directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject [35/36] directory-kerby git commit: Moved the source codes of not-so-commons-ssl into kerby-pkix module and cleaned up accordingly
Date Sun, 13 Dec 2015 02:02:26 GMT
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/LICENSE.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/LICENSE.txt b/3rdparty/not-yet-commons-ssl/LICENSE.txt
deleted file mode 100644
index 2bb9ad2..0000000
--- a/3rdparty/not-yet-commons-ssl/LICENSE.txt
+++ /dev/null
@@ -1,176 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/NOTICE.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/NOTICE.txt b/3rdparty/not-yet-commons-ssl/NOTICE.txt
deleted file mode 100644
index 2807f75..0000000
--- a/3rdparty/not-yet-commons-ssl/NOTICE.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-This product includes software developed by
-The Apache Software Foundation (http://www.apache.org/).
-
-The PKCS12 key derivation function was developed by BouncyCastle
-(bouncycastle.org).  (Look for the "pkcs12()" method inside PKCS8.java).
-
-Some of this software was originally developed by
-Credit Union Central of British Columbia (http://www.cucbc.com/).
-The CUCBC code was licensed to the Apache Software Foundation on
-August 23rd, 2006.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/README.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/README.txt b/3rdparty/not-yet-commons-ssl/README.txt
deleted file mode 100644
index 365bf3d..0000000
--- a/3rdparty/not-yet-commons-ssl/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-This module is adapted from not-yet-commons-ssl library, with much simplified, only focusing on PKI and SSL related.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/build.xml
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/build.xml b/3rdparty/not-yet-commons-ssl/build.xml
deleted file mode 100644
index 580aa84..0000000
--- a/3rdparty/not-yet-commons-ssl/build.xml
+++ /dev/null
@@ -1,166 +0,0 @@
-<!--
-    $ ant -p
-    Buildfile: build.xml
-
-    Main targets:
-
-    clean     Deletes class files and other generated files.
-    jar       Jars compiled java class files.
-    javac     Compiles java source code.
-    javadocs  Generates javadocs.
-
-    Default target: jar
--->
-<project name="not-yet-commons-ssl" default="jar" basedir=".">
-
-  <property name="src" location="src/main/java"/>
-  <property name="build" location="./build"/>
-  <property name="lib" location="./lib"/>
-  <property name="classes" value="${build}/classes"/>
-  <property name="jar-file" value="${ant.project.name}.jar"/>
-  <property name="javadocs" value="${build}/javadocs"/>
-  <property name="rmic.includes" value="**/*RMI.class"/>
-
-  <property name="test-src" location="./src/test"/>
-  <property name="test-classes" value="${build}/test-classes"/>
-  <property name="test-jar-file" value="${ant.project.name}-tests.jar"/>
-  <property name="test.report.dir" value="${build}/test-report"/>   
-
-  <path id="compile-classpath">
-    <fileset dir="lib">
-      <include name="*.jar"/>
-    </fileset>
-    <pathelement location="."/>    
-    <pathelement location="${classes}"/>
-    <pathelement location="${test-classes}"/>            
-  </path>
-
-  <target name="test-jar" depends="jar">
-    <mkdir dir="${test-classes}"/>
-    <javac
-      includeAntRuntime="false"
-      destdir="${test-classes}"
-      debug="true"
-      optimize="false"
-      srcdir="${test-src}"
-    >
-      <classpath refid="compile-classpath"/>
-    </javac>
-    <copy todir="${test-classes}">
-      <fileset dir="${test-src}" excludes="**/*.java"/>
-    </copy>
-    <jar
-      basedir="${test-classes}"
-      destfile="${build}/${test-jar-file}"
-      index="true"
-      whenempty="create"
-    />      
-  </target>
-
-  <target name="test" depends="test-jar">
-      <mkdir dir="${test.report.dir}"/>
-      <junit printsummary="on" haltonfailure="false" errorProperty="junit.failed"
-        failureProperty="junit.failed" fork="on" forkMode="perBatch"
-        timeout="600000" showoutput="on">
-        <syspropertyset><propertyref builtin="commandline"/></syspropertyset>
-        <formatter type="xml"/>
-        <classpath refid="compile-classpath"/>
-        <batchtest todir="${test.report.dir}">
-          <fileset dir="${test-src}" includes="**/Test*.java"/>
-        </batchtest>
-      </junit>
-      <junitreport todir="${test.report.dir}">
-        <fileset dir="${test.report.dir}">
-          <include name="TEST-*.xml"/>
-        </fileset>
-        <report todir="${test.report.dir}"/>
-      </junitreport>
-      <fail message="JUnit tests failed." if="test.failed"/>
-  </target>
-
-  <target name="init">
-    <echo>${ant.version}</echo>
-    <echo>Java version: ${java.version}</echo>
-    <tstamp>
-      <format property="date" pattern="zzz:yyyy-MM-dd/HH:mm:ss" locale="en"/>
-    </tstamp>
-    <mkdir dir="${build}"/>
-  </target>
-
-  <target name="javac" depends="init" description="Compiles java source code.">
-    <mkdir dir="${classes}"/>
-    <javac
-      compiler="extJavac"
-      includeAntRuntime="false"
-      destdir="${classes}"
-      debug="true"
-      optimize="false"
-      srcdir="${src}"
-    >
-      <classpath refid="compile-classpath"/>
-    </javac>
-    <copy todir="${classes}">
-      <fileset dir="${src}" excludes="**/*.java"/>
-    </copy>
-  </target>
-
-  <target name="rmic" depends="javac" description="Rmics java class files named &quot;*RMI.class&quot;.">                   
-    <rmic
-      base="${classes}"
-      includes="${rmic.includes}"
-      classpathref="compile-classpath"
-    />
-  </target>
-
-  <target name="jar" depends="rmic" description="Jars compiled java class files.">
-    <jar
-      basedir="${classes}"
-      destfile="${build}/${jar-file}"
-      index="true"
-      duplicate="fail"
-    >
-      <manifest>
-        <attribute name="Built-By" value="Julius Davies"/>
-        <attribute name="Created-By" value="Julius Davies"/>
-        <attribute name="Main-Class" value="org.apache.commons.ssl.Ping"/>
-      </manifest>
-     </jar>
-  </target>
-
-  <!-- Alias for "javadocs". -->
-  <target name="javadoc" depends="javadocs"/>
-
-  <target name="javadocs" depends="init" description="Generates javadocs.">
-    <mkdir dir="${javadocs}"/>
-      <javadoc
-        sourcepath="${src}"
-        destdir="${javadocs}"
-        packagenames="*"
-        classpathref="compile-classpath"
-        access="private"
-        source="yes"
-        linksource="yes"
-      >
-        <link href="http://java.sun.com/j2se/1.5.0/docs/api/"/>
-        <link href="http://java.sun.com/j2ee/1.4/docs/api/"/>
-        <link href="http://jakarta.apache.org/commons/httpclient/apidocs/"/>
-      </javadoc>
-  </target>
-
-  <target name="clean" description="Deletes class files and other generated files.">
-    <delete dir="${build}"/>
-  </target>
-
-  <target name="all" depends="clean,jar"/>
-
-  <target name="classpath" depends="cp"/>
-
-  <target name='cp' depends='jar' description='Generates classpath.sh file'>
-    <property name='classdump' refid='compile-classpath'/>
-    <echo file='classpath.sh'>export CLASSPATH=${classdump}
-</echo>
-    <echo>Created classpath.sh file.</echo>
-  </target>
-
-
-</project>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/pom.xml
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/pom.xml b/3rdparty/not-yet-commons-ssl/pom.xml
deleted file mode 100644
index 401aaf3..0000000
--- a/3rdparty/not-yet-commons-ssl/pom.xml
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xmlns="http://maven.apache.org/POM/4.0.0"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-  <parent>
-    <groupId>org.apache.kerby</groupId>
-    <artifactId>3rdparty</artifactId>
-    <version>1.0.0-RC2-SNAPSHOT</version>
-  </parent>
-  <modelVersion>4.0.0</modelVersion>
-
-  <artifactId>not-yet-commons-ssl</artifactId>
-
-  <build>
-    <plugins>
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-surefire-plugin</artifactId>
-        <version>2.18.1</version>
-        <configuration>
-          <skipTests>true</skipTests>
-        </configuration>
-      </plugin>
-    </plugins>
-  </build>
-
-  <profiles>
-    <profile>
-      <id>runTests</id>
-      <activation>
-        <property>
-          <name>runTests</name>
-          <value>true</value>
-        </property>
-      </activation>
-      <build>
-        <plugins>
-          <plugin>
-            <groupId>org.apache.maven.plugins</groupId>
-            <artifactId>maven-surefire-plugin</artifactId>
-            <version>2.18.1</version>
-            <configuration>
-              <skipTests>false</skipTests>
-            </configuration>
-          </plugin>
-        </plugins>
-      </build>
-    </profile>
-  </profiles>
-
-  <dependencies>
-    <dependency>
-      <groupId>org.apache.kerby</groupId>
-      <artifactId>kerby-asn1</artifactId>
-      <version>${project.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.apache.kerby</groupId>
-      <artifactId>kerby-util</artifactId>
-      <version>${project.version}</version>
-    </dependency>
-    <dependency>
-      <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-ext-jdk15on</artifactId>
-      <version>1.52</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>org.mockito</groupId>
-      <artifactId>mockito-all</artifactId>
-      <version>1.9.5</version>
-      <scope>test</scope>
-    </dependency>
-    <dependency>
-      <groupId>junit</groupId>
-      <artifactId>junit</artifactId>
-      <version>${junit.version}</version>
-    </dependency>
-  </dependencies>
-
-</project>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
deleted file mode 100644
index 5e5122f..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsStructure.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.util.Hex;
-
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 16-Nov-2005
- */
-
-/**
- * Adapted from not-yet-commons-ssl ASN1Structure
- */
-class Asn1PkcsStructure {
-    List<Asn1Integer> derIntegers = new LinkedList<Asn1Integer>();
-    Set oids = new TreeSet();
-    String oid1;
-    String oid2;
-    String oid3;
-    byte[] salt;
-    byte[] iv;
-    int iterationCount;
-    int keySize;
-    byte[] bigPayload;
-    byte[] smallPayload;
-
-    public String toString() {
-        StringBuffer buf = new StringBuffer(256);
-        buf.append("------ ASN.1 PKCS Structure ------");
-        buf.append("\noid1:    ");
-        buf.append(oid1);
-        if (oid2 != null) {
-            buf.append("\noid2:    ");
-            buf.append(oid2);
-        }
-        buf.append("\nsalt:   ");
-        if (salt != null) {
-            buf.append(Hex.encode(salt));
-        } else {
-            buf.append("[null]");
-        }
-        buf.append("\nic:      ");
-        buf.append(Integer.toString(iterationCount));
-        if (keySize != 0) {
-            buf.append("\nkeySize: ");
-            buf.append(Integer.toString(keySize * 8));
-        }
-        if (oid2 != null) {
-            buf.append("\noid3:    ");
-            buf.append(oid3);
-        }
-        if (oid2 != null) {
-            buf.append("\niv:      ");
-            if (iv != null) {
-                buf.append(Hex.encode(iv));
-            } else {
-                buf.append("[null]");
-            }
-        }
-        if (bigPayload != null) {
-            buf.append("\nbigPayload-length:   ");
-            buf.append(bigPayload.length);
-        }
-        if (smallPayload != null) {
-            buf.append("\nsmallPayload-length: ");
-            buf.append(smallPayload.length);
-        }
-        if (!oids.isEmpty()) {
-            Iterator it = oids.iterator();
-            buf.append("\nAll oids:");
-            while (it.hasNext()) {
-                buf.append("\n");
-                buf.append((String) it.next());
-            }
-        }
-        return buf.toString();
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
deleted file mode 100644
index d4b0464..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Asn1PkcsUtil.java
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import org.apache.kerby.asn1.Asn1;
-import org.apache.kerby.asn1.type.Asn1Collection;
-import org.apache.kerby.asn1.type.Asn1Encodeable;
-import org.apache.kerby.asn1.type.Asn1Integer;
-import org.apache.kerby.asn1.type.Asn1ObjectIdentifier;
-import org.apache.kerby.asn1.type.Asn1OctetString;
-import org.apache.kerby.asn1.type.Asn1Type;
-import org.apache.kerby.util.Hex;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.List;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 16-Nov-2005
- */
-
-/**
- * Adapted from ASN1Util in not-yet-commons-ssl
- */
-public class Asn1PkcsUtil {
-
-    public static final BigInteger BIGGEST =
-            new BigInteger(Integer.toString(Integer.MAX_VALUE));
-
-    public static Asn1PkcsStructure analyze(byte[] asn1)
-            throws IOException {
-
-        Asn1.dump(asn1, true);
-        Asn1Type aObj = Asn1.decode(asn1);
-        Asn1.dump(aObj);
-
-        Asn1PkcsStructure pkcs8 = new Asn1PkcsStructure();
-        if (aObj instanceof Asn1Collection) {
-            Asn1PkcsUtil.analyze(((Asn1Collection) aObj), pkcs8, 0);
-        } else {
-            Asn1PkcsUtil.analyze(aObj, pkcs8, 0);
-        }
-
-        return pkcs8;
-    }
-
-    public static void analyze(Asn1Collection asn1Coll,
-                               Asn1PkcsStructure pkcs8, int depth) {
-        if (depth >= 2) {
-            pkcs8.derIntegers = null;
-        }
-
-        List<Asn1Type> items = asn1Coll.getValue();
-        for (Asn1Type item : items) {
-            Asn1Encodeable aObj = (Asn1Encodeable) item;
-            if (!aObj.isCollection()) {
-                analyze(item, pkcs8, depth);
-            } else {
-                analyze((Asn1Collection) aObj, pkcs8, depth + 1);
-            }
-        }
-    }
-
-    public static void analyze(Asn1Type obj,
-                               Asn1PkcsStructure pkcs8, int depth) {
-
-        String tag = null;
-        if (depth >= 2) {
-            pkcs8.derIntegers = null;
-        }
-
-        String str = obj.toString();
-        String name = obj.getClass().getName();
-        name = name.substring(name.lastIndexOf('.') + 1);
-        if (tag != null) {
-            name = " [tag=" + tag + "] " + name;
-        }
-        for (int i = 0; i < depth; i++) {
-            name = "  " + name;
-        }
-
-        if (obj instanceof Asn1Integer) {
-            Asn1Integer dInt = (Asn1Integer) obj;
-            if (pkcs8.derIntegers != null) {
-                pkcs8.derIntegers.add(dInt);
-            }
-            BigInteger big = dInt.getValue();
-            int intValue = big.intValue();
-            if (BIGGEST.compareTo(big) >= 0 && intValue > 0) {
-                if (pkcs8.iterationCount == 0) {
-                    pkcs8.iterationCount = intValue;
-                } else if (pkcs8.keySize == 0) {
-                    pkcs8.keySize = intValue;
-                }
-            }
-        } else if (obj instanceof Asn1ObjectIdentifier) {
-            Asn1ObjectIdentifier id = (Asn1ObjectIdentifier) obj;
-            str = id.getValue();
-            pkcs8.oids.add(str);
-            if (pkcs8.oid1 == null) {
-                pkcs8.oid1 = str;
-            } else if (pkcs8.oid2 == null) {
-                pkcs8.oid2 = str;
-            } else if (pkcs8.oid3 == null) {
-                pkcs8.oid3 = str;
-            }
-        } else {
-            pkcs8.derIntegers = null;
-            if (obj instanceof Asn1OctetString) {
-                Asn1OctetString oct = (Asn1OctetString) obj;
-                byte[] octets = oct.getValue();
-                int len = Math.min(10, octets.length);
-                boolean probablyBinary = false;
-                for (int i = 0; i < len; i++) {
-                    byte b = octets[i];
-                    boolean isBinary = b > 128 || b < 0;
-                    if (isBinary) {
-                        probablyBinary = true;
-                        break;
-                    }
-                }
-                if (probablyBinary && octets.length > 64) {
-                    if (pkcs8.bigPayload == null) {
-                        pkcs8.bigPayload = octets;
-                    }
-                } else {
-                    str = Hex.encode(octets);
-                    if (octets.length <= 64) {
-                        if (octets.length % 8 == 0) {
-                            if (pkcs8.salt == null) {
-                                pkcs8.salt = octets;
-                            } else if (pkcs8.iv == null) {
-                                pkcs8.iv = octets;
-                            }
-                        } else {
-                            if (pkcs8.smallPayload == null) {
-                                pkcs8.smallPayload = octets;
-                            }
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    public static void main(String[] args) throws Exception {
-        FileInputStream in = new FileInputStream(args[0]);
-        byte[] bytes = Util.streamToBytes(in);
-        List list = PEMUtil.decode(bytes);
-        if (!list.isEmpty()) {
-            bytes = ((PEMItem) list.get(0)).getDerBytes();
-        }
-
-        Asn1PkcsStructure asn1 = analyze(bytes);
-        while (asn1.bigPayload != null) {
-            System.out.println("------------------------------------------");
-            System.out.println(asn1);
-            System.out.println("------------------------------------------");
-            asn1 = analyze(asn1.bigPayload);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
deleted file mode 100644
index 473a7e2..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLSocket.java
+++ /dev/null
@@ -1,98 +0,0 @@
-package org.apache.commons.ssl;
-
-import javax.net.SocketFactory;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.Socket;
-import java.security.GeneralSecurityException;
-
-public final class CRLSocket extends SSLClient {
-    private static final CRLSocket SECURE_INSTANCE;
-    private static final CRLSocket PLAIN_INSTANCE;
-
-    static {
-        CRLSocket sf1 = null, sf2 = null;
-        try {
-            sf1 = new CRLSocket();
-            sf2 = new CRLSocket();
-            sf2.setIsSecure(false);
-        } catch (Exception e) {
-            System.out.println("could not create CRLSocket: " + e);
-            e.printStackTrace();
-        } finally {
-            SECURE_INSTANCE = sf1;
-            PLAIN_INSTANCE = sf2;
-        }
-    }
-
-    private CRLSocket() throws GeneralSecurityException, IOException {
-        super();
-
-        // For now we setup the usual trust infrastructure, but consumers
-        // are encouraged to call getInstance().addTrustMaterial() or
-        // getInstance().setTrustMaterial() to customize the trust.
-        if (TrustMaterial.JSSE_CACERTS != null) {
-            setTrustMaterial(TrustMaterial.JSSE_CACERTS);
-        } else {
-            setTrustMaterial(TrustMaterial.CACERTS);
-        }
-        setConnectTimeout(5000);
-        setSoTimeout(5000);
-        setCheckCRL(false);
-    }
-
-    public static SocketFactory getDefault() {
-        return getSecureInstance();
-    }
-
-    public static CRLSocket getSecureInstance() {
-        return SECURE_INSTANCE;
-    }
-
-    public static CRLSocket getPlainInstance() {
-        return PLAIN_INSTANCE;
-    }
-
-    public static void main(String[] args) throws Exception {
-        String host = args[0];
-        String port = args[1];
-        String hello
-                = "HEAD / HTTP/1.1\r\n"
-                + "Host:" + host + ":" + port + "\r\n\r\n";
-        byte[] helloBytes = hello.getBytes("UTF-8");
-
-        System.out.println("About to getInstance() ");
-        CRLSocket sf = getPlainInstance();
-        long now = System.currentTimeMillis();
-        System.out.println("About to create socket: [" + host + ":" + port + "]");
-        Socket s = sf.createSocket(host, Integer.parseInt(port));
-        long delay = System.currentTimeMillis() - now;
-        System.out.println("Created socket! took " + delay + "ms ");
-        OutputStream out = s.getOutputStream();
-        out.write(helloBytes);
-        out.flush();
-
-        System.out.println("\n" + new String(helloBytes, "UTF-8"));
-
-        InputStream in = s.getInputStream();
-        int c = in.read();
-        StringBuffer buf = new StringBuffer();
-        System.out.println("Reading: ");
-        System.out.println("================================================================================");
-        while (c >= 0) {
-            byte b = (byte) c;
-            buf.append((char) b);
-            System.out.print((char) b);
-            if (-1 == buf.toString().indexOf("\r\n\r\n")) {
-                c = in.read();
-            } else {
-                break;
-            }
-        }
-        in.close();
-        out.close();
-        s.close();
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
deleted file mode 100644
index bec387e..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/CRLUtil.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/CRLUtil.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-/*
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.x509.extension.X509ExtensionUtil;
-*/
-
-import java.io.IOException;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 20-Dec-2005
- */
-public class CRLUtil {
-
-    public static String getURLToCRL(byte[] extension)
-        throws IOException {
-
-        throw new UnsupportedOperationException("not yet implemented");
-
-        /*
-                    byte[] bytes = extension2_5_29_31;
-                    ASN1Encodable asn1 = X509ExtensionUtil.fromExtensionValue(bytes);
-                    DERObject obj = asn1.getDERObject();
-                    CRLDistPoint distPoint = CRLDistPoint.getInstance(obj);
-                    DistributionPoint[] points = distPoint.getDistributionPoints();
-                    DistributionPointName dpn = points[0].getDistributionPoint();
-                    obj = dpn.getName().toASN1Object();
-                    ASN1Sequence seq = ASN1Sequence.getInstance(obj);
-                    DERTaggedObject tag = (DERTaggedObject) seq.getObjectAt(0);
-                    bytes = ASN1OctetString.getInstance(tag, false).getOctets();
-                    return new String(bytes);
-                    */
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
deleted file mode 100644
index 0af39ea..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/Certificates.java
+++ /dev/null
@@ -1,617 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/Certificates.java $
- * $Revision: 180 $
- * $Date: 2014-09-23 11:33:47 -0700 (Tue, 23 Sep 2014) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import org.apache.kerby.util.Base64;
-
-import javax.naming.InvalidNameException;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.ldap.LdapName;
-import javax.naming.ldap.Rdn;
-import javax.net.ssl.HttpsURLConnection;
-import javax.security.auth.x500.X500Principal;
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.lang.reflect.Method;
-import java.math.BigInteger;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import java.net.URLConnection;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CRL;
-import java.security.cert.CRLException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-import java.security.cert.X509Extension;
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Comparator;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.NoSuchElementException;
-import java.util.Set;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 19-Aug-2005
- */
-public class Certificates {
-
-    public static final CertificateFactory CF;
-    public static final String LINE_ENDING = System.getProperty("line.separator");
-
-    private static final HashMap CRL_CACHE = new HashMap();
-
-    public static final String CRL_EXTENSION = "2.5.29.31";
-    public static final String OCSP_EXTENSION = "1.3.6.1.5.5.7.1.1";
-    private static final DateFormat DF = new SimpleDateFormat("yyyy/MMM/dd");
-
-    public interface SerializableComparator extends Comparator, Serializable {
-    }
-
-    public static final SerializableComparator COMPARE_BY_EXPIRY =
-        new SerializableComparator() {
-            public int compare(Object o1, Object o2) {
-                X509Certificate c1 = (X509Certificate) o1;
-                X509Certificate c2 = (X509Certificate) o2;
-                // this deals with case where both are null
-                if (c1 == c2) {
-                    return 0;
-                }
-                // non-null is always bigger than null
-                if (c1 == null) {
-                    return -1;
-                }
-                if (c2 == null) {
-                    return 1;
-                }
-                if (c1.equals(c2)) {
-                    return 0;
-                }
-                Date d1 = c1.getNotAfter();
-                Date d2 = c2.getNotAfter();
-                int c = d1.compareTo(d2);
-                if (c == 0) {
-                    String s1 = JavaImpl.getSubjectX500(c1);
-                    String s2 = JavaImpl.getSubjectX500(c2);
-                    c = s1.compareTo(s2);
-                    if (c == 0) {
-                        s1 = JavaImpl.getIssuerX500(c1);
-                        s2 = JavaImpl.getIssuerX500(c2);
-                        c = s1.compareTo(s2);
-                        if (c == 0) {
-                            BigInteger big1 = c1.getSerialNumber();
-                            BigInteger big2 = c2.getSerialNumber();
-                            c = big1.compareTo(big2);
-                            if (c == 0) {
-                                try {
-                                    byte[] b1 = c1.getEncoded();
-                                    byte[] b2 = c2.getEncoded();
-                                    int len1 = b1.length;
-                                    int len2 = b2.length;
-                                    int i = 0;
-                                    for (; i < len1 && i < len2; i++) {
-                                        c = ((int) b1[i]) - ((int) b2[i]);
-                                        if (c != 0) {
-                                            break;
-                                        }
-                                    }
-                                    if (c == 0) {
-                                        c = b1.length - b2.length;
-                                    }
-                                } catch (CertificateEncodingException cee) {
-                                    // I give up.  They can be equal if they
-                                    // really want to be this badly.
-                                    c = 0;
-                                }
-                            }
-                        }
-                    }
-                }
-                return c;
-            }
-        };
-
-    static {
-        CertificateFactory cf = null;
-        try {
-            cf = CertificateFactory.getInstance("X.509");
-        } catch (CertificateException ce) {
-            ce.printStackTrace(System.out);
-        } finally {
-            CF = cf;
-        }
-    }
-
-    public static String toPEMString(X509Certificate cert)
-        throws CertificateEncodingException {
-        return toString(cert.getEncoded());
-    }
-
-    public static String toString(byte[] x509Encoded) {
-        byte[] encoded = Base64.encodeBase64(x509Encoded);
-        StringBuffer buf = new StringBuffer(encoded.length + 100);
-        buf.append("-----BEGIN CERTIFICATE-----\n");
-        for (int i = 0; i < encoded.length; i += 64) {
-            if (encoded.length - i >= 64) {
-                buf.append(new String(encoded, i, 64));
-            } else {
-                buf.append(new String(encoded, i, encoded.length - i));
-            }
-            buf.append(LINE_ENDING);
-        }
-        buf.append("-----END CERTIFICATE-----");
-        buf.append(LINE_ENDING);
-        return buf.toString();
-    }
-
-    public static String toString(X509Certificate cert) {
-        return toString(cert, false);
-    }
-
-    public static String toString(X509Certificate cert, boolean htmlStyle) {
-        String cn = getCN(cert);
-        String startStart = DF.format(cert.getNotBefore());
-        String endDate = DF.format(cert.getNotAfter());
-        String subject = JavaImpl.getSubjectX500(cert);
-        String issuer = JavaImpl.getIssuerX500(cert);
-        Iterator crls = getCRLs(cert).iterator();
-        if (subject.equals(issuer)) {
-            issuer = "self-signed";
-        }
-        StringBuffer buf = new StringBuffer(128);
-        if (htmlStyle) {
-            buf.append("<strong class=\"cn\">");
-        }
-        buf.append(cn);
-        if (htmlStyle) {
-            buf.append("</strong>");
-        }
-        buf.append(LINE_ENDING);
-        buf.append("Valid: ");
-        buf.append(startStart);
-        buf.append(" - ");
-        buf.append(endDate);
-        buf.append(LINE_ENDING);
-        buf.append("s: ");
-        buf.append(subject);
-        buf.append(LINE_ENDING);
-        buf.append("i: ");
-        buf.append(issuer);
-        while (crls.hasNext()) {
-            buf.append(LINE_ENDING);
-            buf.append("CRL: ");
-            buf.append((String) crls.next());
-        }
-        buf.append(LINE_ENDING);
-        return buf.toString();
-    }
-
-    public static List getCRLs(X509Extension cert) {
-        // What follows is a poor man's CRL extractor, for those lacking
-        // a BouncyCastle "bcprov.jar" in their classpath.
-
-        // It's a very basic state-machine:  look for a standard URL scheme
-        // (such as http), and then start looking for a terminator.  After
-        // running hexdump a few times on these things, it looks to me like
-        // the UTF-8 value "65533" seems to happen near where these things
-        // terminate.  (Of course this stuff is ASN.1 and not UTF-8, but
-        // I happen to like some of the functions available to the String
-        // object).    - juliusdavies@cucbc.com, May 10th, 2006
-        byte[] bytes = cert.getExtensionValue(CRL_EXTENSION);
-        LinkedList httpCRLS = new LinkedList();
-        LinkedList ftpCRLS = new LinkedList();
-        LinkedList otherCRLS = new LinkedList();
-        if (bytes == null) {
-            // just return empty list
-            return httpCRLS;
-        } else {
-            String s;
-            try {
-                s = new String(bytes, "UTF-8");
-            } catch (UnsupportedEncodingException uee) {
-                // We're screwed if this thing has more than one CRL, because
-                // the "indeOf( (char) 65533 )" below isn't going to work.
-                s = new String(bytes);
-            }
-            int pos = 0;
-            while (pos >= 0) {
-                int x = -1, y;
-                int[] indexes = new int[4];
-                indexes[0] = s.indexOf("http", pos);
-                indexes[1] = s.indexOf("ldap", pos);
-                indexes[2] = s.indexOf("file", pos);
-                indexes[3] = s.indexOf("ftp", pos);
-                Arrays.sort(indexes);
-                for (int i = 0; i < indexes.length; i++) {
-                    if (indexes[i] >= 0) {
-                        x = indexes[i];
-                        break;
-                    }
-                }
-                if (x >= 0) {
-                    y = s.indexOf((char) 65533, x);
-                    String crl = y > x ? s.substring(x, y - 1) : s.substring(x);
-                    if (y > x && crl.endsWith("0")) {
-                        crl = crl.substring(0, crl.length() - 1);
-                    }
-                    String crlTest = crl.trim().toLowerCase();
-                    if (crlTest.startsWith("http")) {
-                        httpCRLS.add(crl);
-                    } else if (crlTest.startsWith("ftp")) {
-                        ftpCRLS.add(crl);
-                    } else {
-                        otherCRLS.add(crl);
-                    }
-                    pos = y;
-                } else {
-                    pos = -1;
-                }
-            }
-        }
-
-        httpCRLS.addAll(ftpCRLS);
-        httpCRLS.addAll(otherCRLS);
-        return httpCRLS;
-    }
-
-    public static void checkCRL(X509Certificate cert)
-        throws CertificateException {
-        // String name = cert.getSubjectX500Principal().toString();
-        byte[] bytes = cert.getExtensionValue("2.5.29.31");
-        if (bytes == null) {
-            // log.warn( "Cert doesn't contain X509v3 CRL Distribution Points (2.5.29.31): " + name );
-            System.err.println("Cert doesn't contain X509v3 CRL Distribution Points (2.5.29.31)");
-        } else {
-            List crlList = getCRLs(cert);
-            Iterator it = crlList.iterator();
-            while (it.hasNext()) {
-                String url = (String) it.next();
-                CRLHolder holder = (CRLHolder) CRL_CACHE.get(url);
-                if (holder == null) {
-                    holder = new CRLHolder(url);
-                    CRL_CACHE.put(url, holder);
-                }
-                // success == false means we couldn't actually load the CRL
-                // (probably due to an IOException), so let's try the next one in
-                // our list.
-                boolean success = holder.checkCRL(cert);
-                if (success) {
-                    break;
-                }
-            }
-        }
-
-    }
-
-    public static BigInteger getFingerprint(X509Certificate x509)
-        throws CertificateEncodingException {
-        return getFingerprint(x509.getEncoded());
-    }
-
-    public static BigInteger getFingerprint(byte[] x509)
-        throws CertificateEncodingException {
-        MessageDigest sha1;
-        try {
-            sha1 = MessageDigest.getInstance("SHA1");
-        } catch (NoSuchAlgorithmException nsae) {
-            throw JavaImpl.newRuntimeException(nsae);
-        }
-
-        sha1.reset();
-        byte[] result = sha1.digest(x509);
-        return new BigInteger(result);
-    }
-
-    private static class CRLHolder {
-        private final String urlString;
-
-        private File tempCRLFile;
-        private long creationTime;
-        private Set passedTest = new HashSet();
-        private Set failedTest = new HashSet();
-
-        CRLHolder(String urlString) {
-            if (urlString == null) {
-                throw new NullPointerException("urlString can't be null");
-            }
-            this.urlString = urlString;
-        }
-
-        public synchronized boolean checkCRL(X509Certificate cert)
-            throws CertificateException {
-            CRL crl = null;
-            long now = System.currentTimeMillis();
-            if (now - creationTime > 24 * 60 * 60 * 1000) {
-                // Expire cache every 24 hours
-                if (tempCRLFile != null && tempCRLFile.exists()) {
-                    tempCRLFile.delete();
-                }
-                tempCRLFile = null;
-                passedTest.clear();
-
-                /*
-                      Note:  if any certificate ever fails the check, we will
-                      remember that fact.
-
-                      This breaks with temporary "holds" that CRL's can issue.
-                      Apparently a certificate can have a temporary "hold" on its
-                      validity, but I'm not interested in supporting that.  If a "held"
-                      certificate is suddenly "unheld", you're just going to need
-                      to restart your JVM.
-                    */
-                // failedTest.clear();  <-- DO NOT UNCOMMENT!
-            }
-
-            BigInteger fingerprint = getFingerprint(cert);
-            if (failedTest.contains(fingerprint)) {
-                throw new CertificateException("Revoked by CRL (cached response)");
-            }
-            if (passedTest.contains(fingerprint)) {
-                return true;
-            }
-
-            if (tempCRLFile == null) {
-                try {
-                    // log.info( "Trying to load CRL [" + urlString + "]" );
-
-                    // java.net.URL blocks forever by default, so CRL-checking
-                    // is freezing some systems.  Below we go to great pains
-                    // to enforce timeouts for CRL-checking (5 seconds).
-                    URL url = new URL(urlString);
-                    URLConnection urlConn = url.openConnection();
-                    if (urlConn instanceof HttpsURLConnection) {
-
-                        // HTTPS sites will use special CRLSocket.getInstance() SocketFactory
-                        // that is configured to timeout after 5 seconds:
-                        HttpsURLConnection httpsConn = (HttpsURLConnection) urlConn;
-                        httpsConn.setSSLSocketFactory(CRLSocket.getSecureInstance());
-
-                    } else if (urlConn instanceof HttpURLConnection) {
-
-                        // HTTP timeouts can only be set on Java 1.5 and up.  :-(
-                        // The code required to set it for Java 1.4 and Java 1.3 is just too painful.
-                        HttpURLConnection httpConn = (HttpURLConnection) urlConn;
-                        try {
-                            // Java 1.5 and up support these, so using reflection.  UGH!!!
-                            Class c = httpConn.getClass();
-                            Method setConnTimeOut = c.getDeclaredMethod("setConnectTimeout", new Class[]{Integer.TYPE});
-                            Method setReadTimeout = c.getDeclaredMethod("setReadTimeout", new Class[]{Integer.TYPE});
-                            setConnTimeOut.invoke(httpConn, Integer.valueOf(5000));
-                            setReadTimeout.invoke(httpConn, Integer.valueOf(5000));
-                        } catch (NoSuchMethodException nsme) {
-                            // oh well, java 1.4 users can suffer.
-                            System.err.println(nsme);
-                        } catch (Exception e) {
-                            throw new RuntimeException("can't set timeout", e);
-                        }
-                    }
-
-                    File tempFile = File.createTempFile("crl", ".tmp");
-                    tempFile.deleteOnExit();
-
-                    OutputStream out = new FileOutputStream(tempFile);
-                    out = new BufferedOutputStream(out);
-                    InputStream in = new BufferedInputStream(urlConn.getInputStream());
-                    try {
-                        Util.pipeStream(in, out);
-                    } catch (IOException ioe) {
-                        // better luck next time
-                        tempFile.delete();
-                        throw ioe;
-                    }
-                    this.tempCRLFile = tempFile;
-                    this.creationTime = System.currentTimeMillis();
-                } catch (IOException ioe) {
-                    // log.warn( "Cannot check CRL: " + e );
-                    System.err.println(ioe);
-                }
-            }
-
-            if (tempCRLFile != null && tempCRLFile.exists()) {
-                try {
-                    InputStream in = new FileInputStream(tempCRLFile);
-                    in = new BufferedInputStream(in);
-                    synchronized (CF) {
-                        crl = CF.generateCRL(in);
-                    }
-                    in.close();
-                    if (crl.isRevoked(cert)) {
-                        // log.warn( "Revoked by CRL [" + urlString + "]: " + name );
-                        passedTest.remove(fingerprint);
-                        failedTest.add(fingerprint);
-                        throw new CertificateException("Revoked by CRL");
-                    } else {
-                        passedTest.add(fingerprint);
-                    }
-                } catch (IOException ioe) {
-                    // couldn't load CRL that's supposed to be stored in Temp file.
-                    // log.warn(  );
-                    System.err.println(ioe);
-                } catch (CRLException crle) {
-                    // something is wrong with the CRL
-                    // log.warn(  );
-                    System.err.println(crle);
-                }
-            }
-            return crl != null;
-        }
-    }
-
-    public static String getCN(X509Certificate cert) {
-        String[] cns = getCNs(cert);
-        boolean foundSomeCNs = cns != null && cns.length >= 1;
-        return foundSomeCNs ? cns[0] : null;
-    }
-
-    public static String[] getCNs(X509Certificate cert) {
-        try {
-            final String subjectPrincipal = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
-            final LinkedList<String> cnList = new LinkedList<String>();
-            final LdapName subjectDN = new LdapName(subjectPrincipal);
-            for (final Rdn rds : subjectDN.getRdns()) {
-                final Attributes attributes = rds.toAttributes();
-                final Attribute cn = attributes.get("cn");
-                if (cn != null) {
-                    try {
-                        final Object value = cn.get();
-                        if (value != null) {
-                            cnList.add(value.toString());
-                        }
-                    } catch (NoSuchElementException ignore) {
-                        System.err.println(ignore);
-                    } catch (NamingException ignore) {
-                        System.err.println(ignore);
-                    }
-                }
-            }
-            if (!cnList.isEmpty()) {
-                return cnList.toArray(new String[cnList.size()]);
-            }
-        } catch (InvalidNameException ignore) {
-            System.err.println(ignore);
-        }
-        return null;
-    }
-
-    /**
-     * Extracts the array of SubjectAlt DNS names from an X509Certificate.
-     * Returns null if there aren't any.
-     * <p/>
-     * Note:  Java doesn't appear able to extract international characters
-     * from the SubjectAlts.  It can only extract international characters
-     * from the CN field.
-     * <p/>
-     * (Or maybe the version of OpenSSL I'm using to test isn't storing the
-     * international characters correctly in the SubjectAlts?).
-     *
-     * @param cert X509Certificate
-     * @return Array of SubjectALT DNS names stored in the certificate.
-     */
-    public static String[] getDNSSubjectAlts(X509Certificate cert) {
-        LinkedList subjectAltList = new LinkedList();
-        Collection c = null;
-        try {
-            c = cert.getSubjectAlternativeNames();
-        } catch (CertificateParsingException cpe) {
-            // Should probably log.debug() this?
-            cpe.printStackTrace();
-        }
-        if (c != null) {
-            Iterator it = c.iterator();
-            while (it.hasNext()) {
-                List list = (List) it.next();
-                int type = ((Integer) list.get(0)).intValue();
-                // If type is 2, then we've got a dNSName
-                if (type == 2) {
-                    String s = (String) list.get(1);
-                    subjectAltList.add(s);
-                }
-            }
-        }
-        if (!subjectAltList.isEmpty()) {
-            String[] subjectAlts = new String[subjectAltList.size()];
-            subjectAltList.toArray(subjectAlts);
-            return subjectAlts;
-        } else {
-            return null;
-        }
-    }
-
-    /**
-     * Trims off any null entries on the array.  Returns a shrunk array.
-     *
-     * @param chain X509Certificate[] chain to trim
-     * @return Shrunk array with all trailing null entries removed.
-     */
-    public static Certificate[] trimChain(Certificate[] chain) {
-        for (int i = 0; i < chain.length; i++) {
-            if (chain[i] == null) {
-                X509Certificate[] newChain = new X509Certificate[i];
-                System.arraycopy(chain, 0, newChain, 0, i);
-                return newChain;
-            }
-        }
-        return chain;
-    }
-
-    /**
-     * Returns a chain of type X509Certificate[].
-     *
-     * @param chain Certificate[] chain to cast to X509Certificate[]
-     * @return chain of type X509Certificate[].
-     */
-    public static X509Certificate[] x509ifyChain(Certificate[] chain) {
-        if (chain instanceof X509Certificate[]) {
-            return (X509Certificate[]) chain;
-        } else {
-            X509Certificate[] x509Chain = new X509Certificate[chain.length];
-            System.arraycopy(chain, 0, x509Chain, 0, chain.length);
-            return x509Chain;
-        }
-    }
-
-    public static void main(String[] args) throws Exception {
-        for (int i = 0; i < args.length; i++) {
-            FileInputStream in = new FileInputStream(args[i]);
-            TrustMaterial tm = new TrustMaterial(in);
-            Iterator it = tm.getCertificates().iterator();
-            while (it.hasNext()) {
-                X509Certificate x509 = (X509Certificate) it.next();
-                System.out.println(toString(x509));
-            }
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
deleted file mode 100644
index 83a3077..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/ComboInputStream.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/ComboInputStream.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 22-Feb-2007
- */
-public class ComboInputStream extends InputStream {
-    private boolean headDone;
-    private InputStream head;
-    private InputStream tail;
-
-    public ComboInputStream(InputStream head, InputStream tail) {
-        this.head = head != null ? head : tail;
-        this.tail = tail != null ? tail : head;
-    }
-
-    public int read() throws IOException {
-        int c;
-        if (headDone) {
-            c = tail.read();
-        } else {
-            c = head.read();
-            if (c == -1) {
-                headDone = true;
-                c = tail.read();
-            }
-        }
-        return c;
-    }
-
-    public int available() throws IOException {
-        return tail.available() + head.available();
-    }
-
-    public void close() throws IOException {
-        try {
-            head.close();
-        } finally {
-            if (head != tail) {
-                tail.close();
-            }
-        }
-    }
-
-    public int read(byte[] b, int off, int len) throws IOException {
-        int c;
-        if (headDone) {
-            c = tail.read(b, off, len);
-        } else {
-            c = head.read(b, off, len);
-            if (c == -1) {
-                headDone = true;
-                c = tail.read(b, off, len);
-            }
-        }
-        return c;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/DerivedKey.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/DerivedKey.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/DerivedKey.java
deleted file mode 100644
index 7005187..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/DerivedKey.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/DerivedKey.java $
- * $Revision: 121 $
- * $Date: 2007-11-13 21:26:57 -0800 (Tue, 13 Nov 2007) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 7-Nov-2006
- */
-public class DerivedKey {
-    public final byte[] key;
-    public final byte[] iv;
-
-    DerivedKey(byte[] key, byte[] iv) {
-        this.key = key;
-        this.iv = iv;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a2c604ee/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java b/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
deleted file mode 100644
index b39772d..0000000
--- a/3rdparty/not-yet-commons-ssl/src/main/java/org/apache/commons/ssl/HostPort.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * $HeadURL: http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/commons-ssl-0.3.16/src/java/org/apache/commons/ssl/HostPort.java $
- * $Revision: 166 $
- * $Date: 2014-04-28 11:40:25 -0700 (Mon, 28 Apr 2014) $
- *
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation.  For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-
-package org.apache.commons.ssl;
-
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-
-/**
- * @author Credit Union Central of British Columbia
- * @author <a href="http://www.cucbc.com/">www.cucbc.com</a>
- * @author <a href="mailto:juliusdavies@cucbc.com">juliusdavies@cucbc.com</a>
- * @since 14-July-2006
- */
-public class HostPort {
-    public final String host;
-    public final int port;
-    public final InetAddress addr;
-
-    public HostPort(String host, int port) throws UnknownHostException {
-        this.host = host;
-        this.port = port;
-        this.addr = Util.toInetAddress(host);
-    }
-
-    public String toString() {
-        return host + ":" + port;
-    }
-}


Mime
View raw message