harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From odea...@apache.org
Subject svn commit: r985174 - in /harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main: java/org/apache/harmony/xnet/provider/jsse/ native/jsse/shared/ native/jsse/windows/
Date Fri, 13 Aug 2010 12:27:23 GMT
Author: odeakin
Date: Fri Aug 13 12:27:22 2010
New Revision: 985174

URL: http://svn.apache.org/viewvc?rev=985174&view=rev
Log:
A few more changes to x-net implementation:
 - Modify client auth methods to pass options through to SSL_CTX_set_verify().
 - Add initialisation of SSLSessionImpl in terms of SSL_SESSIONs.
 - Make sure handshake completion listeners are called once handshaking is successfully completed.

Added:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
  (with props)
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
  (with props)
Modified:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
Fri Aug 13 12:27:22 2010
@@ -76,6 +76,11 @@ public class SSLParameters {
     private static String[] supportedProtocols = new String[] { "SSLv2", "SSLv3", "TLSv1"
};
     private static int[] protocolFlags = new int[] { 1, 2, 4 }; // These correspond to the
flags used in the natives
 
+    // These correspond to the flags used in the natives
+    private static short NO_CLIENT_AUTH = 1;
+    private static short REQUEST_CLIENT_AUTH = 2;
+    private static short REQUIRE_CLIENT_AUTH = 4;
+
     // Enable all protocols by default
     private String[] enabledProtocols = supportedProtocols;
     private int enabledProtocolsFlags = 7; // TLSv1 & SSLv3 & SSLv2
@@ -377,11 +382,18 @@ public class SSLParameters {
         return client_mode;
     }
 
+    private static native void setClientAuthImpl(long context, short flag);
+
     /**
      * Tunes the peer holding this parameters to require client authentication
      */
     protected void setNeedClientAuth(boolean need) {
-        need_client_auth = need;
+        if (need) {
+            setClientAuthImpl(SSL_CTX, REQUIRE_CLIENT_AUTH);
+        } else {
+            setClientAuthImpl(SSL_CTX, NO_CLIENT_AUTH);
+        }
+        need_client_auth = need;     
         // reset the want_client_auth setting
         want_client_auth = false;
     }
@@ -398,6 +410,11 @@ public class SSLParameters {
      * Tunes the peer holding this parameters to request client authentication
      */
     protected void setWantClientAuth(boolean want) {
+        if (want) {
+            setClientAuthImpl(SSL_CTX, REQUEST_CLIENT_AUTH);
+        } else {
+            setClientAuthImpl(SSL_CTX, NO_CLIENT_AUTH);
+        }
         want_client_auth = want;
         // reset the need_client_auth setting
         need_client_auth = false;

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
Fri Aug 13 12:27:22 2010
@@ -162,6 +162,11 @@ public class SSLSessionImpl implements S
      */
     final boolean isServer;
 
+    // OpenSSL SSL_SESSION pointer
+    private final long SSL_SESSION;
+
+    private final SSLParameters sslParameters;
+
     /**
      * Creates SSLSession implementation
      * 
@@ -187,6 +192,9 @@ public class SSLSessionImpl implements S
             isServer = true;
         }
 
+        // Add to satisfy compiler
+        SSL_SESSION = 0;
+        sslParameters = null;
     }
 
     /**
@@ -198,6 +206,14 @@ public class SSLSessionImpl implements S
         this(null, sr);
     }
 
+    private native long initialiseSession(long SSL);
+    
+    public SSLSessionImpl(SSLParameters parms, long SSL) {
+        sslParameters = parms;
+        SSL_SESSION = initialiseSession(SSL);
+        this.isServer = !sslParameters.getUseClientMode();
+    }
+
     public int getApplicationBufferSize() {
         return SSLRecordProtocol.MAX_DATA_LENGTH;
     }

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
Fri Aug 13 12:27:22 2010
@@ -441,7 +441,6 @@ public class SSLSocketImpl extends SSLSo
                 }
 
                 sslConnectImpl(SSL, impl.getFileDescriptor());
-                
 
                 //handshakeProtocol = new ClientHandshakeImpl(this);
             } else {
@@ -468,6 +467,18 @@ public class SSLSocketImpl extends SSLSo
 
         //doHandshake();
 
+        session = new SSLSessionImpl(sslParameters, SSL);
+        // Notify handshake completion listeners
+        if (listeners != null) {
+            HandshakeCompletedEvent event =
+                new HandshakeCompletedEvent(this, session);
+            int size = listeners.size();
+            for (int i=0; i<size; i++) {
+                listeners.get(i)
+                    .handshakeCompleted(event);
+            }
+        }
+
         if (logger != null) {
             logger.println("SSLSocketImpl.startHandshake: END");
         }

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Fri Aug 13 12:27:22 2010
@@ -47,6 +47,9 @@ JNIEXPORT jlong JNICALL Java_org_apache_
        ERR_print_errors_fp(stderr);
     }
 
+    // Set client auth off by default
+    SSL_CTX_set_verify(context, SSL_VERIFY_NONE, NULL);
+
     // First initilise the trust certificates in our newly created context
     size = (*env)->GetArrayLength(env, jtrustCerts);
     if (size) {
@@ -73,11 +76,6 @@ JNIEXPORT jlong JNICALL Java_org_apache_
             }
             free(certBuffer);
         }
-
-        // Carry out peer cert verification
-        // TODO: Is this the right setting?
-        SSL_CTX_set_verify(context, SSL_VERIFY_PEER, NULL);
-        SSL_CTX_set_verify_depth(context, 1);
     }
 
     if (jkeyCert != NULL) {
@@ -144,3 +142,28 @@ JNIEXPORT void JNICALL Java_org_apache_h
     SSL_CTX_clear_options(ctx, options);
     SSL_CTX_set_options(ctx, options ^ mask);
 }
+
+JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setClientAuthImpl
+  (JNIEnv *env, jclass clazz, jlong context, jshort flag)
+{
+    SSL_CTX *ctx = (SSL_CTX*)context;
+    int mode = 0;
+
+    switch (flag) {
+    case NO_CLIENT_AUTH:
+        mode = SSL_VERIFY_NONE;
+        break;
+    case REQUEST_CLIENT_AUTH:
+        mode = SSL_VERIFY_PEER;
+        break;
+    case REQUIRE_CLIENT_AUTH:
+        mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+        break;
+    default:
+        // Should never happen
+        return;
+    }
+
+    // Set the client authentication mode with a NULL callback
+    SSL_CTX_set_verify(ctx, mode, NULL);
+}

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
Fri Aug 13 12:27:22 2010
@@ -29,10 +29,17 @@ extern "C" {
 #define PROTOCOL_SSLv3 2
 #define PROTOCOL_TLSv1 4
 
+// Client authentication flags - these correspond to the flags used in SSLParameters.java
+#define NO_CLIENT_AUTH 1
+#define REQUEST_CLIENT_AUTH 2
+#define REQUIRE_CLIENT_AUTH 4
+
 JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_initialiseContext
   (JNIEnv *, jclass, jobjectArray, jbyteArray, jbyteArray);
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setEnabledProtocolsImpl
   (JNIEnv *, jclass, jlong, jint);
+JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setClientAuthImpl
+  (JNIEnv *, jclass, jlong, jshort);
 
 #ifdef __cplusplus
 }

Added: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c?rev=985174&view=auto
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
(added)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
Fri Aug 13 12:27:22 2010
@@ -0,0 +1,32 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include "sslSession.h"
+#include <stdio.h>
+#include "jni.h"
+#include "hysock.h"
+#include "openssl/bio.h"
+#include "openssl/ssl.h"
+#include "openssl/err.h"
+
+JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_initialiseSession
+  (JNIEnv *env, jobject object, jlong jssl)
+{
+    SSL *ssl = (SSL*)jssl;
+
+    return (jlong)SSL_get_session(ssl);
+}

Propchange: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.c
------------------------------------------------------------------------------
    svn:eol-style = native

Added: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h?rev=985174&view=auto
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
(added)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
Fri Aug 13 12:27:22 2010
@@ -0,0 +1,35 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include <jni.h>
+
+#ifndef _SSLSESSION_H
+#define _SSLSESSION_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLSessionImpl_initialiseSession
+  (JNIEnv *, jobject, jlong);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+

Propchange: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslSession.h
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile?rev=985174&r1=985173&r2=985174&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/windows/makefile
Fri Aug 13 12:27:22 2010
@@ -29,7 +29,7 @@ HYLDFLAGS = $(HYLDFLAGS) -def:$(LIBBASE)
 
 BUILDFILES = \
   $(SHAREDSUB)jsse_copyright.obj $(SHAREDSUB)sslParameters.obj $(SHAREDSUB)sslSocket.obj
\
-  $(SHAREDSUB)jsse_rand.obj
+  $(SHAREDSUB)sslSession.obj $(SHAREDSUB)jsse_rand.obj
 
 VIRTFILES = hyjsse.res
 



Mime
View raw message