (cb->type == ACR_CALLBACK_SYNC) {
@@ -152,7 +152,7 @@ AcrCallbackRun(JNI_STDENV, acr_callback_
         }
         rc = 0;
     }
-    if (cb->thiz == NULL) {
+    if (cb->thiz == 0) {
         /* Either invalid or already handled */
         return rc;
     }

Modified: commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java?rev=1171401&r1=1171400&r2=1171401&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
(original)
+++ commons/sandbox/runtime/trunk/src/main/test/org/apache/commons/runtime/TestOpenSSL.java
Fri Sep 16 06:57:52 2011
@@ -35,10 +35,12 @@ public class TestOpenSSL extends Assert
         }
 
         @Override
-        public String getPassword()
+        public String getPassword(String desc)
             throws Exception
         {
+            assertEquals(desc, "/foo/bar");
             System.out.print(getPrompt());
+            System.out.print(" for '" + desc + "'");
             System.out.println();
             // This would be the place where application
             // would obtain the password from the user or



Mime
View raw message