directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From trus...@apache.org
Subject svn commit: r368585 - in /directory/sandbox/trustin/ldaps: apacheds-server-ssl/ apacheds-server-ssl/src/ apacheds-server-ssl/src/main/ apacheds-server-ssl/src/main/java/ apacheds-server-ssl/src/main/java/org/ apacheds-server-ssl/src/main/java/org/apach...
Date Fri, 13 Jan 2006 04:39:37 GMT
Author: trustin
Date: Thu Jan 12 20:39:18 2006
New Revision: 368585

URL: http://svn.apache.org/viewcvs?rev=368585&view=rev
Log:
Moved LDAPS support to the new subproject, apacheds-server-ssl


Added:
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/
    directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert   (with
props)
Removed:
    directory/sandbox/trustin/ldaps/apacheds-server-unit/src/test/java/org/apache/ldap/server/LdapsTest.java
    directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ssl/
Modified:
    directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml (added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/pom.xml Thu Jan 12 20:39:18 2006
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.apache.directory.server</groupId>
+    <artifactId>apacheds-build</artifactId>
+    <version>0.9.4-SNAPSHOT</version>
+  </parent>
+  <artifactId>org.apache.ldap.server.ssl</artifactId>
+  <name>apacheds-server-ssl</name>
+  <packaging>jar</packaging>  
+  <dependencies>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>nlog4j</artifactId>
+      <version>1.2.17</version>
+    </dependency>  
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>org.apache.ldap.server</artifactId>
+      <version>0.9.4-SNAPSHOT</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>org.apache.ldap.server.unit</artifactId>
+      <version>0.9.4-SNAPSHOT</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.mina</groupId>
+      <artifactId>org.apache.mina.filter.ssl</artifactId>
+      <version>0.9.1-SNAPSHOT</version>
+    </dependency>
+  </dependencies>
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <configuration>
+          <source>1.4</source>
+          <target>1.4</target>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>
+

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/LdapsInitializer.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,118 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+
+import javax.naming.NamingException;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+
+import org.apache.ldap.server.configuration.ServerStartupConfiguration;
+import org.apache.ldap.server.jndi.ssl.support.ServerX509TrustManager;
+import org.apache.mina.common.DefaultIoFilterChainBuilder;
+import org.apache.mina.common.IoFilterChainBuilder;
+import org.apache.mina.filter.SSLFilter;
+
+/**
+ * Loads the certificate file for LDAPS support and creates the appropriate
+ * MINA filter chain.
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 368358 $, $Date: 2006-01-12 12:50:40Z $
+ *
+ */
+public class LdapsInitializer
+{
+    public static IoFilterChainBuilder init( ServerStartupConfiguration cfg ) throws NamingException
+    {
+        // Load the certificate
+        char[] certPasswdChars = cfg.getLdapsCertificatePassword().toCharArray();
+        String storePath = cfg.getLdapsCertificateFile().getPath();
+        
+        KeyStore ks = null;
+        try
+        {
+            ks = loadKeyStore( storePath, "PKCS12" );
+        }
+        catch( Exception e )
+        {
+            try
+            {
+                ks = loadKeyStore( storePath, "JKS" );
+            }
+            catch( Exception e2 )
+            {
+                throw ( NamingException ) new NamingException( "Failed to load a certificate:
" + storePath ).initCause( e );
+            }
+        }
+
+        SSLContext sslCtx;
+        try
+        {
+            // Set up key manager factory to use our key store
+            KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
+            kmf.init( ks, certPasswdChars );
+    
+            // Initialize the SSLContext to work with our key managers.
+            sslCtx = SSLContext.getInstance( "TLS" );
+            sslCtx.init( kmf.getKeyManagers(),
+                    new TrustManager[] { new ServerX509TrustManager() }, new SecureRandom()
);
+        }
+        catch( Exception e )
+        {
+            throw ( NamingException ) new NamingException( "Failed to create a SSL context."
).initCause( e );
+        }
+        
+        DefaultIoFilterChainBuilder chain = new DefaultIoFilterChainBuilder();
+        chain.addLast( "SSL", new SSLFilter( sslCtx ) );
+        return chain;
+    }
+    
+    private static KeyStore loadKeyStore( String storePath, String storeType ) throws KeyStoreException,
IOException, CertificateException, NoSuchAlgorithmException
+    {
+        FileInputStream in = null;
+        // Create keystore
+        KeyStore ks = KeyStore.getInstance( storeType );
+        try
+        {
+            in = new FileInputStream( storePath );
+            ks.load( in, null );
+            return ks;
+        }
+        finally
+        {
+            if( in != null )
+            {
+                try
+                {
+                    in.close();
+                }
+                catch( IOException ignored )
+                {
+                }
+            }
+        }
+    }
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/main/java/org/apache/ldap/server/jndi/ssl/support/ServerX509TrustManager.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,51 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * An {@link X509TrustManager} for LDAP server.
+ *
+ * @author Trustin Lee
+ * @version $Rev: 368356 $, $Date: 2006-01-12 12:35:14Z $
+ */
+public class ServerX509TrustManager implements X509TrustManager
+{
+    public ServerX509TrustManager()
+    {
+    }
+
+    public void checkClientTrusted( X509Certificate[] arg0, String arg1 ) throws CertificateException
+    {
+        // We don't check clients at all right now.
+        // XXX: Do we need a client-side certificates?
+    }
+
+    public void checkServerTrusted( X509Certificate[] arg0, String arg1 ) throws CertificateException
+    {
+        // It is server-side trust manager, so we don't need to check the server itself.
+    }
+
+    public X509Certificate[] getAcceptedIssuers()
+    {
+        return null;
+    }
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/LdapsTest.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,129 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl;
+
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.util.Hashtable;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.ldap.server.AbstractServerTest;
+import org.apache.ldap.server.jndi.ssl.support.SSLSocketFactory;
+import org.apache.mina.util.AvailablePortFinder;
+
+
+/**
+ * Test case to verify DIREVE-216.  Starts up the server binds via SUN JNDI provider
+ * to perform add modify operations on entries.
+ * 
+ * @author szoerner
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 365899 $
+ */
+public class LdapsTest extends AbstractServerTest
+{
+    private static final String RDN = "cn=The Person";
+
+    private DirContext ctx = null;
+
+
+    /**
+     * Create an entry for a person.
+     */
+    public void setUp() throws Exception
+    {
+        doDelete( configuration.getWorkingDirectory() );
+        
+        int ldapsPort = AvailablePortFinder.getNextAvailable( 8192 );
+        configuration.setEnableLdaps( true );
+        configuration.setLdapsCertificatePassword( "boguspw" );
+        configuration.setLdapsPort( ldapsPort );
+
+        // Copy the bogus certificate to the certificates directory.
+        InputStream in = getClass().getResourceAsStream( "/bogus.cert" );
+        configuration.getLdapsCertificateFile().getParentFile().mkdirs();
+
+        System.out.println( configuration.getLdapsCertificateFile().getAbsolutePath() );
+        FileOutputStream out = new FileOutputStream(
+                configuration.getLdapsCertificateFile() );
+
+        for( ;; )
+        {
+            int c = in.read();
+            if( c < 0 )
+                break;
+            {
+            }
+            out.write( c );
+        }
+
+        in.close();
+        out.close();
+        
+        doDelete = false;
+        super.setUp();
+        doDelete = true;
+
+        Hashtable env = new Hashtable();
+        env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+        env.put( "java.naming.provider.url", "ldap://localhost:" + ldapsPort + "/ou=system"
);
+        env.put( "java.naming.ldap.factory.socket", SSLSocketFactory.class.getName() );
+        env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+        env.put( "java.naming.security.credentials", "secret" );
+        env.put( "java.naming.security.authentication", "simple" );
+        ctx = new InitialDirContext( env );
+    }
+
+
+    /**
+     * Remove the person.
+     */
+    public void tearDown() throws Exception
+    {
+        ctx.unbind(RDN);
+        ctx.close();
+        ctx = null;
+        super.tearDown();
+    }
+
+
+    /**
+     * Just a little test to check if the connection is made successfully.
+     */
+    public void testSetUpTearDown() throws NamingException
+    {
+        // Create a person
+        Attributes attributes = new BasicAttributes( true );
+        Attribute attribute = new BasicAttribute( "objectClass" );
+        attribute.add( "top" );
+        attribute.add( "person" );
+        attributes.put( attribute );
+        attributes.put( "cn", "The Person" );
+        attributes.put( "sn", "Person" );
+        attributes.put( "description", "this is a person" );
+        DirContext person = ctx.createSubcontext( RDN, attributes );
+
+        assertNotNull( person );
+    }
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusSSLContextFactory.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,160 @@
+/*
+ *   @(#) $Id: BogusSSLContextFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+
+/**
+ * Factory to create a bougus SSLContext.
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (수, 04  1월 2006) $
+ */
+public class BogusSSLContextFactory
+{
+
+    /**
+     * Protocol to use.
+     */
+    private static final String PROTOCOL = "TLS";
+
+    /**
+     * Bougus Server certificate keystore file name.
+     */
+    private static final String BOGUS_KEYSTORE = "/bogus.cert";
+
+    // NOTE: The keystore was generated using keytool:
+    //   keytool -genkey -alias bogus -keysize 512 -validity 3650
+    //           -keyalg RSA -dname "CN=bogus.com, OU=XXX CA,
+    //               O=Bogus Inc, L=Stockholm, S=Stockholm, C=SE"
+    //           -keypass boguspw -storepass boguspw -keystore bogus.cert
+
+    /**
+     * Bougus keystore password.
+     */
+    private static final char[] BOGUS_PW = { 'b', 'o', 'g', 'u', 's', 'p',
+                                            'w' };
+
+    private static SSLContext serverInstance = null;
+
+    private static SSLContext clientInstance = null;
+
+    /**
+     * Get SSLContext singleton.
+     *
+     * @return SSLContext
+     * @throws java.security.GeneralSecurityException
+     *
+     */
+    public static SSLContext getInstance( boolean server )
+            throws GeneralSecurityException
+    {
+        SSLContext retInstance = null;
+        if( server )
+        {
+            if( serverInstance == null )
+            {
+                synchronized( BogusSSLContextFactory.class )
+                {
+                    if( serverInstance == null )
+                    {
+                        try
+                        {
+                            serverInstance = createBougusServerSSLContext();
+                        }
+                        catch( Exception ioe )
+                        {
+                            throw new GeneralSecurityException(
+                                    "Can't create Server SSLContext:" + ioe );
+                        }
+                    }
+                }
+            }
+            retInstance = serverInstance;
+        }
+        else
+        {
+            if( clientInstance == null )
+            {
+                synchronized( BogusSSLContextFactory.class )
+                {
+                    if( clientInstance == null )
+                    {
+                        clientInstance = createBougusClientSSLContext();
+                    }
+                }
+            }
+            retInstance = clientInstance;
+        }
+        return retInstance;
+    }
+
+    private static SSLContext createBougusServerSSLContext()
+            throws GeneralSecurityException, IOException
+    {
+        // Create keystore
+        KeyStore ks = KeyStore.getInstance( "JKS" );
+        InputStream in = null;
+        try
+        {
+            in = BogusSSLContextFactory.class
+                    .getResourceAsStream( BOGUS_KEYSTORE );
+            ks.load( in, BOGUS_PW );
+        }
+        finally
+        {
+            if( in != null )
+            {
+                try
+                {
+                    in.close();
+                }
+                catch( IOException ignored )
+                {
+                }
+            }
+        }
+
+        // Set up key manager factory to use our key store
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance( "SunX509" );
+        kmf.init( ks, BOGUS_PW );
+
+        // Initialize the SSLContext to work with our key managers.
+        SSLContext sslContext = SSLContext.getInstance( PROTOCOL );
+        sslContext.init( kmf.getKeyManagers(),
+                BogusTrustManagerFactory.X509_MANAGERS, null );
+
+        return sslContext;
+    }
+
+    private static SSLContext createBougusClientSSLContext()
+            throws GeneralSecurityException
+    {
+        SSLContext context = SSLContext.getInstance( PROTOCOL );
+        context.init( null, BogusTrustManagerFactory.X509_MANAGERS, null );
+        return context;
+    }
+
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/BogusTrustManagerFactory.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,81 @@
+/*
+ *   @(#) $Id: BogusTrustManagerFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactorySpi;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * Bogus trust manager factory. Creates BogusX509TrustManager
+ *
+ * @author The Apache Directory Project (dev@directory.apache.org)
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (수, 04  1월 2006) $
+ */
+class BogusTrustManagerFactory extends TrustManagerFactorySpi
+{
+
+    static final X509TrustManager X509 = new X509TrustManager()
+    {
+        public void checkClientTrusted( X509Certificate[] x509Certificates,
+                                       String s ) throws CertificateException
+        {
+        }
+
+        public void checkServerTrusted( X509Certificate[] x509Certificates,
+                                       String s ) throws CertificateException
+        {
+        }
+
+        public X509Certificate[] getAcceptedIssuers()
+        {
+            return new X509Certificate[ 0 ];
+        }
+    };
+
+    static final TrustManager[] X509_MANAGERS = new TrustManager[] { X509 };
+
+    public BogusTrustManagerFactory()
+    {
+    }
+
+    protected TrustManager[] engineGetTrustManagers()
+    {
+        return X509_MANAGERS;
+    }
+
+    protected void engineInit( KeyStore keystore ) throws KeyStoreException
+    {
+        // noop
+    }
+
+    protected void engineInit(
+                              ManagerFactoryParameters managerFactoryParameters )
+            throws InvalidAlgorithmParameterException
+    {
+        // noop
+    }
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java?rev=368585&view=auto
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
(added)
+++ directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/java/org/apache/ldap/server/jndi/ssl/support/SSLSocketFactory.java
Thu Jan 12 20:39:18 2006
@@ -0,0 +1,142 @@
+/*
+ *   @(#) $Id: SSLSocketFactory.java 365899 2006-01-04 12:24:30Z trustin $
+ *
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi.ssl.support;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.GeneralSecurityException;
+
+import javax.net.SocketFactory;
+
+/**
+ * Simple Socket factory to create sockets with or without SSL enabled.
+ * If SSL enabled a "bougus" SSL Context is used (suitable for test purposes)
+ * 
+ * @version $Rev: 365899 $, $Date: 2006-01-04 21:24:30 +0900 (수, 04  1월 2006) $
+ */
+public class SSLSocketFactory extends SocketFactory
+{
+    private static boolean sslEnabled = true;
+
+    private static javax.net.ssl.SSLSocketFactory sslFactory = null;
+
+    private static javax.net.SocketFactory factory = null;
+
+    public static SocketFactory getDefault()
+    {
+        return new SSLSocketFactory();
+    }
+
+    public SSLSocketFactory()
+    {
+        super();
+    }
+
+    public Socket createSocket( String arg1, int arg2 ) throws IOException,
+            UnknownHostException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2 );
+        }
+    }
+
+    public Socket createSocket( String arg1, int arg2, InetAddress arg3,
+                               int arg4 ) throws IOException,
+            UnknownHostException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2, arg3, arg4 );
+        }
+    }
+
+    public Socket createSocket( InetAddress arg1, int arg2 )
+            throws IOException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2 );
+        }
+    }
+
+    public Socket createSocket( InetAddress arg1, int arg2, InetAddress arg3,
+                               int arg4 ) throws IOException
+    {
+        if( isSslEnabled() )
+        {
+            return getSSLFactory().createSocket( arg1, arg2, arg3, arg4 );
+        }
+        else
+        {
+            return new Socket( arg1, arg2, arg3, arg4 );
+        }
+    }
+
+    public static javax.net.SocketFactory getSocketFactory()
+    {
+        if( factory == null )
+        {
+            factory = new SSLSocketFactory();
+        }
+        return factory;
+    }
+
+    private javax.net.ssl.SSLSocketFactory getSSLFactory()
+    {
+        if( sslFactory == null )
+        {
+            try
+            {
+                sslFactory = BogusSSLContextFactory.getInstance( false )
+                        .getSocketFactory();
+            }
+            catch( GeneralSecurityException e )
+            {
+                throw new RuntimeException( "could not create SSL socket", e );
+            }
+        }
+        return sslFactory;
+    }
+
+    public static boolean isSslEnabled()
+    {
+        return sslEnabled;
+    }
+
+    public static void setSslEnabled( boolean newSslEnabled )
+    {
+        sslEnabled = newSslEnabled;
+    }
+
+}

Added: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert?rev=368585&view=auto
==============================================================================
Binary file - no diff available.

Propchange: directory/sandbox/trustin/ldaps/apacheds-server-ssl/src/test/resources/bogus.cert
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java?rev=368585&r1=368584&r2=368585&view=diff
==============================================================================
--- directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java
(original)
+++ directory/sandbox/trustin/ldaps/apacheds-server/src/main/java/org/apache/ldap/server/jndi/ServerContextFactory.java
Thu Jan 12 20:39:18 2006
@@ -368,7 +368,7 @@
         try
         {
             chain = ( IoFilterChainBuilder ) Class.forName(
-                    "org.apache.ldap.server.jndi.ssl.support.LdapsInitializer",
+                    "org.apache.ldap.server.jndi.ssl.LdapsInitializer",
                     true,
                     ServerContextFactory.class.getClassLoader() ).getMethod(
                             "init", new Class[] { ServerStartupConfiguration.class } ).invoke(



Mime
View raw message