harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From odea...@apache.org
Subject svn commit: r987551 - in /harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared: cipherList.h sslParameters.c
Date Fri, 20 Aug 2010 15:41:14 GMT
Author: odeakin
Date: Fri Aug 20 15:41:14 2010
New Revision: 987551

URL: http://svn.apache.org/viewvc?rev=987551&view=rev
Log:
Split cipher mapping list into separate TLS/SSLv2/SSLv3 lists and get the cipher list for
each of these protocols separately as OpenSSL shares cipher names across them (e.g. RC4-MD5
can be SSL_CK_RC4_128_WITH_MD5, SSL_RSA_WITH_RC4_128_MD5 or TLS_RSA_WITH_RC4_128_MD5).

Modified:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h?rev=987551&r1=987550&r2=987551&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/cipherList.h
Fri Aug 20 15:41:14 2010
@@ -15,37 +15,45 @@
  *  limitations under the License.
  */
 
-#define CIPHER_COUNT 78
-char *specNames[CIPHER_COUNT] = { "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_RSA_WITH_RC4_128_MD5", 
-    "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "SSL_RSA_WITH_IDEA_CBC_SHA",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", 
-    "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA", 
-    "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 
-    "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_RC4_128_MD5", "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DH_anon_WITH_DES_CBC_SHA", 
-    "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_NULL_MD5", "TLS_RSA_WITH_NULL_SHA",
"TLS_RSA_EXPORT_WITH_RC4_40_MD5", "TLS_RSA_WITH_RC4_128_MD5", 
-    "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", "TLS_RSA_WITH_IDEA_CBC_SHA",
"TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", 
-    "TLS_RSA_WITH_DES_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_DSS_WITH_DES_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "TLS_DHE_RSA_WITH_DES_CBC_SHA",
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", 
-    "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_DH_anon_WITH_RC4_128_MD5", "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DH_anon_WITH_DES_CBC_SHA", 
-    "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DH_anon_WITH_AES_128_CBC_SHA", 
-    "TLS_DH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA",
"TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", 
-    "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA", "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA",

-    "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA", "TLS_RSA_WITH_SEED_CBC_SHA",
"TLS_DHE_DSS_WITH_SEED_CBC_SHA", 
-    "TLS_DHE_RSA_WITH_SEED_CBC_SHA", "TLS_DH_anon_WITH_SEED_CBC_SHA", "TLS_GOSTR341094_WITH_28147_CNT_IMIT",
"TLS_GOSTR341001_WITH_28147_CNT_IMIT", 
-    "TLS_GOSTR341094_WITH_NULL_GOSTR3411", "TLS_GOSTR341001_WITH_NULL_GOSTR3411", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA",
"TLS_RSA_EXPORT1024_WITH_RC4_56_SHA", 
-    "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
"TLS_DHE_DSS_WITH_RC4_128_SHA", "SSL_CK_RC4_128_WITH_MD5", 
-    "SSL_CK_RC4_128_EXPORT40_WITH_MD5", "SSL_CK_RC2_128_CBC_WITH_MD5", "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5",
"SSL_CK_IDEA_128_CBC_WITH_MD5", 
-    "SSL_CK_DES_64_CBC_WITH_MD5", "SSL_CK_DES_192_EDE3_CBC_WITH_MD5" };
-
-char *openSSLNames[CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5", "RC4-SHA",
"EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", "EXP-DES-CBC-SHA", 
-    "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA", "EDH-DSS-DES-CBC3-SHA",
"EXP-EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC-SHA", 
-    "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA", "ADH-DES-CBC-SHA",
"ADH-DES-CBC3-SHA", "NULL-MD5", "NULL-SHA", 
-    "EXP-RC4-MD5", "RC4-MD5", "RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", "EXP-DES-CBC-SHA",
"DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", 
-    "EDH-DSS-CBC-SHA", "EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC-SHA",
"EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", 
-    "EXP-ADH-DES-CBC-SHA", "ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA", "AES128-SHA", "AES256-SHA",
"DHE-DSS-AES128-SHA", "DHE-DSS-AES256-SHA", 
-    "DHE-RSA-AES128-SHA", "DHE-RSA-AES256-SHA", "ADH-AES128-SHA", "ADH-AES256-SHA", "CAMELLIA128-SHA",
"CAMELLIA256-SHA", "DHE-DSS-CAMELLIA128-SHA", 
-    "DHE-DSS-CAMELLIA256-SHA", "DHE-RSA-CAMELLIA128-SHA", "DHE-RSA-CAMELLIA256-SHA", "ADH-CAMELLIA128-SHA",
"ADH-CAMELLIA256-SHA", "SEED-SHA", 
-    "DHE-DSS-SEED-SHA", "DHE-RSA-SEED-SHA", "ADH-SEED-SHA", "GOST94-GOST89-GOST89", "GOST2001-GOST89-GOST89",
"GOST94-NULL-GOST94", "GOST2001-NULL-GOST94", 
-    "EXP1024-DES-CBC-SHA", "EXP1024-RC4-SHA", "EXP1024-DHE-DSS-DES-CBC-SHA", "EXP1024-DHE-DSS-RC4-SHA",
"DHE-DSS-RC4-SHA", "RC4-MD5", "EXP-RC4-MD5", 
-    "RC2-MD5", "EXP-RC2-MD5", "IDEA-CBC-MD5", "DES-CBC-MD5", "DES-CBC3-MD5" };
+#define SSLv2_CIPHER_COUNT 7
+char *SSLv2_SpecNames[SSLv2_CIPHER_COUNT] = { "SSL_CK_RC4_128_WITH_MD5", "SSL_CK_RC4_128_EXPORT40_WITH_MD5",
"SSL_CK_RC2_128_CBC_WITH_MD5", 
+    "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5", "SSL_CK_IDEA_128_CBC_WITH_MD5", "SSL_CK_DES_64_CBC_WITH_MD5",
"SSL_CK_DES_192_EDE3_CBC_WITH_MD5" };
 
+char *SSLv2_openSSLNames[SSLv2_CIPHER_COUNT] = { "RC4-MD5", "EXP-RC4-MD5", "RC2-MD5", "EXP-RC2-MD5",
"IDEA-CBC-MD5", "DES-CBC-MD5", "DES-CBC3-MD5" };
+
+#define SSLv3_CIPHER_COUNT 21
+char *SSLv3_SpecNames[SSLv3_CIPHER_COUNT] = { "SSL_RSA_WITH_NULL_MD5", "SSL_RSA_WITH_NULL_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5", 
+    "SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"SSL_RSA_WITH_IDEA_CBC_SHA", 
+    "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
+    "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA", 
+    "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_RC4_128_MD5",
"SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
+    "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" };
+
+char *SSLv3_openSSLNames[SSLv3_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
+    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
+    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA" };
+
+#define TLSv1_CIPHER_COUNT 50
+char *TLSv1_SpecNames[TLSv1_CIPHER_COUNT] = { "TLS_RSA_WITH_NULL_MD5", "TLS_RSA_WITH_NULL_SHA",
"TLS_RSA_EXPORT_WITH_RC4_40_MD5", 
+    "TLS_RSA_WITH_RC4_128_MD5", "TLS_RSA_WITH_RC4_128_SHA", "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5",
"TLS_RSA_WITH_IDEA_CBC_SHA", 
+    "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "TLS_RSA_WITH_DES_CBC_SHA", "TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_DES_CBC_SHA", "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"TLS_DHE_RSA_WITH_DES_CBC_SHA", 
+    "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", "TLS_DH_anon_WITH_RC4_128_MD5",
"TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", 
+    "TLS_DH_anon_WITH_DES_CBC_SHA", "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA", 
+    "TLS_DH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA",
"TLS_RSA_WITH_CAMELLIA_256_CBC_SHA", 
+    "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA", "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA", "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA",

+    "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA", "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA",

+    "TLS_RSA_WITH_SEED_CBC_SHA", "TLS_DHE_DSS_WITH_SEED_CBC_SHA", "TLS_DHE_RSA_WITH_SEED_CBC_SHA",
"TLS_DH_anon_WITH_SEED_CBC_SHA", 
+    "TLS_GOSTR341094_WITH_28147_CNT_IMIT", "TLS_GOSTR341001_WITH_28147_CNT_IMIT", "TLS_GOSTR341094_WITH_NULL_GOSTR3411",

+    "TLS_GOSTR341001_WITH_NULL_GOSTR3411", "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA", "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA",

+    "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA", "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA",
"TLS_DHE_DSS_WITH_RC4_128_SHA" };
+
+char *TLSv1_openSSLNames[TLSv1_CIPHER_COUNT] = { "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5",
"RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", 
+    "EXP-DES-CBC-SHA", "DES-CBC-SHA", "DES-CBC3-SHA", "EXP-EDH-DSS-DES-CBC-SHA", "EDH-DSS-CBC-SHA",
"EDH-DSS-DES-CBC3-SHA", "EXP-EDH-RSA-DES-CBC-SHA", 
+    "EDH-RSA-DES-CBC-SHA", "EDH-RSA-DES-CBC3-SHA", "EXP-ADH-RC4-MD5", "ADH-RC4-MD5", "EXP-ADH-DES-CBC-SHA",
"ADH-DES-CBC-SHA", "ADH-DES-CBC3-SHA", 
+    "AES128-SHA", "AES256-SHA", "DHE-DSS-AES128-SHA", "DHE-DSS-AES256-SHA", "DHE-RSA-AES128-SHA",
"DHE-RSA-AES256-SHA", "ADH-AES128-SHA", 
+    "ADH-AES256-SHA", "CAMELLIA128-SHA", "CAMELLIA256-SHA", "DHE-DSS-CAMELLIA128-SHA", "DHE-DSS-CAMELLIA256-SHA",
"DHE-RSA-CAMELLIA128-SHA", 
+    "DHE-RSA-CAMELLIA256-SHA", "ADH-CAMELLIA128-SHA", "ADH-CAMELLIA256-SHA", "SEED-SHA",
"DHE-DSS-SEED-SHA", "DHE-RSA-SEED-SHA", "ADH-SEED-SHA", 
+    "GOST94-GOST89-GOST89", "GOST2001-GOST89-GOST89", "GOST94-NULL-GOST94", "GOST2001-NULL-GOST94",
"EXP1024-DES-CBC-SHA", "EXP1024-RC4-SHA", 
+    "EXP1024-DHE-DSS-DES-CBC-SHA", "EXP1024-DHE-DSS-RC4-SHA", "DHE-DSS-RC4-SHA" };

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c?rev=987551&r1=987550&r2=987551&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Fri Aug 20 15:41:14 2010
@@ -26,16 +26,46 @@
 
 #include "cipherList.h"
 
+int getCipherSpecList(JNIEnv *env, SSL *ssl, const char *protocol, jstring **jciphers, char
*openSSLNames[], char *specNames[], int mappedNamesCount) {
+    int i, matched, ret, count;
+    STACK_OF(SSL_CIPHER) *ciphers;
+
+    ret = SSL_set_cipher_list(ssl, protocol);
+    if (ret<=0) {
+       ERR_print_errors_fp(stderr);
+       // TODO: Throw exception here and return error value
+    }
+
+    ciphers = SSL_get_ciphers(ssl);
+    count = sk_num(&ciphers->stack);
+    *jciphers = malloc(sizeof(jstring)*count);
+
+    matched = 0;
+    for (i=0; i<count; i++)
+    {
+        const char *cipherName = SSL_CIPHER_get_name(sk_value(&ciphers->stack, i));
+        int j;
+        for (j=0; j<mappedNamesCount; j++) {
+            if (!strcmp(cipherName, openSSLNames[j])) {
+                (*jciphers)[matched] = (*env)->NewStringUTF(env, specNames[j]);      
         
+                matched++;
+                break;
+            }
+        }
+    }
+
+    return matched;
+}
+
 JNIEXPORT jobjectArray JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_initialiseDefaults
   (JNIEnv *env, jclass clazz)
 {
     SSL_CTX *context;
     SSL *ssl;
-    int i, count, index, ret;
+    int i, ret, ssl2matched, ssl3matched, tlsmatched;
     jclass stringClass;
-    jobjectArray stringArray; 
-    STACK_OF(SSL_CIPHER) *ciphers;
-    jstring *jciphers;
+    jobjectArray stringArray;
+    jstring *ssl2jciphers, *ssl3jciphers, *tlsjciphers;
 
     SSL_library_init();
     SSL_load_error_strings();
@@ -46,39 +76,37 @@ JNIEXPORT jobjectArray JNICALL Java_org_
     ret = SSL_CTX_set_cipher_list(context, "SSLv2:SSLv3:TLSv1");
     if (ret<=0) {
        ERR_print_errors_fp(stderr);
+       // TODO: throw exception here and return
     }
 
     ssl = SSL_new(context);
+    
+    // TODO: check for exception return
+    ssl2matched = getCipherSpecList(env, ssl, "SSLv2", &ssl2jciphers, SSLv2_openSSLNames,
SSLv2_SpecNames, SSLv2_CIPHER_COUNT);
+    ssl3matched = getCipherSpecList(env, ssl, "SSLv3", &ssl3jciphers, SSLv3_openSSLNames,
SSLv3_SpecNames, SSLv3_CIPHER_COUNT);
+    tlsmatched = getCipherSpecList(env, ssl, "TLSv1", &tlsjciphers, TLSv1_openSSLNames,
TLSv1_SpecNames, TLSv1_CIPHER_COUNT);
 
-    ciphers = SSL_get_ciphers(ssl);
-    count = sk_num(&ciphers->stack);
-
-    jciphers = malloc(sizeof(jstring)*count);
-
-    index = 0;
-    for (i=0; i<count; i++)
+    stringClass = (*env)->FindClass(env, "java/lang/String");
+    stringArray = (*env)->NewObjectArray(env, ssl2matched + ssl3matched + tlsmatched,
stringClass, NULL);
+    for (i=0; i<tlsmatched; i++)
     {
-        const char *cipherName = SSL_CIPHER_get_name(sk_value(&ciphers->stack, i));
-        int j;
-        for (j=0; j<CIPHER_COUNT; j++) {
-            if (!strcmp(cipherName, openSSLNames[j])) {
-                printf("match %s=%s\n", openSSLNames[j], specNames[j]);
-                jciphers[index] = (*env)->NewStringUTF(env, specNames[j]);           
    
-                index++;
-                break;
-            }
-        }
+        (*env)->SetObjectArrayElement(env, stringArray, i, tlsjciphers[i]);
+        (*env)->DeleteLocalRef(env, tlsjciphers[i]);
     }
-
-    stringClass = (*env)->FindClass(env, "java/lang/String");
-    stringArray = (*env)->NewObjectArray(env, index, stringClass, NULL);
-    for (i=0; i<index; i++)
+    for (i=0; i<ssl3matched; i++)
     {
-        (*env)->SetObjectArrayElement(env, stringArray, i, jciphers[i]);
-        (*env)->DeleteLocalRef(env, jciphers[i]);
+        (*env)->SetObjectArrayElement(env, stringArray, i + tlsmatched, ssl3jciphers[i]);
+        (*env)->DeleteLocalRef(env, ssl3jciphers[i]);
     }
-
-    free(jciphers);
+    for (i=0; i<ssl2matched; i++)
+    {
+        (*env)->SetObjectArrayElement(env, stringArray, i + ssl3matched + tlsmatched,
ssl2jciphers[i]);
+        (*env)->DeleteLocalRef(env, ssl2jciphers[i]);
+    }
+    
+    free(ssl2jciphers);
+    free(ssl3jciphers);
+    free(tlsjciphers);
     SSL_free(ssl);
     SSL_CTX_free(context);
 
@@ -102,7 +130,7 @@ JNIEXPORT jlong JNICALL Java_org_apache_
 
     context = SSL_CTX_new(SSLv23_method());
 
-    ret = SSL_CTX_set_cipher_list(context, "ALL");
+    ret = SSL_CTX_set_cipher_list(context, "SSLv2:SSLv3:TLSv1");
     if (ret<=0) {
        ERR_print_errors_fp(stderr);
     }
@@ -236,6 +264,34 @@ JNIEXPORT void JNICALL Java_org_apache_h
     }
 }
 
+char* findOpenSSLName(const char *cipher) {
+    int i;
+    if (strstr(cipher, "TLS_")) {
+        // This is a TLS cipher name
+        for (i=0; i<TLSv1_CIPHER_COUNT; i++) {
+            if (!strcmp(cipher, TLSv1_SpecNames[i])) {
+                return TLSv1_openSSLNames[i];
+            }
+        }
+    } else if (strstr(cipher, "SSL_CK")) {
+        // This is an SSLv2 cipher name
+        for (i=0; i<SSLv2_CIPHER_COUNT; i++) {
+            if (!strcmp(cipher, SSLv2_SpecNames[i])) {
+                return SSLv2_openSSLNames[i];
+            }
+        }
+    } else {
+        // This is an SSLv3 cipher name
+        for (i=0; i<SSLv3_CIPHER_COUNT; i++) {
+            if (!strcmp(cipher, SSLv3_SpecNames[i])) {
+                return SSLv3_openSSLNames[i];
+            }
+        }
+    }  
+
+    return NULL;  
+}
+
 JNIEXPORT void JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_setEnabledCipherSuitesImpl
   (JNIEnv *env, jclass clazz, jlong context, jlong jssl, jobjectArray jenabledCiphers)
 {
@@ -259,17 +315,15 @@ JNIEXPORT void JNICALL Java_org_apache_h
     for (i=0; i<count; i++) {
         jstring jcipher = (jstring)(*env)->GetObjectArrayElement(env, jenabledCiphers,
i);
         const char *cipher = (*env)->GetStringUTFChars(env, jcipher, NULL);
-        int j;
-        for (j=0; j<CIPHER_COUNT; j++) {
-            if (!strcmp(cipher, specNames[j])) {
-                strcat(cipherList, openSSLNames[j]);
-                if (i != count-1) {
-                    strcat(cipherList, ":");
-                }
-                break;
+
+        char *openSSLName = findOpenSSLName(cipher);
+        if (openSSLName) {
+            strcat(cipherList, openSSLName);
+            if (i != count-1) {
+                strcat(cipherList, ":");
             }
         }
-        
+
         (*env)->ReleaseStringUTFChars(env, jcipher, cipher);
     }
 



Mime
View raw message