directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [3/4] directory-kerby git commit: Revert "DIRKRB-398 Fix check style issues in not-yet-commons-ssl module."
Date Wed, 19 Aug 2015 01:23:29 GMT
Revert "DIRKRB-398 Fix check style issues in not-yet-commons-ssl module."

This reverts commit 351eb01fb51375972b8675ce5036d81eecb34684.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/9886af97
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/9886af97
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/9886af97

Branch: refs/heads/pkinit-support
Commit: 9886af9785993858da1530088f400439032e45ed
Parents: 5ec4088
Author: plusplusjiajia <jiajia.li@intel.com>
Authored: Wed Aug 19 09:24:03 2015 +0800
Committer: plusplusjiajia <jiajia.li@intel.com>
Committed: Wed Aug 19 09:24:03 2015 +0800

----------------------------------------------------------------------
 .../apache/commons/ssl/Asn1PkcsStructure.java   |   6 +-
 .../org/apache/commons/ssl/Asn1PkcsUtil.java    |  13 +-
 .../java/org/apache/commons/ssl/CRLSocket.java  |  18 +-
 .../java/org/apache/commons/ssl/CRLUtil.java    |   2 +-
 .../org/apache/commons/ssl/Certificates.java    | 109 ++++------
 .../apache/commons/ssl/ComboInputStream.java    |   5 +-
 .../java/org/apache/commons/ssl/HostPort.java   |   6 +-
 .../apache/commons/ssl/HostnameVerifier.java    |  50 ++---
 .../java/org/apache/commons/ssl/Java14.java     |  32 +--
 .../commons/ssl/Java14TrustManagerWrapper.java  |   6 +-
 .../java/org/apache/commons/ssl/JavaImpl.java   |   2 +-
 .../org/apache/commons/ssl/KeyMaterial.java     |  13 +-
 .../org/apache/commons/ssl/KeyStoreBuilder.java |  67 +++---
 .../java/org/apache/commons/ssl/LDAPSocket.java |  14 +-
 .../java/org/apache/commons/ssl/OpenSSL.java    |  23 +--
 .../org/apache/commons/ssl/PBETestCreate.java   |   6 +-
 .../java/org/apache/commons/ssl/PEMItem.java    |   2 +-
 .../java/org/apache/commons/ssl/PEMUtil.java    |  25 +--
 .../java/org/apache/commons/ssl/PKCS8Key.java   | 206 ++++++++-----------
 .../main/java/org/apache/commons/ssl/Ping.java  | 122 ++++++-----
 .../ssl/ProbablyBadPasswordException.java       |   8 +-
 .../commons/ssl/ProbablyNotPKCS8Exception.java  |   8 +-
 .../main/java/org/apache/commons/ssl/SSL.java   |  41 ++--
 .../java/org/apache/commons/ssl/SSLClient.java  |  97 +++------
 .../org/apache/commons/ssl/SSLEchoServer.java   |  10 +-
 .../org/apache/commons/ssl/SSLProxyServer.java  |  15 +-
 .../java/org/apache/commons/ssl/SSLServer.java  |  87 +++-----
 .../commons/ssl/SSLServerSocketWrapper.java     |  56 ++---
 .../apache/commons/ssl/SSLWrapperFactory.java   |  15 +-
 .../org/apache/commons/ssl/TrustMaterial.java   |  22 +-
 .../main/java/org/apache/commons/ssl/Util.java  |  46 ++---
 .../java/org/apache/commons/ssl/Version.java    |  24 ++-
 .../commons/ssl/util/ByteArrayReadLine.java     |  12 +-
 .../org/apache/commons/ssl/util/ReadLine.java   |  12 +-
 .../org/apache/commons/ssl/JUnitConfig.java     |   3 +-
 .../java/org/apache/commons/ssl/TestBase64.java |  20 +-
 .../apache/commons/ssl/TestCertificates.java    |   3 +
 .../apache/commons/ssl/TestIPAddressParser.java |   7 +-
 .../org/apache/commons/ssl/TestKeyMaterial.java |  18 +-
 .../org/apache/commons/ssl/TestOpenSSL.java     |  15 +-
 .../org/apache/commons/ssl/TestPKCS8Key.java    |  10 +-
 41 files changed, 511 insertions(+), 745 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
index 5e5122f..fc25b51 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
@@ -28,11 +28,7 @@ package org.apache.commons.ssl;
 import org.apache.kerby.asn1.type.Asn1Integer;
 import org.apache.kerby.util.Hex;
 
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
+import java.util.*;
 
 /**
  * @author Credit Union Central of British Columbia

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
index 800a88f..5704d58 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
@@ -26,12 +26,7 @@
 package org.apache.commons.ssl;
 
 import org.apache.kerby.asn1.Asn1InputBuffer;
-import org.apache.kerby.asn1.type.Asn1Collection;
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.asn1.type.Asn1Item;
-import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
-import org.apache.kerby.asn1.type.Asn1OctetString;
-import org.apache.kerby.asn1.type.Asn1Type;
+import org.apache.kerby.asn1.type.*;
 import org.apache.kerby.util.Hex;
 
 import java.io.FileInputStream;
@@ -51,7 +46,7 @@ import java.util.List;
  */
 public class Asn1PkcsUtil {
 
-    public static final BigInteger BIGGEST =
+    public final static BigInteger BIGGEST =
             new BigInteger(Integer.toString(Integer.MAX_VALUE));
 
     public static Asn1PkcsStructure analyze(byte[] asn1)
@@ -78,7 +73,7 @@ public class Asn1PkcsUtil {
 
         List<Asn1Item> items = asn1Coll.getValue();
         for (Asn1Item item : items) {
-            if (!item.isCollection()) {
+            if (! item.isCollection()) {
                 analyze(item.getValue(), pkcs8, depth);
             } else {
                 try {
@@ -138,7 +133,7 @@ public class Asn1PkcsUtil {
                 boolean probablyBinary = false;
                 for (int i = 0; i < len; i++) {
                     byte b = octets[i];
-                    boolean isBinary = !(b >= 0 && b <= 127);
+                    boolean isBinary = !(b >=0 && b <= 127);
                     if (isBinary) {
                         probablyBinary = true;
                         break;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
index 473a7e2..0ef31cc 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
@@ -8,8 +8,8 @@ import java.net.Socket;
 import java.security.GeneralSecurityException;
 
 public final class CRLSocket extends SSLClient {
-    private static final CRLSocket SECURE_INSTANCE;
-    private static final CRLSocket PLAIN_INSTANCE;
+    private final static CRLSocket secureInstance;
+    private final static CRLSocket plainInstance;    
 
     static {
         CRLSocket sf1 = null, sf2 = null;
@@ -17,12 +17,14 @@ public final class CRLSocket extends SSLClient {
             sf1 = new CRLSocket();
             sf2 = new CRLSocket();
             sf2.setIsSecure(false);
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             System.out.println("could not create CRLSocket: " + e);
             e.printStackTrace();
-        } finally {
-            SECURE_INSTANCE = sf1;
-            PLAIN_INSTANCE = sf2;
+        }
+        finally {
+            secureInstance = sf1;
+            plainInstance = sf2;            
         }
     }
 
@@ -47,11 +49,11 @@ public final class CRLSocket extends SSLClient {
     }
 
     public static CRLSocket getSecureInstance() {
-        return SECURE_INSTANCE;
+        return secureInstance;
     }
 
     public static CRLSocket getPlainInstance() {
-        return PLAIN_INSTANCE;
+        return plainInstance;
     }
 
     public static void main(String[] args) throws Exception {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
index bec387e..607a5fe 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
@@ -53,7 +53,7 @@ import java.io.IOException;
  */
 public class CRLUtil {
 
-    public static String getURLToCRL(byte[] extension)
+    public static String getURLToCRL(byte[] extension2_5_29_31)
         throws IOException {
 
         throw new UnsupportedOperationException("not yet implemented");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
index e4b49e4..538ff16 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
@@ -39,47 +39,21 @@ import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
-import javax.net.ssl.HttpsURLConnection;
 import javax.security.auth.x500.X500Principal;
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.lang.reflect.Method;
+
+import javax.net.ssl.HttpsURLConnection;
+import java.io.*;
 import java.math.BigInteger;
-import java.net.HttpURLConnection;
 import java.net.URL;
 import java.net.URLConnection;
+import java.net.HttpURLConnection;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.security.cert.CRL;
-import java.security.cert.CRLException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-import java.security.cert.X509Extension;
+import java.security.cert.*;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Comparator;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.NoSuchElementException;
-import java.util.Set;
+import java.util.*;
+import java.lang.reflect.Method;
 
 /**
  * @author Credit Union Central of British Columbia
@@ -89,29 +63,29 @@ import java.util.Set;
  */
 public class Certificates {
 
-    public static final CertificateFactory CF;
-    public static final String LINE_ENDING = System.getProperty("line.separator");
+    public final static CertificateFactory CF;
+    public final static String LINE_ENDING = System.getProperty("line.separator");
 
-    private static final HashMap CRL_CACHE = new HashMap();
+    private final static HashMap crl_cache = new HashMap();
 
-    public static final String CRL_EXTENSION = "2.5.29.31";
-    public static final String OCSP_EXTENSION = "1.3.6.1.5.5.7.1.1";
-    private static final DateFormat DF = new SimpleDateFormat("yyyy/MMM/dd");
+    public final static String CRL_EXTENSION = "2.5.29.31";
+    public final static String OCSP_EXTENSION = "1.3.6.1.5.5.7.1.1";
+    private final static DateFormat DF = new SimpleDateFormat("yyyy/MMM/dd");
 
     public interface SerializableComparator extends Comparator, Serializable {
     }
 
-    public static final SerializableComparator COMPARE_BY_EXPIRY =
+    public final static SerializableComparator COMPARE_BY_EXPIRY =
         new SerializableComparator() {
             public int compare(Object o1, Object o2) {
                 X509Certificate c1 = (X509Certificate) o1;
                 X509Certificate c2 = (X509Certificate) o2;
-                // this deals with case where both are null
-                if (c1 == c2) {
+                if (c1 == c2) // this deals with case where both are null
+                {
                     return 0;
                 }
-                // non-null is always bigger than null
-                if (c1 == null) {
+                if (c1 == null)  // non-null is always bigger than null
+                {
                     return -1;
                 }
                 if (c2 == null) {
@@ -151,7 +125,8 @@ public class Certificates {
                                     if (c == 0) {
                                         c = b1.length - b2.length;
                                     }
-                                } catch (CertificateEncodingException cee) {
+                                }
+                                catch (CertificateEncodingException cee) {
                                     // I give up.  They can be equal if they
                                     // really want to be this badly.
                                     c = 0;
@@ -168,9 +143,11 @@ public class Certificates {
         CertificateFactory cf = null;
         try {
             cf = CertificateFactory.getInstance("X.509");
-        } catch (CertificateException ce) {
+        }
+        catch (CertificateException ce) {
             ce.printStackTrace(System.out);
-        } finally {
+        }
+        finally {
             CF = cf;
         }
     }
@@ -265,7 +242,8 @@ public class Certificates {
             String s;
             try {
                 s = new String(bytes, "UTF-8");
-            } catch (UnsupportedEncodingException uee) {
+            }
+            catch (UnsupportedEncodingException uee) {
                 // We're screwed if this thing has more than one CRL, because
                 // the "indeOf( (char) 65533 )" below isn't going to work.
                 s = new String(bytes);
@@ -317,16 +295,15 @@ public class Certificates {
         byte[] bytes = cert.getExtensionValue("2.5.29.31");
         if (bytes == null) {
             // log.warn( "Cert doesn't contain X509v3 CRL Distribution Points (2.5.29.31): " + name );
-            System.out.println("Cert doesn't contain X509v3 CRL Distribution Points (2.5.29.31): ");
         } else {
             List crlList = getCRLs(cert);
             Iterator it = crlList.iterator();
             while (it.hasNext()) {
                 String url = (String) it.next();
-                CRLHolder holder = (CRLHolder) CRL_CACHE.get(url);
+                CRLHolder holder = (CRLHolder) crl_cache.get(url);
                 if (holder == null) {
                     holder = new CRLHolder(url);
-                    CRL_CACHE.put(url, holder);
+                    crl_cache.put(url, holder);
                 }
                 // success == false means we couldn't actually load the CRL
                 // (probably due to an IOException), so let's try the next one in
@@ -350,7 +327,8 @@ public class Certificates {
         MessageDigest sha1;
         try {
             sha1 = MessageDigest.getInstance("SHA1");
-        } catch (NoSuchAlgorithmException nsae) {
+        }
+        catch (NoSuchAlgorithmException nsae) {
             throw JavaImpl.newRuntimeException(nsae);
         }
 
@@ -381,9 +359,8 @@ public class Certificates {
             if (now - creationTime > 24 * 60 * 60 * 1000) {
                 // Expire cache every 24 hours
                 if (tempCRLFile != null && tempCRLFile.exists()) {
-                    if (!tempCRLFile.delete()) {
-                        throw new CertificateException("CRLFile:" + tempCRLFile.getPath()
-                            + " can not be deleted");
+                    if(!tempCRLFile.delete()) {
+                        throw new CertificateException("CRLFile:" + tempCRLFile.getPath() + " can not be deleted" );
                     }
                 }
                 tempCRLFile = null;
@@ -440,7 +417,6 @@ public class Certificates {
                             setReadTimeout.invoke(httpConn, Integer.valueOf(5000));
                         } catch (NoSuchMethodException nsme) {
                             // oh well, java 1.4 users can suffer.
-                            nsme.printStackTrace();
                         } catch (Exception e) {
                             throw new RuntimeException("can't set timeout", e);
                         }
@@ -454,16 +430,17 @@ public class Certificates {
                     InputStream in = new BufferedInputStream(urlConn.getInputStream());
                     try {
                         Util.pipeStream(in, out);
-                    } catch (IOException ioe) {
+                    }
+                    catch (IOException ioe) {
                         // better luck next time
                         tempFile.delete();
                         throw ioe;
                     }
                     this.tempCRLFile = tempFile;
                     this.creationTime = System.currentTimeMillis();
-                } catch (IOException ioe) {
+                }
+                catch (IOException ioe) {
                     // log.warn( "Cannot check CRL: " + e );
-                    ioe.printStackTrace();
                 }
             }
 
@@ -483,14 +460,14 @@ public class Certificates {
                     } else {
                         passedTest.add(fingerprint);
                     }
-                } catch (IOException ioe) {
+                }
+                catch (IOException ioe) {
                     // couldn't load CRL that's supposed to be stored in Temp file.
                     // log.warn(  );
-                    ioe.printStackTrace();
-                } catch (CRLException crle) {
+                }
+                catch (CRLException crle) {
                     // something is wrong with the CRL
                     // log.warn(  );
-                    crle.printStackTrace();
                 }
             }
             return crl != null;
@@ -518,9 +495,7 @@ public class Certificates {
                             cnList.add(value.toString());
                         }
                     } catch (NoSuchElementException ignore) {
-                        ignore.printStackTrace();
                     } catch (NamingException ignore) {
-                        ignore.printStackTrace();
                     }
                 }
             }
@@ -528,7 +503,6 @@ public class Certificates {
                 return cnList.toArray(new String[cnList.size()]);
             }
         } catch (InvalidNameException ignore) {
-            ignore.printStackTrace();
         }
         return null;
     }
@@ -552,7 +526,8 @@ public class Certificates {
         Collection c = null;
         try {
             c = cert.getSubjectAlternativeNames();
-        } catch (CertificateParsingException cpe) {
+        }
+        catch (CertificateParsingException cpe) {
             // Should probably log.debug() this?
             cpe.printStackTrace();
         }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
index 83a3077..54d5dde 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
@@ -71,14 +71,15 @@ public class ComboInputStream extends InputStream {
     public void close() throws IOException {
         try {
             head.close();
-        } finally {
+        }
+        finally {
             if (head != tail) {
                 tail.close();
             }
         }
     }
 
-    public int read(byte[] b, int off, int len) throws IOException {
+    public int read(byte b[], int off, int len) throws IOException {
         int c;
         if (headDone) {
             c = tail.read(b, off, len);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
index b39772d..56a8139 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
@@ -31,6 +31,8 @@
 
 package org.apache.commons.ssl;
 
+import org.apache.commons.ssl.util.IPAddressParser;
+
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 
@@ -51,7 +53,5 @@ public class HostPort {
         this.addr = Util.toInetAddress(host);
     }
 
-    public String toString() {
-        return host + ":" + port;
-    }
+    public String toString() { return host + ":" + port; }
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostnameVerifier.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostnameVerifier.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostnameVerifier.java
index 1406926..e68c043 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostnameVerifier.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostnameVerifier.java
@@ -111,7 +111,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
      * as "*.foo.com") with DEFAULT matches all subdomains, including
      * "a.b.foo.com".
      */
-     HostnameVerifier DEFAULT =
+    final static HostnameVerifier DEFAULT =
         new AbstractVerifier() {
             public final void check(final String[] hosts, final String[] cns,
                                     final String[] subjectAlts)
@@ -119,9 +119,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 check(hosts, cns, subjectAlts, false, false);
             }
 
-            public final String toString() {
-                return "DEFAULT";
-            }
+            public final String toString() { return "DEFAULT"; }
         };
 
 
@@ -131,7 +129,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
      * "localhost.localdomain", "127.0.0.1", "::1" will always pass, no matter
      * what is in the server's certificate.
      */
-    HostnameVerifier DEFAULT_AND_LOCALHOST =
+    final static HostnameVerifier DEFAULT_AND_LOCALHOST =
         new AbstractVerifier() {
             public final void check(final String[] hosts, final String[] cns,
                                     final String[] subjectAlts)
@@ -142,9 +140,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 check(hosts, cns, subjectAlts, false, false);
             }
 
-            public final String toString() {
-                return "DEFAULT_AND_LOCALHOST";
-            }
+            public final String toString() { return "DEFAULT_AND_LOCALHOST"; }
         };
 
     /**
@@ -163,7 +159,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
      * level, for example "a.foo.com".  It does not match deeper subdomains
      * such as "a.b.foo.com".
      */
-    HostnameVerifier STRICT =
+    final static HostnameVerifier STRICT =
         new AbstractVerifier() {
             public final void check(final String[] host, final String[] cns,
                                     final String[] subjectAlts)
@@ -171,9 +167,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 check(host, cns, subjectAlts, false, true);
             }
 
-            public final String toString() {
-                return "STRICT";
-            }
+            public final String toString() { return "STRICT"; }
         };
 
     /**
@@ -182,7 +176,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
      * server's certificate, not just the first one.  This behaviour is
      * identical to IE6's behaviour.
      */
-    HostnameVerifier STRICT_IE6 =
+    static HostnameVerifier STRICT_IE6 =
         new AbstractVerifier() {
             public final void check(final String[] host, final String[] cns,
                                     final String[] subjectAlts)
@@ -190,25 +184,21 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 check(host, cns, subjectAlts, true, true);
             }
 
-            public final String toString() {
-                return "STRICT_IE6";
-            }
+            public final String toString() { return "STRICT_IE6"; }
         };
 
     /**
      * The ALLOW_ALL HostnameVerifier essentially turns hostname verification
      * off.  This implementation is a no-op, and never throws the SSLException.
      */
-    HostnameVerifier ALLOW_ALL =
+    final static HostnameVerifier ALLOW_ALL =
         new AbstractVerifier() {
             public final void check(final String[] host, final String[] cns,
                                     final String[] subjectAlts) {
                 // Allow everything - so never blowup.
             }
 
-            public final String toString() {
-                return "ALLOW_ALL";
-            }
+            public final String toString() { return "ALLOW_ALL"; }
         };
 
     abstract class AbstractVerifier implements HostnameVerifier {
@@ -223,11 +213,11 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
          * Looks like we're the only implementation guarding against this.
          * Firefox, Curl, Sun Java 1.4, 5, 6 don't bother with this check.
          */
-        private static final String[] BAD_COUNTRY_2LDS =
+        private final static String[] BAD_COUNTRY_2LDS =
             {"ac", "co", "com", "ed", "edu", "go", "gouv", "gov", "info",
                 "lg", "ne", "net", "or", "org"};
 
-        private static final String[] LOCALHOSTS = {"::1", "127.0.0.1",
+        private final static String[] LOCALHOSTS = {"::1", "127.0.0.1",
             "localhost",
             "localhost.localdomain"};
 
@@ -238,8 +228,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
             Arrays.sort(LOCALHOSTS);
         }
 
-        protected AbstractVerifier() {
-        }
+        protected AbstractVerifier() {}
 
         /**
          * The javax.net.ssl.HostnameVerifier contract.
@@ -254,7 +243,8 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 X509Certificate x509 = (X509Certificate) certs[0];
                 check(new String[]{host}, x509);
                 return true;
-            } catch (SSLException e) {
+            }
+            catch (SSLException e) {
                 return false;
             }
         }
@@ -273,7 +263,7 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
             check(new String[]{host}, cns, subjectAlts);
         }
 
-        public void check(String[] host, SSLSocket ssl)
+        public void check(String host[], SSLSocket ssl)
             throws IOException {
             if (host == null) {
                 throw new NullPointerException("host to verify is null");
@@ -399,10 +389,10 @@ public interface HostnameVerifier extends javax.net.ssl.HostnameVerifier {
                 // The CN better have at least two dots if it wants wildcard
                 // action.  It also can't be [*.co.uk] or [*.co.jp] or
                 // [*.org.uk], etc...
-                boolean doWildcard = cn.startsWith("*.")
-                                     && cn.lastIndexOf('.') >= 0
-                                     && !isIP4Address(cn)
-                                     && acceptableCountryWildcard(cn);
+                boolean doWildcard = cn.startsWith("*.") &&
+                                     cn.lastIndexOf('.') >= 0 &&
+                                     !isIP4Address(cn) &&
+                                     acceptableCountryWildcard(cn);
 
                 for (int i = 0; i < hosts.length; i++) {
                     final String hostName = hosts[i].trim().toLowerCase();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14.java
index d8618ab..6d02e0a 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14.java
@@ -31,6 +31,22 @@
 
 package org.apache.commons.ssl;
 
+import org.apache.commons.ssl.util.IPAddressParser;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import javax.net.SocketFactory;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
@@ -45,19 +61,6 @@ import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.net.ssl.X509KeyManager;
 import javax.net.ssl.X509TrustManager;
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.net.Socket;
-import java.security.KeyManagementException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
 
 
 /**
@@ -72,7 +75,8 @@ public final class Java14 extends JavaImpl {
     private Java14() {
         try {
             SSLSocketFactory.getDefault().createSocket();
-        } catch (IOException ioe) {
+        }
+        catch (IOException ioe) {
             ioe.hashCode();
         }
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14TrustManagerWrapper.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14TrustManagerWrapper.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14TrustManagerWrapper.java
index ac0f6bf..31b4df9 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14TrustManagerWrapper.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Java14TrustManagerWrapper.java
@@ -59,7 +59,8 @@ public class Java14TrustManagerWrapper implements X509TrustManager {
         CertificateException ce = null;
         try {
             trustManager.checkClientTrusted(chain, authType);
-        } catch (CertificateException e) {
+        }
+        catch (CertificateException e) {
             ce = e;
         }
         testShouldWeThrow(ce, chain);
@@ -71,7 +72,8 @@ public class Java14TrustManagerWrapper implements X509TrustManager {
         CertificateException ce = null;
         try {
             trustManager.checkServerTrusted(chain, authType);
-        } catch (CertificateException e) {
+        }
+        catch (CertificateException e) {
             ce = e;
         }
         testShouldWeThrow(ce, chain);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
index efad67e..3cecf33 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/JavaImpl.java
@@ -57,7 +57,7 @@ import java.security.cert.X509Certificate;
  * @since 30-Jun-2006
  */
 public abstract class JavaImpl {
-    private static final JavaImpl HANDLER;
+    private final static JavaImpl HANDLER;
 
     static {
         JavaImpl h = null;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyMaterial.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyMaterial.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyMaterial.java
index 5deafca..ccdd4af 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyMaterial.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyMaterial.java
@@ -195,13 +195,11 @@ public class KeyMaterial extends TrustMaterial {
                         }
                         myChains.add(c);
                     } else {
-                        throw new KeyStoreException("Could not find KeyMaterial's associated"
-                            + "certificate chain with alis=[" + alias + "]");
+                        throw new KeyStoreException("Could not find KeyMaterial's associated certificate chain with alis=[" + alias + "]");
                     }
 
                 } catch (GeneralSecurityException gse) {
                     // oh well, we can't use that KeyStore alias.
-                    gse.printStackTrace();
                 }
             }
         }
@@ -231,10 +229,8 @@ public class KeyMaterial extends TrustMaterial {
 
     public static void main(String[] args) throws Exception {
         if (args.length < 2) {
-            System.out.println(
-                "Usage1:  java org.apache.commons.ssl.KeyMaterial [password] [pkcs12 or jks]");
-            System.out.println(
-                "Usage2:  java org.apache.commons.ssl.KeyMaterial [password] [private-key] [cert-chain]");
+            System.out.println("Usage1:  java org.apache.commons.ssl.KeyMaterial [password] [pkcs12 or jks]");
+            System.out.println("Usage2:  java org.apache.commons.ssl.KeyMaterial [password] [private-key] [cert-chain]");
             System.exit(1);
         }
         char[] jksPass = args[0].toCharArray();
@@ -276,7 +272,8 @@ public class KeyMaterial extends TrustMaterial {
                     buf.append(Certificates.toString(certs[i]));
                     try {
                         buf.append(Certificates.toPEMString(certs[i]));
-                    } catch (CertificateEncodingException cee) {
+                    }
+                    catch (CertificateEncodingException cee) {
                         buf.append(cee.toString());
                         buf.append('\n');
                     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyStoreBuilder.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyStoreBuilder.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyStoreBuilder.java
index b2c7ae4..b2a9dfe 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyStoreBuilder.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/KeyStoreBuilder.java
@@ -34,22 +34,9 @@ package org.apache.commons.ssl;
 import org.apache.kerby.asn1.type.Asn1Integer;
 import org.apache.kerby.asn1.type.Asn1Sequence;
 
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
+import java.io.*;
 import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.UnrecoverableKeyException;
+import java.security.*;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -58,13 +45,7 @@ import java.security.interfaces.DSAParams;
 import java.security.interfaces.DSAPrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPublicKey;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
+import java.util.*;
 
 /**
  * Builds Java Key Store files out of pkcs12 files, or out of pkcs8 files +
@@ -77,7 +58,7 @@ import java.util.List;
  * @since 4-Nov-2006
  */
 public class KeyStoreBuilder {
-    private static final String PKCS7_ENCRYPTED = "1.2.840.113549.1.7.6";
+    private final static String PKCS7_ENCRYPTED = "1.2.840.113549.1.7.6";
 
     public static KeyStore build(byte[] jksOrCerts, char[] password)
         throws IOException, CertificateException, KeyStoreException,
@@ -313,8 +294,8 @@ public class KeyStoreBuilder {
 
     public static BuildResult parse(byte[] stuff, char[] jksPass,
                                     char[] keyPass)
-        throws IOException, CertificateException, KeyStoreException,
-        ProbablyBadPasswordException {
+            throws IOException, CertificateException, KeyStoreException,
+            ProbablyBadPasswordException {
 
         return parse(stuff, jksPass, keyPass, false);
     }
@@ -329,11 +310,12 @@ public class KeyStoreBuilder {
         try {
             PKCS8Key pkcs8Key = new PKCS8Key(stuff, jksPass);
             key = pkcs8Key.getPrivateKey();
-        } catch (ProbablyBadPasswordException pbpe) {
+        }
+        catch (ProbablyBadPasswordException pbpe) {
             throw pbpe;
-        } catch (GeneralSecurityException gse) {
+        }
+        catch (GeneralSecurityException gse) {
             // no luck
-            gse.printStackTrace();
         }
 
         List pemItems = PEMUtil.decode(stuff);
@@ -343,9 +325,9 @@ public class KeyStoreBuilder {
             PEMItem item = (PEMItem) it.next();
             byte[] derBytes = item.getDerBytes();
             String type = item.pemType.trim().toUpperCase();
-            if (type.startsWith("CERT")
-                || type.startsWith("X509")
-                || type.startsWith("PKCS7")) {
+            if (type.startsWith("CERT") ||
+                type.startsWith("X509") ||
+                type.startsWith("PKCS7")) {
                 ByteArrayInputStream in = new ByteArrayInputStream(derBytes);
                 X509Certificate c = (X509Certificate) cf.generateCertificate(in);
                 certificates.add(c);
@@ -370,9 +352,9 @@ public class KeyStoreBuilder {
                 asn1 = Asn1PkcsUtil.analyze(asn1.bigPayload);
                 isProbablyPKCS12 = asn1.oids.contains(PKCS7_ENCRYPTED);
             }
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             // isProbablyPKCS12 and isASN are set properly by now.
-            e.printStackTrace();
         }
 
         ByteArrayInputStream stuffStream = new ByteArrayInputStream(stuff);
@@ -415,9 +397,9 @@ public class KeyStoreBuilder {
                     List chains = Collections.singletonList(chain);
                     return new BuildResult(null, chains, null);
                 }
-            } catch (CertificateException ce) {
+            }
+            catch (CertificateException ce) {
                 // oh well
-                ce.printStackTrace();
             }
 
             stuffStream.reset();
@@ -432,9 +414,9 @@ public class KeyStoreBuilder {
                     List chains = Collections.singletonList(chain);
                     return new BuildResult(null, chains, null);
                 }
-            } catch (CertificateException ce) {
+            }
+            catch (CertificateException ce) {
                 // oh well
-                ce.printStackTrace();
             }
         }
 
@@ -487,7 +469,6 @@ public class KeyStoreBuilder {
                         uke = e;  // We might throw this one later. 
                     } catch (GeneralSecurityException gse) {
                         // Swallow... keep looping.
-                        gse.printStackTrace();
                     }
                 }
                 if (isPKCS12 && en.hasMoreElements()) {
@@ -509,12 +490,15 @@ public class KeyStoreBuilder {
             List keys = Collections.singletonList(key);
             List chains = Collections.singletonList(chain);
             return new BuildResult(keys, chains, jksKeyStore);
-        } catch (ProbablyBadPasswordException pbpe) {
+        }
+        catch (ProbablyBadPasswordException pbpe) {
             throw pbpe;
-        } catch (GeneralSecurityException gse) {
+        }
+        catch (GeneralSecurityException gse) {
             // swallow it, return null
             return null;
-        } catch (IOException ioe) {
+        }
+        catch (IOException ioe) {
             String msg = ioe.getMessage();
             msg = msg != null ? msg.trim().toLowerCase() : "";
             if (isPKCS12) {
@@ -599,7 +583,6 @@ public class KeyStoreBuilder {
                 }
             } catch (Exception e) {
                 // oh well, try next one.
-                e.printStackTrace();
             }
         }
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LDAPSocket.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LDAPSocket.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LDAPSocket.java
index 18e0b0d..67aa2c1 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LDAPSocket.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/LDAPSocket.java
@@ -42,24 +42,26 @@ import java.security.GeneralSecurityException;
  * @since 28-Feb-2006
  */
 public final class LDAPSocket extends SSLClient {
-    private static final LDAPSocket INSTANT;
+    private final static LDAPSocket instance;
 
     static {
         LDAPSocket sf = null;
         try {
             sf = new LDAPSocket();
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             System.out.println("could not create LDAPSocket: " + e);
             e.printStackTrace();
-        } finally {
-            INSTANT = sf;
+        }
+        finally {
+            instance = sf;
         }
     }
 
     private LDAPSocket() throws GeneralSecurityException, IOException {
         super();
 
-        // For now we setup the usual trusst infrastructure, but consumers
+        // For now we setup the usual trust infrastructure, but consumers
         // are encouraged to call getInstance().addTrustMaterial() or
         // getInstance().setTrustMaterial() to customize the trust.
         if (TrustMaterial.JSSE_CACERTS != null) {
@@ -74,7 +76,7 @@ public final class LDAPSocket extends SSLClient {
     }
 
     public static LDAPSocket getInstance() {
-        return INSTANT;
+        return instance;
     }
 
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
index 617722f..2990cda 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/OpenSSL.java
@@ -37,12 +37,7 @@ import org.apache.kerby.util.Hex;
 
 import javax.crypto.Cipher;
 import javax.crypto.CipherInputStream;
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.ByteArrayInputStream;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
+import java.io.*;
 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
@@ -385,12 +380,12 @@ public class OpenSSL {
 
         int keySize = cipherInfo.keySize;
         int ivSize = cipherInfo.ivSize;
-        // Looks like key is in hex
-        if (key.length == keySize / 4) {
+        if (key.length == keySize / 4) // Looks like key is in hex
+        {
             key = Hex.decode(key);
         }
-        // Looks like IV is in hex
-        if (iv.length == ivSize / 4) {
+        if (iv.length == ivSize / 4) // Looks like IV is in hex
+        {
             iv = Hex.decode(iv);
         }
         DerivedKey dk = new DerivedKey(key, iv);
@@ -580,7 +575,8 @@ public class OpenSSL {
                 if (st.hasMoreTokens()) {
                     try {
                         keySize = Integer.parseInt(tok);
-                    } catch (NumberFormatException nfe) {
+                    }
+                    catch (NumberFormatException nfe) {
                         // I guess 2nd token isn't an integer
                         String upper = tok.toUpperCase();
                         if (upper.startsWith("EDE3")) {
@@ -594,7 +590,8 @@ public class OpenSSL {
                 } else {
                     try {
                         keySize = Integer.parseInt(tok);
-                    } catch (NumberFormatException nfe) {
+                    }
+                    catch (NumberFormatException nfe) {
                         // It's the last token, so must be mode (usually "CBC").
                         blockMode = tok.toUpperCase();
                         if (blockMode.startsWith("EDE3")) {
@@ -714,7 +711,7 @@ public class OpenSSL {
         // in = encrypt( args[ 1 ], pwdAsBytes, in, true );
 
         in = new BufferedInputStream(in);
-        BufferedOutputStream bufOut = new BufferedOutputStream(System.out);
+        BufferedOutputStream bufOut = new BufferedOutputStream( System.out );
         Util.pipeStream(in, bufOut, false);
         bufOut.flush();
         System.out.flush();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PBETestCreate.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PBETestCreate.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PBETestCreate.java
index 0c7ad00..f9c2277 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PBETestCreate.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PBETestCreate.java
@@ -57,7 +57,8 @@ public class PBETestCreate {
                 FileOutputStream out = new FileOutputStream(d + fileNameBase64);
                 out.write(base64);
                 out.close();
-            } catch (Exception e) {
+            }
+            catch (Exception e) {
                 System.err.println("FAILURE \t" + cipherPadded + "\t" + fileNameBase64 + "\t" + e);
             }
 
@@ -66,7 +67,8 @@ public class PBETestCreate {
                 FileOutputStream out = new FileOutputStream(d + fileNameRaw);
                 out.write(raw);
                 out.close();
-            } catch (Exception e) {
+            }
+            catch (Exception e) {
                 System.err.println("FAILURE \t" + cipherPadded + "\t" + fileNameRaw + "\t" + e);
             }
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
index 0ef10ff..aa56480 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMItem.java
@@ -45,7 +45,7 @@ import java.util.TreeMap;
  * @since 13-Aug-2006
  */
 public class PEMItem {
-    public static final String DEK_INFO = "dek-info";
+    public final static String DEK_INFO = "dek-info";
 
     private final byte[] derBytes;
     public final String pemType;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
index 5081789..b4b9bc9 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PEMUtil.java
@@ -38,18 +38,11 @@ import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.math.BigInteger;
-import java.security.PublicKey;
-import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPublicKey;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
+import java.security.interfaces.DSAPublicKey;
+import java.security.PublicKey;
+import java.util.*;
 
 /**
  * @author Credit Union Central of British Columbia
@@ -58,10 +51,10 @@ import java.util.Map;
  * @since 13-Aug-2006
  */
 public class PEMUtil {
-    static final String LINE_SEPARATOR = System.getProperty("line.separator");
+    final static String LINE_SEPARATOR = System.getProperty("line.separator");
 
     public static byte[] encode(Collection items) throws IOException {
-        final byte[] lineSeparatorBytes = LINE_SEPARATOR.getBytes("UTF-8");
+        final byte[] LINE_SEPARATOR_BYTES = LINE_SEPARATOR.getBytes("UTF-8");
         ByteArrayOutputStream out = new ByteArrayOutputStream(8192);
         Iterator it = items.iterator();
         while (it.hasNext()) {
@@ -69,7 +62,7 @@ public class PEMUtil {
             out.write("-----BEGIN ".getBytes("UTF-8"));
             out.write(item.pemType.getBytes("UTF-8"));
             out.write("-----".getBytes("UTF-8"));
-            out.write(lineSeparatorBytes);
+            out.write(LINE_SEPARATOR_BYTES);
 
             byte[] derBytes = item.getDerBytes();
             ByteArrayInputStream bin = new ByteArrayInputStream(derBytes);
@@ -77,18 +70,18 @@ public class PEMUtil {
             while (line.length == 48) {
                 byte[] base64Line = Base64.encodeBase64(line);
                 out.write(base64Line);
-                out.write(lineSeparatorBytes);
+                out.write(LINE_SEPARATOR_BYTES);
                 line = Util.streamToBytes(bin, 48);
             }
             if (line.length > 0) {
                 byte[] base64Line = Base64.encodeBase64(line);
                 out.write(base64Line);
-                out.write(lineSeparatorBytes);
+                out.write(LINE_SEPARATOR_BYTES);
             }
             out.write("-----END ".getBytes("UTF-8"));
             out.write(item.pemType.getBytes("UTF-8"));
             out.write("-----".getBytes("UTF-8"));
-            out.write(lineSeparatorBytes);
+            out.write(LINE_SEPARATOR_BYTES);
         }
         return out.toByteArray();
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java
index 66f1228..3ef1876 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/PKCS8Key.java
@@ -31,36 +31,16 @@
 
 package org.apache.commons.ssl;
 
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.asn1.type.Asn1Null;
-import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
-import org.apache.kerby.asn1.type.Asn1OctetString;
-import org.apache.kerby.asn1.type.Asn1Sequence;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.Mac;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
+import org.apache.kerby.asn1.type.*;
+
+import javax.crypto.*;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.RC2ParameterSpec;
 import javax.crypto.spec.RC5ParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
+import java.io.*;
 import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
+import java.security.*;
 import java.security.interfaces.DSAParams;
 import java.security.interfaces.DSAPrivateKey;
 import java.security.interfaces.RSAPrivateCrtKey;
@@ -93,13 +73,13 @@ import java.util.List;
  * @since 7-Nov-2006
  */
 public class PKCS8Key {
-    public static final String RSA_OID = "1.2.840.113549.1.1.1";
-    public static final String DSA_OID = "1.2.840.10040.4.1";
+    public final static String RSA_OID = "1.2.840.113549.1.1.1";
+    public final static String DSA_OID = "1.2.840.10040.4.1";
 
-    public static final String PKCS8_UNENCRYPTED = "PRIVATE KEY";
-    public static final String PKCS8_ENCRYPTED = "ENCRYPTED PRIVATE KEY";
-    public static final String OPENSSL_RSA = "RSA PRIVATE KEY";
-    public static final String OPENSSL_DSA = "DSA PRIVATE KEY";
+    public final static String PKCS8_UNENCRYPTED = "PRIVATE KEY";
+    public final static String PKCS8_ENCRYPTED = "ENCRYPTED PRIVATE KEY";
+    public final static String OPENSSL_RSA = "RSA PRIVATE KEY";
+    public final static String OPENSSL_DSA = "DSA PRIVATE KEY";
 
     private final PrivateKey privateKey;
     private final byte[] decryptedBytes;
@@ -171,8 +151,7 @@ public class PKCS8Key {
                     opensslRSA = opensslRSA || rsa;
                     opensslDSA = opensslDSA || dsa;
                     if (derBytes != null) {
-                        throw new ProbablyNotPKCS8Exception("More than one pkcs8 or OpenSSL key"
-                            + " found in the supplied PEM Base64 stream");
+                        throw new ProbablyNotPKCS8Exception("More than one pkcs8 or OpenSSL key found in the supplied PEM Base64 stream");
                     }
                     derBytes = item.getDerBytes();
                     keyItem = item;
@@ -181,8 +160,7 @@ public class PKCS8Key {
             }
             // after the loop is finished, did we find anything?
             if (derBytes == null) {
-                throw new ProbablyNotPKCS8Exception("No pkcs8 or OpenSSL key found"
-                    + "in the supplied PEM Base64 stream");
+                throw new ProbablyNotPKCS8Exception("No pkcs8 or OpenSSL key found in the supplied PEM Base64 stream");
             }
 
             if (opensslDSA || opensslRSA) {
@@ -207,7 +185,8 @@ public class PKCS8Key {
         Asn1PkcsStructure pkcs8;
         try {
             pkcs8 = Asn1PkcsUtil.analyze(derBytes);
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             throw new ProbablyNotPKCS8Exception("asn1 parse failure: " + e);
         }
 
@@ -241,12 +220,11 @@ public class PKCS8Key {
                 String s = oid.substring("1.2.840.10040.4.".length());
                 // 1.2.840.10040.4.1 -- id-dsa
                 // 1.2.840.10040.4.3 -- id-dsa-with-sha1
-                isOkay = s.equals("1") || s.startsWith("1.")
-                         || s.equals("3") || s.startsWith("3.");
+                isOkay = s.equals("1") || s.startsWith("1.") ||
+                         s.equals("3") || s.startsWith("3.");
             }
             if (!isOkay) {
-                throw new ProbablyNotPKCS8Exception("Valid ASN.1, but not PKCS8 or OpenSSL format."
-                    + " OID=" + oid);
+                throw new ProbablyNotPKCS8Exception("Valid ASN.1, but not PKCS8 or OpenSSL format.  OID=" + oid);
             }
         }
 
@@ -262,9 +240,9 @@ public class PKCS8Key {
         if (encrypted) {
             try {
                 pkcs8 = Asn1PkcsUtil.analyze(decryptedPKCS8);
-            } catch (Exception e) {
-                throw new ProbablyBadPasswordException("Decrypted stream not ASN.1."
-                    + "Probably bad decryption password.");
+            }
+            catch (Exception e) {
+                throw new ProbablyBadPasswordException("Decrypted stream not ASN.1.  Probably bad decryption password.");
             }
             oid = pkcs8.oid1;
             isDSA = DSA_OID.equals(oid);
@@ -274,17 +252,17 @@ public class PKCS8Key {
         String type = "RSA";
         PrivateKey pk;
         try {
-            KeyFactory keyFactory;
+            KeyFactory KF;
             if (isDSA) {
                 type = "DSA";
-                keyFactory = KeyFactory.getInstance("DSA");
+                KF = KeyFactory.getInstance("DSA");
             } else {
-                keyFactory = KeyFactory.getInstance("RSA");
+                KF = KeyFactory.getInstance("RSA");
             }
-            pk = keyFactory.generatePrivate(spec);
-        } catch (Exception e) {
-            throw new ProbablyBadPasswordException("Cannot create " + type
-                + " private key from decrypted stream.  Probably bad decryption password. " + e);
+            pk = KF.generatePrivate(spec);
+        }
+        catch (Exception e) {
+            throw new ProbablyBadPasswordException("Cannot create " + type + " private key from decrypted stream.  Probably bad decryption password. " + e);
         }
         if (pk != null) {
             this.privateKey = pk;
@@ -294,8 +272,7 @@ public class PKCS8Key {
             this.transformation = decryptResult.transformation;
             this.keySize = decryptResult.keySize;
         } else {
-            throw new GeneralSecurityException(
-                "KeyFactory.generatePrivate() returned null and didn't throw exception!");
+            throw new GeneralSecurityException("KeyFactory.generatePrivate() returned null and didn't throw exception!");
         }
     }
 
@@ -331,14 +308,14 @@ public class PKCS8Key {
             BigInteger p = params.getP();
             BigInteger q = params.getQ();
             BigInteger x = dsa.getX();
-            BigInteger y = q.modPow(x, p);
+            BigInteger y = q.modPow( x, p );
             DSAPublicKeySpec dsaKeySpec = new DSAPublicKeySpec(y, p, q, g);
             return KeyFactory.getInstance("DSA").generatePublic(dsaKeySpec);
         } else if (privateKey instanceof RSAPrivateCrtKey) {
             RSAPrivateCrtKey rsa = (RSAPrivateCrtKey) privateKey;
             RSAPublicKeySpec rsaKeySpec = new RSAPublicKeySpec(
-                rsa.getModulus(),
-                rsa.getPublicExponent()
+                    rsa.getModulus(),
+                    rsa.getPublicExponent()
             );
             return KeyFactory.getInstance("RSA").generatePublic(rsaKeySpec);
         } else {
@@ -481,8 +458,8 @@ public class PKCS8Key {
         int ivSize = 0;
 
         String oid = pkcs8.oid1;
-        // PKCS12 key derivation!
-        if (oid.startsWith("1.2.840.113549.1.12.")) {
+        if (oid.startsWith("1.2.840.113549.1.12."))  // PKCS12 key derivation!
+        {
             usePKCS12PasswordPadding = true;
 
             // Let's trim this OID to make life a little easier.
@@ -624,20 +601,22 @@ public class PKCS8Key {
                         pkcs8.iv = null;
                     }
                 }
-            } else if (oid.startsWith("2.16.840.1.101.3.4.1.")) {
-                // AES
-                // 2.16.840.1.101.3.4.1.1  - id-aes128-ECB
-                // 2.16.840.1.101.3.4.1.2  - id-aes128-CBC
-                // 2.16.840.1.101.3.4.1.3  - id-aes128-OFB
-                // 2.16.840.1.101.3.4.1.4  - id-aes128-CFB
-                // 2.16.840.1.101.3.4.1.21 - id-aes192-ECB
-                // 2.16.840.1.101.3.4.1.22 - id-aes192-CBC
-                // 2.16.840.1.101.3.4.1.23 - id-aes192-OFB
-                // 2.16.840.1.101.3.4.1.24 - id-aes192-CFB
-                // 2.16.840.1.101.3.4.1.41 - id-aes256-ECB
-                // 2.16.840.1.101.3.4.1.42 - id-aes256-CBC
-                // 2.16.840.1.101.3.4.1.43 - id-aes256-OFB
-                // 2.16.840.1.101.3.4.1.44 - id-aes256-CFB
+            }
+
+            // AES
+            // 2.16.840.1.101.3.4.1.1  - id-aes128-ECB
+            // 2.16.840.1.101.3.4.1.2  - id-aes128-CBC
+            // 2.16.840.1.101.3.4.1.3  - id-aes128-OFB
+            // 2.16.840.1.101.3.4.1.4  - id-aes128-CFB
+            // 2.16.840.1.101.3.4.1.21 - id-aes192-ECB
+            // 2.16.840.1.101.3.4.1.22 - id-aes192-CBC
+            // 2.16.840.1.101.3.4.1.23 - id-aes192-OFB
+            // 2.16.840.1.101.3.4.1.24 - id-aes192-CFB
+            // 2.16.840.1.101.3.4.1.41 - id-aes256-ECB
+            // 2.16.840.1.101.3.4.1.42 - id-aes256-CBC
+            // 2.16.840.1.101.3.4.1.43 - id-aes256-OFB
+            // 2.16.840.1.101.3.4.1.44 - id-aes256-CFB
+            else if (oid.startsWith("2.16.840.1.101.3.4.1.")) {
                 cipher = "AES";
                 if (pkcs8.iv == null) {
                     ivSize = 128;
@@ -714,8 +693,7 @@ public class PKCS8Key {
         // a cipher or hash at this point, then we don't support the file we
         // were given.
         if (cipher == null || hash == null) {
-            throw new ProbablyNotPKCS8Exception("Unsupported PKCS8 format. oid1=["
-                + pkcs8.oid1 + "], oid2=[" + pkcs8.oid2 + "]");
+            throw new ProbablyNotPKCS8Exception("Unsupported PKCS8 format. oid1=[" + pkcs8.oid1 + "], oid2=[" + pkcs8.oid2 + "]");
         }
 
         // In PKCS8 Version 1.5 we need to derive an 8 byte IV.  In those cases
@@ -752,9 +730,11 @@ public class PKCS8Key {
             }
         }
 
+
         return decrypt(cipher, mode, dk, use2DES, pkcs8.iv, pkcs8.bigPayload);
     }
 
+
     public static DerivedKey deriveKeyV1(byte[] password, byte[] salt,
                                          int iterations, int keySizeInBits,
                                          int ivSizeInBits, MessageDigest md) {
@@ -813,57 +793,57 @@ public class PKCS8Key {
         // sha1, md2, md5 all use 512 bits.  But future hashes might not.
         int v = 512 / 8;
         md.reset();
-        byte[] dD = new byte[v];
+        byte[] D = new byte[v];
         byte[] dKey = new byte[n];
-        for (int i = 0; i != dD.length; i++) {
-            dD[i] = (byte) idByte;
+        for (int i = 0; i != D.length; i++) {
+            D[i] = (byte) idByte;
         }
-        byte[] sS;
+        byte[] S;
         if ((salt != null) && (salt.length != 0)) {
-            sS = new byte[v * ((salt.length + v - 1) / v)];
-            for (int i = 0; i != sS.length; i++) {
-                sS[i] = salt[i % salt.length];
+            S = new byte[v * ((salt.length + v - 1) / v)];
+            for (int i = 0; i != S.length; i++) {
+                S[i] = salt[i % salt.length];
             }
         } else {
-            sS = new byte[0];
+            S = new byte[0];
         }
-        byte[] pP;
+        byte[] P;
         if ((password != null) && (password.length != 0)) {
-            pP = new byte[v * ((password.length + v - 1) / v)];
-            for (int i = 0; i != pP.length; i++) {
-                pP[i] = password[i % password.length];
+            P = new byte[v * ((password.length + v - 1) / v)];
+            for (int i = 0; i != P.length; i++) {
+                P[i] = password[i % password.length];
             }
         } else {
-            pP = new byte[0];
+            P = new byte[0];
         }
-        byte[] iI = new byte[sS.length + pP.length];
-        System.arraycopy(sS, 0, iI, 0, sS.length);
-        System.arraycopy(pP, 0, iI, sS.length, pP.length);
-        byte[] bB = new byte[v];
+        byte[] I = new byte[S.length + P.length];
+        System.arraycopy(S, 0, I, 0, S.length);
+        System.arraycopy(P, 0, I, S.length, P.length);
+        byte[] B = new byte[v];
         int c = (n + u - 1) / u;
         for (int i = 1; i <= c; i++) {
-            md.update(dD);
-            byte[] result = md.digest(iI);
+            md.update(D);
+            byte[] result = md.digest(I);
             for (int j = 1; j != iterationCount; j++) {
                 result = md.digest(result);
             }
-            for (int j = 0; j != bB.length; j++) {
-                bB[j] = result[j % result.length];
+            for (int j = 0; j != B.length; j++) {
+                B[j] = result[j % result.length];
             }
-            for (int j = 0; j < (iI.length / v); j++) {
+            for (int j = 0; j < (I.length / v); j++) {
                 /*
                      * add a + b + 1, returning the result in a. The a value is treated
                      * as a BigInteger of length (b.length * 8) bits. The result is
                      * modulo 2^b.length in case of overflow.
                      */
                 int aOff = j * v;
-                int bLast = bB.length - 1;
-                int x = (bB[bLast] & 0xff) + (iI[aOff + bLast] & 0xff) + 1;
-                iI[aOff + bLast] = (byte) x;
+                int bLast = B.length - 1;
+                int x = (B[bLast] & 0xff) + (I[aOff + bLast] & 0xff) + 1;
+                I[aOff + bLast] = (byte) x;
                 x >>>= 8;
-                for (int k = bB.length - 2; k >= 0; k--) {
-                    x += (bB[k] & 0xff) + (iI[aOff + k] & 0xff);
-                    iI[aOff + k] = (byte) x;
+                for (int k = B.length - 2; k >= 0; k--) {
+                    x += (B[k] & 0xff) + (I[aOff + k] & 0xff);
+                    I[aOff + k] = (byte) x;
                     x >>>= 8;
                 }
             }
@@ -929,7 +909,8 @@ public class PKCS8Key {
             if (pkcs8 == null) {
                 try {
                     pkcs8 = Asn1PkcsUtil.analyze(privateKey);
-                } catch (Exception e) {
+                }
+                catch (Exception e) {
                     throw new RuntimeException("asn1 parse failure " + e);
                 }
             }
@@ -975,12 +956,9 @@ public class PKCS8Key {
     public static void main(String[] args) throws Exception {
         String password = "changeit";
         if (args.length == 0) {
-            System.out.println(
-                "Usage1:  [password] [file:private-key]      Prints decrypted PKCS8 key (base64).");
-            System.out.println(
-                "Usage2:  [password] [file1] [file2] etc...  Checks that all private keys are equal.");
-            System.out.println(
-                "Usage2 assumes that all files can be decrypted with the same password.");
+            System.out.println("Usage1:  [password] [file:private-key]      Prints decrypted PKCS8 key (base64).");
+            System.out.println("Usage2:  [password] [file1] [file2] etc...  Checks that all private keys are equal.");
+            System.out.println("Usage2 assumes that all files can be decrypted with the same password.");
         } else if (args.length == 1 || args.length == 2) {
             FileInputStream in = new FileInputStream(args[args.length - 1]);
             if (args.length == 2) {
@@ -1006,7 +984,8 @@ public class PKCS8Key {
                 PKCS8Key key = null;
                 try {
                     key = new PKCS8Key(bytes, password.toCharArray());
-                } catch (Exception e) {
+                }
+                catch (Exception e) {
                     System.out.println(" FAILED! " + args[i] + " " + e);
                 }
                 if (key != null) {
@@ -1028,16 +1007,13 @@ public class PKCS8Key {
 
                     if (original == null) {
                         original = decrypted;
-                        System.out.println("   SUCCESS    \t" + type + "\t" + transform + "\t"
-                            + keySizeStr + "\t" + args[i]);
+                        System.out.println("   SUCCESS    \t" + type + "\t" + transform + "\t" + keySizeStr + "\t" + args[i]);
                     } else {
                         boolean identical = Arrays.equals(original, decrypted);
                         if (!identical) {
-                            System.out.println("***FAILURE*** \t" + type + "\t" + transform + "\t"
-                                + keySizeStr + "\t" + args[i]);
+                            System.out.println("***FAILURE*** \t" + type + "\t" + transform + "\t" + keySizeStr + "\t" + args[i]);
                         } else {
-                            System.out.println("   SUCCESS    \t" + type + "\t" + transform + "\t"
-                                + keySizeStr + "\t" + args[i]);
+                            System.out.println("   SUCCESS    \t" + type + "\t" + transform + "\t" + keySizeStr + "\t" + args[i]);
                         }
                     }
                 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Ping.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Ping.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Ping.java
index 0eb7a08..2209a37 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Ping.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Ping.java
@@ -54,27 +54,18 @@ import java.util.TreeSet;
  * @since 30-Mar-2006
  */
 public class Ping {
-    protected static SortedSet args = new TreeSet();
-    protected static Map argsMatch = new HashMap();
-    protected static final Arg ARG_TARGET = new Arg("-t", "--target",
-        "[hostname[:port]]              default port=443", true);
-    protected static final Arg ARG_BIND = new Arg("-b", "--bind",
-        "[hostname[:port]]              default port=0 \"ANY\"");
-    protected static final Arg ARG_PROXY = new Arg("-r", "--proxy",
-        "[hostname[:port]]              default port=80");
-    protected static final Arg ARG_TRUST_CERT = new Arg("-tm",
-        "--trust-cert", "[path to trust material]       {pem, der, crt, jks}");
-    protected static final Arg ARG_CLIENT_CERT = new Arg("-km",
-        "--client-cert", "[path to client's private key] {jks, pkcs12, pkcs8}");
-    protected static final Arg ARG_CERT_CHAIN = new Arg("-cc",
-        "--cert-chain", "[path to client's cert chain for pkcs8/OpenSSL key]");
-    protected static final Arg ARG_PASSWORD = new Arg("-p", "--password", "[client cert password]");
-    protected static final Arg ARG_HOST_HEADER = new Arg("-h",
-        "--host-header", "[http-host-header]      in case -t is an IP address");
-    protected static final Arg ARG_PATH = new Arg("-u", "--path",
-        "[path for GET/HEAD request]    default=/");
-    protected static final Arg ARG_METHOD = new Arg("-m", "--method",
-        "[http method to use]           default=HEAD");
+    protected static SortedSet ARGS = new TreeSet();
+    protected static Map ARGS_MATCH = new HashMap();
+    protected final static Arg ARG_TARGET = new Arg("-t", "--target", "[hostname[:port]]              default port=443", true);
+    protected final static Arg ARG_BIND = new Arg("-b", "--bind", "[hostname[:port]]              default port=0 \"ANY\"");
+    protected final static Arg ARG_PROXY = new Arg("-r", "--proxy", "[hostname[:port]]              default port=80");
+    protected final static Arg ARG_TRUST_CERT = new Arg("-tm", "--trust-cert", "[path to trust material]       {pem, der, crt, jks}");
+    protected final static Arg ARG_CLIENT_CERT = new Arg("-km", "--client-cert", "[path to client's private key] {jks, pkcs12, pkcs8}");
+    protected final static Arg ARG_CERT_CHAIN = new Arg("-cc", "--cert-chain", "[path to client's cert chain for pkcs8/OpenSSL key]");
+    protected final static Arg ARG_PASSWORD = new Arg("-p", "--password", "[client cert password]");
+    protected final static Arg ARG_HOST_HEADER = new Arg("-h", "--host-header", "[http-host-header]      in case -t is an IP address");
+    protected final static Arg ARG_PATH = new Arg("-u", "--path", "[path for GET/HEAD request]    default=/");
+    protected final static Arg ARG_METHOD = new Arg("-m", "--method", "[http method to use]           default=HEAD");
 
     private static HostPort target;
     private static HostPort local;
@@ -92,37 +83,8 @@ public class Ping {
     private static TrustChain trustChain = null;
 
     static {
-        args = Collections.unmodifiableSortedSet(args);
-        argsMatch = Collections.unmodifiableMap(argsMatch);
-    }
-
-    public static void printUsage(Exception parseException) {
-        if (parseException != null) {
-            System.out.println();
-            System.out.println("* Error: " + parseException.getMessage() + ".");
-            parseException.printStackTrace(System.out);
-            System.out.println();
-        }
-        System.out.println("Usage:  java -jar not-yet-commons-ssl-" + Version.VERSION + ".jar [options]");
-        System.out.println(Version.versionString());
-        System.out.println("Options:   (*=required)");
-        Iterator it = Ping.args.iterator();
-        while (it.hasNext()) {
-            Arg a = (Arg) it.next();
-            String s = Util.pad(a.shortArg, 3, false);
-            String l = Util.pad(a.longArg, 18, false);
-            String required = a.isRequired ? "*" : " ";
-            String d = a.description;
-            System.out.println(required + "  " + s + " " + l + " " + d);
-        }
-        System.out.println();
-        String example = "java -jar commons-ssl.jar -t host.com:443 -c ./client.pfx -p `cat ./pass.txt` ";
-        System.out.println("Example:");
-        System.out.println();
-        System.out.println(example);
-        System.out.println();
-        System.exit(1);
-        return;
+        ARGS = Collections.unmodifiableSortedSet(ARGS);
+        ARGS_MATCH = Collections.unmodifiableMap(ARGS_MATCH);
     }
 
     public static void main(String[] args) throws Exception {
@@ -131,13 +93,39 @@ public class Ping {
         if (!showUsage) {
             try {
                 parseArgs(args);
-            } catch (Exception e) {
+            }
+            catch (Exception e) {
                 parseException = e;
                 showUsage = true;
             }
         }
         if (showUsage) {
-            printUsage(parseException);
+            if (parseException != null) {
+                System.out.println();
+                System.out.println("* Error: " + parseException.getMessage() + ".");
+                parseException.printStackTrace(System.out);
+                System.out.println();
+            }
+            System.out.println("Usage:  java -jar not-yet-commons-ssl-" + Version.VERSION + ".jar [options]");
+            System.out.println(Version.versionString());
+            System.out.println("Options:   (*=required)");
+            Iterator it = ARGS.iterator();
+            while (it.hasNext()) {
+                Arg a = (Arg) it.next();
+                String s = Util.pad(a.shortArg, 3, false);
+                String l = Util.pad(a.longArg, 18, false);
+                String required = a.isRequired ? "*" : " ";
+                String d = a.description;
+                System.out.println(required + "  " + s + " " + l + " " + d);
+            }
+            System.out.println();
+            String example = "java -jar commons-ssl.jar -t host.com:443 -c ./client.pfx -p `cat ./pass.txt` ";
+            System.out.println("Example:");
+            System.out.println();
+            System.out.println(example);
+            System.out.println();
+            System.exit(1);
+            return;
         }
 
         SSLClient ssl = new SSLClient();
@@ -267,14 +255,16 @@ public class Ping {
                         break;
                     }
                 }
-            } catch (Exception e) {
+            }
+            catch (Exception e) {
                 socketException = e;
             }
             trustException = testTrust(ssl, sslCipher, trustChain);
             hostnameException = testHostname(ssl);
             crlException = testCRL(ssl);
             expiryException = testExpiry(ssl);
-        } finally {
+        }
+        finally {
             if (out != null) {
                 out.close();
             }
@@ -343,7 +333,8 @@ public class Ping {
                     JavaImpl.testTrust(trustManagers[i], chain, authType);
                 }
             }
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             return e;
         }
         return null;
@@ -356,7 +347,8 @@ public class Ping {
                 String hostName = target.host;
                 HostnameVerifier.DEFAULT.check(hostName, chain[0]);
             }
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             return e;
         }
         return null;
@@ -370,7 +362,8 @@ public class Ping {
                     Certificates.checkCRL(chain[i]);
                 }
             }
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             return e;
         }
         return null;
@@ -384,7 +377,8 @@ public class Ping {
                     chain[i].checkValidity();
                 }
             }
-        } catch (Exception e) {
+        }
+        catch (Exception e) {
             return e;
         }
         return null;
@@ -407,13 +401,13 @@ public class Ping {
             this.shortArg = s;
             this.longArg = l;
             this.description = d;
-            this.id = args.size();
-            args.add(this);
+            this.id = ARGS.size();
+            ARGS.add(this);
             if (s != null && s.length() >= 2) {
-                argsMatch.put(s, this);
+                ARGS_MATCH.put(s, this);
             }
             if (l != null && l.length() >= 3) {
-                argsMatch.put(l, this);
+                ARGS_MATCH.put(l, this);
             }
         }
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyBadPasswordException.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyBadPasswordException.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyBadPasswordException.java
index 3de66c5..34302ba 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyBadPasswordException.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyBadPasswordException.java
@@ -40,13 +40,9 @@ import java.security.GeneralSecurityException;
  * @since 16-Nov-2005
  */
 public class ProbablyBadPasswordException extends GeneralSecurityException {
-    public ProbablyBadPasswordException() {
-        super();
-    }
+    public ProbablyBadPasswordException() { super(); }
 
-    public ProbablyBadPasswordException(String s) {
-        super(s);
-    }
+    public ProbablyBadPasswordException(String s) { super(s); }
 
     // Need to wait for Java 5.0 !
     // public ProbablyBadPasswordException( Throwable t ) { super( t ); }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyNotPKCS8Exception.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyNotPKCS8Exception.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyNotPKCS8Exception.java
index d8a0f8e..3c03c97 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyNotPKCS8Exception.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ProbablyNotPKCS8Exception.java
@@ -40,13 +40,9 @@ import java.security.GeneralSecurityException;
  * @since 16-Nov-2005
  */
 public class ProbablyNotPKCS8Exception extends GeneralSecurityException {
-    public ProbablyNotPKCS8Exception() {
-        super();
-    }
+    public ProbablyNotPKCS8Exception() { super(); }
 
-    public ProbablyNotPKCS8Exception(String s) {
-        super(s);
-    }
+    public ProbablyNotPKCS8Exception(String s) { super(s); }
 
     // Need to wait for Java 5.0 !
     // public ProbablyNotPKCS8Exception( Throwable t ) { super( t ); }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/9886af97/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
index 7d3940c..c1d5ff5 100644
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
+++ b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/SSL.java
@@ -32,30 +32,20 @@
 package org.apache.commons.ssl;
 
 import javax.net.SocketFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.*;
 import java.io.File;
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
+import java.net.UnknownHostException;
 import java.security.GeneralSecurityException;
 import java.security.KeyManagementException;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.SortedSet;
-import java.util.TreeSet;
+import java.util.*;
 
 /**
  * Not thread-safe.  (But who would ever share this thing across multiple
@@ -67,14 +57,14 @@ import java.util.TreeSet;
  * @since May 1, 2006
  */
 public class SSL {
-    private static final String[] KNOWN_PROTOCOLS =
+    private final static String[] KNOWN_PROTOCOLS =
             {"TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3", "SSLv2", "SSLv2Hello"};
 
     // SUPPORTED_CIPHERS_ARRAY is initialized in the static constructor.
-    private static final String[] SUPPORTED_CIPHERS;
+    private final static String[] SUPPORTED_CIPHERS;
 
-    public static final SortedSet KNOWN_PROTOCOLS_SET;
-    public static final SortedSet SUPPORTED_CIPHERS_SET;
+    public final static SortedSet KNOWN_PROTOCOLS_SET;
+    public final static SortedSet SUPPORTED_CIPHERS_SET;
 
     static {
         TreeSet<String> ts = new TreeSet<String>(Collections.reverseOrder());
@@ -147,7 +137,8 @@ public class SSL {
                 TrustMaterial tm;
                 try {
                     tm = new TrustMaterial(path, pwd.toCharArray());
-                } catch (GeneralSecurityException gse) {
+                }
+                catch (GeneralSecurityException gse) {
                     // Probably a bad password.  If we're using the default password,
                     // let's try and survive this setback.
                     if (pwdWasNull) {
@@ -224,7 +215,9 @@ public class SSL {
     }
 
     public SSLContext getSSLContext()
-            throws GeneralSecurityException, IOException {
+            throws GeneralSecurityException, IOException
+
+    {
         Object obj = getSSLContextAsObject();
         return (SSLContext) obj;
     }
@@ -236,7 +229,9 @@ public class SSL {
      * @throws java.io.IOException              problem creating SSLContext
      */
     public Object getSSLContextAsObject()
-            throws GeneralSecurityException, IOException {
+            throws GeneralSecurityException, IOException
+
+    {
         if (sslContext == null) {
             init();
         }
@@ -400,9 +395,11 @@ public class SSL {
     private void initThrowRuntime() {
         try {
             init();
-        } catch (GeneralSecurityException gse) {
+        }
+        catch (GeneralSecurityException gse) {
             throw JavaImpl.newRuntimeException(gse);
-        } catch (IOException ioe) {
+        }
+        catch (IOException ioe) {
             throw JavaImpl.newRuntimeException(ioe);
         }
     }


Mime
View raw message