harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From odea...@apache.org
Subject svn commit: r985282 - in /harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main: java/org/apache/harmony/xnet/provider/jsse/ native/jsse/shared/
Date Fri, 13 Aug 2010 16:58:41 GMT
Author: odeakin
Date: Fri Aug 13 16:58:40 2010
New Revision: 985282

URL: http://svn.apache.org/viewvc?rev=985282&view=rev
Log:
A few more changes to x-net implementation:
 - Get SSLParameters to update the SSL as well as SSL_CTX with option changes. May eventually
move to just using the SSL struct.
 - Refactor SSLServerSocket to just pass through calls to the underlying SSLSocket.
 - Remove chunks of code that have been replaced by OpenSSL calls.
The natives for SSLParameters.getSupportedCipherSuitesImpl() are TODO, so trying to get/set
ciphers will result in an UnsatisfiedLinkError currently.

Modified:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java?rev=985282&r1=985281&r2=985282&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
Fri Aug 13 16:58:40 2010
@@ -67,10 +67,9 @@ public class SSLParameters {
     // source of random numbers
     private SecureRandom secureRandom;
 
-    // cipher suites available for SSL connection
-    protected CipherSuite[] enabledCipherSuites;
     // string representations of available cipher suites
-    private String[] enabledCipherSuiteNames = null;
+    private String[] supportedCipherSuites = null;
+    private String[] enabledCipherSuites = null;
 
     // protocols suported and those enabled for SSL connection
     private static String[] supportedProtocols = new String[] { "SSLv2", "SSLv3", "TLSv1"
};
@@ -108,7 +107,6 @@ public class SSLParameters {
      * Creates an instance of SSLParameters.
      */
     private SSLParameters() {
-        this.enabledCipherSuites = CipherSuite.defaultCipherSuites;
     }
 
     /**
@@ -286,38 +284,58 @@ public class SSLParameters {
         return secureRandom;
     }
 
+
+    // TODO: implement the natives for get/set cipher suites
+    private native String[] getSupportedCipherSuitesImpl(long SSL);
+
+    protected String[] getSupportedCipherSuites(long SSL) {
+        if (supportedCipherSuites == null) {
+            supportedCipherSuites = getSupportedCipherSuitesImpl(SSL);
+        }
+        return supportedCipherSuites.clone();
+    }
+
     /**
      * @return the names of enabled cipher suites
      */
-    protected String[] getEnabledCipherSuites() {
-        if (enabledCipherSuiteNames == null) {
-            enabledCipherSuiteNames = new String[enabledCipherSuites.length];
-            for (int i = 0; i< enabledCipherSuites.length; i++) {
-                enabledCipherSuiteNames[i] = enabledCipherSuites[i].getName();
-            }
+    protected String[] getEnabledCipherSuites(long SSL) {
+        if (enabledCipherSuites == null) {
+            enabledCipherSuites = getSupportedCipherSuites(SSL);
         }
-        return enabledCipherSuiteNames.clone();
+        return enabledCipherSuites.clone();
     }
 
+
+    private native void setEnabledCipherSuitesImpl(long context, long SSL,  String[] enabledCiphers);
+
     /**
      * Sets the set of available cipher suites for use in SSL connection.
      * @param   suites: String[]
      * @return
      */
-    protected void setEnabledCipherSuites(String[] suites) {
+    protected void setEnabledCipherSuites(long SSL, String[] suites) {
         if (suites == null) {
             throw new IllegalArgumentException("Provided parameter is null");
         }
-        CipherSuite[] cipherSuites = new CipherSuite[suites.length];
+
+        if (supportedCipherSuites == null) {
+            supportedCipherSuites = getSupportedCipherSuitesImpl(SSL);
+        }
+
         for (int i=0; i<suites.length; i++) {
-            cipherSuites[i] = CipherSuite.getByName(suites[i]);
-            if (cipherSuites[i] == null || !cipherSuites[i].supported) {
-                throw new IllegalArgumentException(suites[i] +
-                        " is not supported.");
+            boolean found = false;
+            for (int j=0; j<supportedCipherSuites.length; j++) {
+                if (suites[i].equals(supportedCipherSuites[j])) {
+                    found = true;
+                    break;
+                }
+            }
+            if (!found) {
+                throw new IllegalArgumentException(suites[i] + " is not supported.");
             }
         }
-        enabledCipherSuites = cipherSuites;
-        enabledCipherSuiteNames = suites;
+        enabledCipherSuites = suites;        
+        setEnabledCipherSuitesImpl(SSL_CTX, SSL, suites);
     }
 
     /**
@@ -334,13 +352,13 @@ public class SSLParameters {
         return enabledProtocols.clone();
     }
 
-    private static native void setEnabledProtocolsImpl(long context, int flags);
+    private static native void setEnabledProtocolsImpl(long context, long SSL,  int flags);
 
     /**
      * Sets the set of available protocols for use in SSL connection.
      * @param   suites: String[]
      */
-    protected void setEnabledProtocols(String[] protocols) {
+    protected void setEnabledProtocols(long SSL, String[] protocols) {
         if (protocols == null) {
             throw new IllegalArgumentException("Provided parameter is null");
         }
@@ -362,7 +380,7 @@ public class SSLParameters {
         if (flags != enabledProtocolsFlags) {
             enabledProtocols = protocols;
             enabledProtocolsFlags = flags;
-            setEnabledProtocolsImpl(SSL_CTX, flags);
+            setEnabledProtocolsImpl(SSL_CTX, SSL, flags);
         }
     }
 
@@ -382,16 +400,16 @@ public class SSLParameters {
         return client_mode;
     }
 
-    private static native void setClientAuthImpl(long context, short flag);
+    private static native void setClientAuthImpl(long context, long SSL, short flag);
 
     /**
      * Tunes the peer holding this parameters to require client authentication
      */
-    protected void setNeedClientAuth(boolean need) {
+    protected void setNeedClientAuth(long SSL, boolean need) {
         if (need) {
-            setClientAuthImpl(SSL_CTX, REQUIRE_CLIENT_AUTH);
+            setClientAuthImpl(SSL_CTX, SSL, REQUIRE_CLIENT_AUTH);
         } else {
-            setClientAuthImpl(SSL_CTX, NO_CLIENT_AUTH);
+            setClientAuthImpl(SSL_CTX, SSL, NO_CLIENT_AUTH);
         }
         need_client_auth = need;     
         // reset the want_client_auth setting
@@ -409,11 +427,11 @@ public class SSLParameters {
     /**
      * Tunes the peer holding this parameters to request client authentication
      */
-    protected void setWantClientAuth(boolean want) {
+    protected void setWantClientAuth(long SSL, boolean want) {
         if (want) {
-            setClientAuthImpl(SSL_CTX, REQUEST_CLIENT_AUTH);
+            setClientAuthImpl(SSL_CTX, SSL, REQUEST_CLIENT_AUTH);
         } else {
-            setClientAuthImpl(SSL_CTX, NO_CLIENT_AUTH);
+            setClientAuthImpl(SSL_CTX, SSL, NO_CLIENT_AUTH);
         }
         want_client_auth = want;
         // reset the need_client_auth setting
@@ -463,7 +481,6 @@ public class SSLParameters {
         parameters.trustManager = trustManager;
         parameters.secureRandom = secureRandom;
 
-        parameters.enabledCipherSuites = enabledCipherSuites;
         parameters.enabledProtocols = enabledProtocols;
 
         parameters.client_mode = client_mode;

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java?rev=985282&r1=985281&r2=985282&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
Fri Aug 13 16:58:40 2010
@@ -31,13 +31,7 @@ import javax.net.ssl.SSLServerSocket;
  */
 public class SSLServerSocketImpl extends SSLServerSocket {
 
-    // the sslParameters object encapsulates all the info
-    // about supported and enabled cipher suites and protocols,
-    // as well as the information about client/server mode of
-    // ssl socket, whether it require/want client authentication or not,
-    // and controls whether new SSL sessions may be established by this
-    // socket or not.
-    private final SSLParameters sslParameters;
+    private final SSLSocketImpl sslSocket;
 
     // logger
     private Logger.Stream logger = Logger.getStream("ssocket");
@@ -50,7 +44,7 @@ public class SSLServerSocketImpl extends
     protected SSLServerSocketImpl(SSLParameters sslParameters)
         throws IOException {
         super();
-        this.sslParameters = sslParameters;
+        sslSocket = new SSLSocketImpl(sslParameters);
     }
 
     /**
@@ -62,7 +56,7 @@ public class SSLServerSocketImpl extends
     protected SSLServerSocketImpl(int port, SSLParameters sslParameters)
         throws IOException {
         super(port);
-        this.sslParameters = sslParameters;
+        sslSocket = new SSLSocketImpl(sslParameters);
     }
 
     /**
@@ -75,7 +69,7 @@ public class SSLServerSocketImpl extends
     protected SSLServerSocketImpl(int port, int backlog,
             SSLParameters sslParameters) throws IOException {
         super(port, backlog);
-        this.sslParameters = sslParameters;
+        sslSocket = new SSLSocketImpl(sslParameters);
     }
 
     /**
@@ -91,7 +85,7 @@ public class SSLServerSocketImpl extends
                                 SSLParameters sslParameters)
         throws IOException {
         super(port, backlog, iAddress);
-        this.sslParameters = sslParameters;
+        sslSocket = new SSLSocketImpl(sslParameters);
     }
 
     // --------------- SSLParameters based methods ---------------------
@@ -103,7 +97,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public String[] getSupportedCipherSuites() {
-        return CipherSuite.getSupportedCipherSuiteNames();
+        return sslSocket.getSupportedCipherSuites();
     }
 
     /**
@@ -113,7 +107,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public String[] getEnabledCipherSuites() {
-        return sslParameters.getEnabledCipherSuites();
+        return sslSocket.getEnabledCipherSuites();
     }
 
     /**
@@ -123,7 +117,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setEnabledCipherSuites(String[] suites) {
-        sslParameters.setEnabledCipherSuites(suites);
+        sslSocket.setEnabledCipherSuites(suites);
     }
 
     /**
@@ -133,7 +127,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public String[] getSupportedProtocols() {
-        return ProtocolVersion.supportedProtocols.clone();
+        return sslSocket.getSupportedProtocols();
     }
 
     /**
@@ -143,7 +137,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public String[] getEnabledProtocols() {
-        return sslParameters.getEnabledProtocols();
+        return sslSocket.getEnabledProtocols();
     }
 
     /**
@@ -153,7 +147,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setEnabledProtocols(String[] protocols) {
-        sslParameters.setEnabledProtocols(protocols);
+        sslSocket.setEnabledProtocols(protocols);
     }
 
     /**
@@ -163,7 +157,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setUseClientMode(boolean mode) {
-        sslParameters.setUseClientMode(mode);
+        sslSocket.setUseClientMode(mode);
     }
 
     /**
@@ -173,7 +167,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public boolean getUseClientMode() {
-        return sslParameters.getUseClientMode();
+        return sslSocket.getUseClientMode();
     }
 
     /**
@@ -183,7 +177,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setNeedClientAuth(boolean need) {
-        sslParameters.setNeedClientAuth(need);
+        sslSocket.setNeedClientAuth(need);
     }
 
     /**
@@ -193,7 +187,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public boolean getNeedClientAuth() {
-        return sslParameters.getNeedClientAuth();
+        return sslSocket.getNeedClientAuth();
     }
 
     /**
@@ -203,7 +197,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setWantClientAuth(boolean want) {
-        sslParameters.setWantClientAuth(want);
+        sslSocket.setWantClientAuth(want);
     }
 
     /**
@@ -213,7 +207,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public boolean getWantClientAuth() {
-        return sslParameters.getWantClientAuth();
+        return sslSocket.getWantClientAuth();
     }
 
     /**
@@ -223,7 +217,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public void setEnableSessionCreation(boolean flag) {
-        sslParameters.setEnableSessionCreation(flag);
+        sslSocket.setEnableSessionCreation(flag);
     }
 
     /**
@@ -233,7 +227,7 @@ public class SSLServerSocketImpl extends
      */
     @Override
     public boolean getEnableSessionCreation() {
-        return sslParameters.getEnableSessionCreation();
+        return sslSocket.getEnableSessionCreation();
     }
 
 
@@ -249,25 +243,23 @@ public class SSLServerSocketImpl extends
         if (logger != null) {
             logger.println("SSLServerSocketImpl.accept ..");
         }
-        SSLSocketImpl s = new SSLSocketImpl(
-                (SSLParameters) sslParameters.clone());
-        implAccept(s);
+        implAccept(sslSocket);
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
             try {
-                sm.checkAccept(s.getInetAddress().getHostAddress(),
-                        s.getPort());
+                sm.checkAccept(sslSocket.getInetAddress().getHostAddress(),
+                        sslSocket.getPort());
             } catch(SecurityException e) {
-                s.close();
+                sslSocket.close();
                 throw e;
             }
         }
-        s.init();
-        s.startHandshake();
+        sslSocket.init();
+        sslSocket.startHandshake();
         if (logger != null) {
             logger.println("SSLServerSocketImpl: accepted, initialized");
         }
-        return s;
+        return sslSocket;
     }
 
     /**

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java?rev=985282&r1=985281&r2=985282&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
Fri Aug 13 16:58:40 2010
@@ -216,7 +216,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public String[] getSupportedCipherSuites() {
-        return CipherSuite.getSupportedCipherSuiteNames();
+        return sslParameters.getSupportedCipherSuites(SSL);
     }
 
     /**
@@ -226,7 +226,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public String[] getEnabledCipherSuites() {
-        return sslParameters.getEnabledCipherSuites();
+        return sslParameters.getEnabledCipherSuites(SSL);
     }
 
     /**
@@ -236,7 +236,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public void setEnabledCipherSuites(String[] suites) {
-        sslParameters.setEnabledCipherSuites(suites);
+        sslParameters.setEnabledCipherSuites(SSL, suites);
     }
 
     /**
@@ -266,7 +266,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public void setEnabledProtocols(String[] protocols) {
-        sslParameters.setEnabledProtocols(protocols);
+        sslParameters.setEnabledProtocols(SSL, protocols);
     }
 
     /**
@@ -300,7 +300,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public void setNeedClientAuth(boolean need) {
-        sslParameters.setNeedClientAuth(need);
+        sslParameters.setNeedClientAuth(SSL, need);
     }
 
     /**
@@ -320,7 +320,7 @@ public class SSLSocketImpl extends SSLSo
      */
     @Override
     public void setWantClientAuth(boolean want) {
-        sslParameters.setWantClientAuth(want);
+        sslParameters.setWantClientAuth(SSL, want);
     }
 
     /**
@@ -437,36 +437,22 @@ public class SSLSocketImpl extends SSLSo
             handshake_started = true;
             if (sslParameters.getUseClientMode()) {
                 if (logger != null) {
-                    logger.println("SSLSocketImpl: CLIENT");
+                    logger.println("SSLSocketImpl: CLIENT connecting");
                 }
 
                 sslConnectImpl(SSL, impl.getFileDescriptor());
-
-                //handshakeProtocol = new ClientHandshakeImpl(this);
             } else {
                 if (logger != null) {
-                    logger.println("SSLSocketImpl: SERVER");
+                    logger.println("SSLSocketImpl: SERVER accepting connection");
                 }
-                sslAcceptImpl(SSL, impl.getFileDescriptor());
-                
-
-                //handshakeProtocol = new ServerHandshakeImpl(this);
+                sslAcceptImpl(SSL, impl.getFileDescriptor());                
             }
-
-            alertProtocol = new AlertProtocol();
-            /*recordProtocol = new SSLRecordProtocol(handshakeProtocol,
-                    alertProtocol, new SSLStreamedInput(input),
-                    appDataIS.dataPoint);*/
         }
 
         if (logger != null) {
-            logger.println("SSLSocketImpl.startHandshake");
+            logger.println("SSLSocketImpl: Handshake complete, notifying listeners");
         }
 
-        //handshakeProtocol.start();
-
-        //doHandshake();
-
         session = new SSLSessionImpl(sslParameters, SSL);
         // Notify handshake completion listeners
         if (listeners != null) {
@@ -546,6 +532,7 @@ public class SSLSocketImpl extends SSLSo
         if (logger != null) {
             logger.println("SSLSocket.close "+socket_was_closed);
         }
+        // TODO: Call down into natives to close down OpenSSL connection an clean up structs
         if (!socket_was_closed) {
             if (handshake_started) {
                 alertProtocol.alert(AlertProtocol.WARNING,
@@ -643,63 +630,6 @@ public class SSLSocketImpl extends SSLSo
             appDataIS.setEnd();
         }
         return data;
-        /*try {
-            while(appDataIS.available() == 0) {
-                // read and unwrap the record contained in the transport
-                // input stream (SSLStreamedInput), pass it
-                // to appropriate client protocol (alert, handshake, or app)
-                // and retrieve the type of unwrapped data
-                switch (type = recordProtocol.unwrap()) {
-                    case ContentType.HANDSHAKE:
-                        if (!handshakeProtocol.getStatus().equals(
-                                SSLEngineResult.HandshakeStatus
-                                .NOT_HANDSHAKING)) {
-                            // handshake protocol got addressed to it message 
-                            // and did not ignore it, so it's a rehandshake
-                            doHandshake();
-                        }
-                        break;
-                    case ContentType.ALERT:
-                        processAlert();
-                        if (socket_was_closed) {
-                            return;
-                        }
-                        break;
-                    case ContentType.APPLICATION_DATA:
-                        if (logger != null) {
-                            logger.println(
-                                    "SSLSocket.needAppData: got the data");
-                        }
-                        break;
-                    default:
-                        // will throw exception
-                        reportFatalAlert(AlertProtocol.UNEXPECTED_MESSAGE,
-                                new SSLException("Unexpected message of type "
-                                    + type + " has been got"));
-                }
-                if (alertProtocol.hasAlert()) {
-                    // warning alert occured during wrap or unwrap
-                    // (note: fatal alert causes AlertException
-                    // to be thrown)
-                    output.write(alertProtocol.wrap());
-                    alertProtocol.setProcessed();
-                }
-                if (socket_was_closed) {
-                    appDataIS.setEnd();
-                    return;
-                }
-            }
-        } catch (AlertException e) {
-            // will throw exception
-            reportFatalAlert(e.getDescriptionCode(), e.getReason());
-        } catch (EndOfSourceException e) {
-            // end of socket's input stream has been reached
-            appDataIS.setEnd();
-        }
-        if (logger != null) {
-            logger.println("SSLSocket.needAppData: app data len: "
-                    + appDataIS.available());
-        }*/
     }
 
 
@@ -720,171 +650,6 @@ public class SSLSocketImpl extends SSLSo
         }
 
         writeAppDataImpl(SSL, data, offset, len);
-        /*try {
-            if (len < SSLRecordProtocol.MAX_DATA_LENGTH) {
-                output.write(recordProtocol.wrap(ContentType.APPLICATION_DATA,
-                            data, offset, len));
-            } else {
-                while (len >= SSLRecordProtocol.MAX_DATA_LENGTH) {
-                    output.write(recordProtocol.wrap(
-                                ContentType.APPLICATION_DATA, data, offset,
-                                SSLRecordProtocol.MAX_DATA_LENGTH));
-                    offset += SSLRecordProtocol.MAX_DATA_LENGTH;
-                    len -= SSLRecordProtocol.MAX_DATA_LENGTH;
-                }
-                if (len > 0) {
-                    output.write(
-                        recordProtocol.wrap(ContentType.APPLICATION_DATA,
-                                            data, offset, len));
-                }
-            }
-        } catch (AlertException e) {
-            // will throw exception
-            reportFatalAlert(e.getDescriptionCode(), e.getReason());
-        }*/
-    }
-
-    /*
-     * Performs handshake proccess over this connection. The hanshake
-     * process is dirrected by the handshake status code provided by
-     * handshake protocol. If this status is NEED_WRAP, method retrieves
-     * handshake message from handshake protocol and sends it to another peer.
-     * If this status is NEED_UNWRAP, method receives and processes handshake
-     * message from another peer. Each of this stages (wrap/unwrap) change
-     * the state of handshake protocol and this process is performed 
-     * until handshake status is FINISHED. After handshake process is finnished
-     * handshake completed event are sent to the registered listeners.
-     * For more information about the handshake process see
-     * TLS v1 specification (http://www.ietf.org/rfc/rfc2246.txt) p 7.3.
-     */
-    private void doHandshake() throws IOException {
-        SSLEngineResult.HandshakeStatus status;
-        int type;
-        try {
-            while (!(status = handshakeProtocol.getStatus()).equals(
-                        SSLEngineResult.HandshakeStatus.FINISHED)) {
-                if (logger != null) {
-                    String s = (status.equals(
-                                SSLEngineResult.HandshakeStatus.NEED_WRAP))
-                        ? "NEED_WRAP"
-                        : (status.equals(
-                                SSLEngineResult.HandshakeStatus.NEED_UNWRAP))
-                            ? "NEED_UNWRAP"
-                            : "STATUS: OTHER!";
-                    logger.println("SSLSocketImpl: HS status: "+s+" "+status);
-                }
-                if (status.equals(SSLEngineResult.HandshakeStatus.NEED_WRAP)) {
-                    output.write(handshakeProtocol.wrap());
-                } else if (status.equals(
-                            SSLEngineResult.HandshakeStatus.NEED_UNWRAP)) {
-                    // read and unwrap the record contained in the transport
-                    // input stream (SSLStreamedInput), pass it
-                    // to appropriate client protocol (alert, handshake, or app)
-                    // and retrieve the type of unwrapped data
-                    switch (type = recordProtocol.unwrap()) {
-                        case ContentType.HANDSHAKE:
-                        case ContentType.CHANGE_CIPHER_SPEC:
-                            break;
-                        case ContentType.APPLICATION_DATA:
-                            // So it's rehandshake and
-                            // if app data buffer will be overloaded
-                            // it will throw alert exception.
-                            // Probably we should count the number of
-                            // not handshaking data and make additional
-                            // constraints (do not expect buffer overflow).
-                            break;
-                        case ContentType.ALERT:
-                            processAlert();
-                            if (socket_was_closed) {
-                                return;
-                            }
-                            break;
-                        default:
-                            // will throw exception
-                            reportFatalAlert(AlertProtocol.UNEXPECTED_MESSAGE,
-                                    new SSLException(
-                                        "Unexpected message of type "
-                                        + type + " has been got"));
-                    }
-                } else {
-                    // will throw exception
-                    reportFatalAlert(AlertProtocol.INTERNAL_ERROR,
-                        new SSLException(
-                            "Handshake passed unexpected status: "+status));
-                }
-                if (alertProtocol.hasAlert()) {
-                    // warning alert uccured during wrap or unwrap
-                    // (note: fatal alert causes AlertException
-                    // to be thrown)
-                    output.write(alertProtocol.wrap());
-                    alertProtocol.setProcessed();
-                }
-            }
-        } catch (EndOfSourceException e) {
-            appDataIS.setEnd();
-            throw new IOException("Connection was closed");
-        } catch (AlertException e) {
-            // will throw exception
-            reportFatalAlert(e.getDescriptionCode(), e.getReason());
-        }
-
-        session = recordProtocol.getSession();
-        if (listeners != null) {
-            // notify the listeners
-            HandshakeCompletedEvent event =
-                new HandshakeCompletedEvent(this, session);
-            int size = listeners.size();
-            for (int i=0; i<size; i++) {
-                listeners.get(i)
-                    .handshakeCompleted(event);
-            }
-        }
-    }
-        
-    /*
-     * Process received alert message
-     */
-    private void processAlert() throws IOException {
-        if (!alertProtocol.hasAlert()) {
-            return;
-        }
-        if (alertProtocol.isFatalAlert()) {
-            alertProtocol.setProcessed();
-            String description = "Fatal alert received "
-                + alertProtocol.getAlertDescription();
-            shutdown();
-            throw new SSLException(description);
-        }
-        
-        if (logger != null) {
-            logger.println("Warning alert received: "
-                + alertProtocol.getAlertDescription());
-        }
-        switch(alertProtocol.getDescriptionCode()) {
-            case AlertProtocol.CLOSE_NOTIFY:
-                alertProtocol.setProcessed();
-                appDataIS.setEnd();
-                close();
-                return;
-            default:
-                alertProtocol.setProcessed();
-            // TODO: process other warning messages
-        }
-    }
-    
-    /*
-     * Sends fatal alert message and throws exception
-     */
-    private void reportFatalAlert(byte description_code, 
-            SSLException reason) throws IOException {
-        alertProtocol.alert(AlertProtocol.FATAL, description_code);
-        try {
-            // the output stream can be closed
-            output.write(alertProtocol.wrap());
-        } catch (IOException ex) { }
-        alertProtocol.setProcessed();
-        shutdown();
-        throw reason;
     }
 }
 

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c?rev=985282&r1=985281&r2=985282&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Fri Aug 13 16:58:40 2010
@@ -122,9 +122,10 @@ JNIEXPORT jlong JNICALL Java_org_apache_
 }
 
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setEnabledProtocolsImpl
-  (JNIEnv *env, jclass clazz, jlong context, jint flags) 
+  (JNIEnv *env, jclass clazz, jlong context, jlong jssl, jint flags) 
 {
     SSL_CTX *ctx = (SSL_CTX*)context;
+    SSL *ssl = (SSL*)jssl;
     long options = 0;
     long mask = SSL_OP_NO_TLSv1 | SSL_OP_NO_SSLv3 | SSL_OP_NO_SSLv2;
 
@@ -141,12 +142,19 @@ JNIEXPORT void JNICALL Java_org_apache_h
     // Clearing the options enables the protocol, setting disables
     SSL_CTX_clear_options(ctx, options);
     SSL_CTX_set_options(ctx, options ^ mask);
+
+    // If we have been passed an SSL pointer, set the options on that SSL too
+    if (ssl) {
+        SSL_clear_options(ssl, options);
+        SSL_set_options(ssl, options ^ mask);
+    }
 }
 
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setClientAuthImpl
-  (JNIEnv *env, jclass clazz, jlong context, jshort flag)
+  (JNIEnv *env, jclass clazz, jlong context, jlong jssl, jshort flag)
 {
     SSL_CTX *ctx = (SSL_CTX*)context;
+    SSL *ssl = (SSL*)jssl;
     int mode = 0;
 
     switch (flag) {
@@ -166,4 +174,9 @@ JNIEXPORT void JNICALL Java_org_apache_h
 
     // Set the client authentication mode with a NULL callback
     SSL_CTX_set_verify(ctx, mode, NULL);
+
+    // If we have been passed an SSL pointer, set the options on that SSL too
+    if (ssl) {
+        SSL_set_verify(ssl, mode, NULL);
+    }
 }

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h?rev=985282&r1=985281&r2=985282&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.h
Fri Aug 13 16:58:40 2010
@@ -37,9 +37,9 @@ extern "C" {
 JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_initialiseContext
   (JNIEnv *, jclass, jobjectArray, jbyteArray, jbyteArray);
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setEnabledProtocolsImpl
-  (JNIEnv *, jclass, jlong, jint);
+  (JNIEnv *, jclass, jlong, jlong, jint);
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setClientAuthImpl
-  (JNIEnv *, jclass, jlong, jshort);
+  (JNIEnv *, jclass, jlong, jlong, jshort);
 
 #ifdef __cplusplus
 }



Mime
View raw message