incubator-ftpserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n..@apache.org
Subject svn commit: r564538 - in /incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver: ./ interfaces/ listener/io/ listener/mina/ ssl/
Date Fri, 10 Aug 2007 10:20:45 GMT
Author: ngn
Date: Fri Aug 10 03:20:39 2007
New Revision: 564538

URL: http://svn.apache.org/viewvc?view=rev&rev=564538
Log:
Enable wanted client authentication (FTPSERVER-96)

Added:
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java
  (with props)
Modified:
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/IODataConnectionFactory.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/Ssl.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOConnection.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOListener.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaConnection.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaListener.java
    incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ssl/DefaultSsl.java

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/IODataConnectionFactory.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/IODataConnectionFactory.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/IODataConnectionFactory.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/IODataConnectionFactory.java
Fri Aug 10 03:20:39 2007
@@ -34,6 +34,7 @@
 
 import org.apache.ftpserver.ftplet.DataConnection;
 import org.apache.ftpserver.ftplet.FtpException;
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.DataConnectionConfig;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.Ssl;
@@ -196,7 +197,12 @@
         }
         
         // initialize server socket
-        sslServerSocket.setNeedClientAuth(ssl.getClientAuthenticationRequired());
+        if(ssl.getClientAuth() == ClientAuth.NEED) {
+            sslServerSocket.setNeedClientAuth(true);
+        } else if(ssl.getClientAuth() == ClientAuth.WANT) {
+            sslServerSocket.setWantClientAuth(true);
+        }
+
         
         if(ssl.getEnabledCipherSuites() != null) {
             sslServerSocket.setEnabledCipherSuites(ssl.getEnabledCipherSuites());

Added: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java?view=auto&rev=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java
(added)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java
Fri Aug 10 03:20:39 2007
@@ -0,0 +1,17 @@
+package org.apache.ftpserver.interfaces;
+
+public class ClientAuth {
+    public static final ClientAuth NEED = new ClientAuth("Need");
+    public static final ClientAuth WANT = new ClientAuth("Want");
+    public static final ClientAuth NONE = new ClientAuth("None");
+    
+    private String type;
+    
+    private ClientAuth(String type) {
+        this.type = type;
+    }
+
+    public String toString() {
+        return type;
+    }
+}
\ No newline at end of file

Propchange: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/ClientAuth.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/Ssl.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/Ssl.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/Ssl.java (original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/interfaces/Ssl.java Fri Aug
10 03:20:39 2007
@@ -39,5 +39,5 @@
      * @return An array of cipher suites, or null.
      */
     String[] getEnabledCipherSuites();
-    boolean getClientAuthenticationRequired();
+    ClientAuth getClientAuth();
 }

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOConnection.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOConnection.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOConnection.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOConnection.java
Fri Aug 10 03:20:39 2007
@@ -36,6 +36,7 @@
 import org.apache.ftpserver.FtpSessionImpl;
 import org.apache.ftpserver.FtpWriter;
 import org.apache.ftpserver.ftplet.FtpException;
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.FtpServerSession;
 import org.apache.ftpserver.interfaces.Ssl;
@@ -224,7 +225,11 @@
         ssoc.setUseClientMode(clientMode);
         
         // initialize socket
-        ssoc.setNeedClientAuth(ssl.getClientAuthenticationRequired());
+        if(ssl.getClientAuth() == ClientAuth.NEED) {
+            ssoc.setNeedClientAuth(true);
+        } else if(ssl.getClientAuth() == ClientAuth.WANT) {
+            ssoc.setWantClientAuth(true);
+        }
 
         if(ssl.getEnabledCipherSuites() != null) {
             ssoc.setEnabledCipherSuites(ssl.getEnabledCipherSuites());

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOListener.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOListener.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOListener.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/io/IOListener.java
Fri Aug 10 03:20:39 2007
@@ -28,6 +28,7 @@
 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
 
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.Ssl;
 import org.apache.ftpserver.listener.AbstractListener;
@@ -88,7 +89,11 @@
             }
             
             // initialize server socket
-            sslServerSocket.setNeedClientAuth(ssl.getClientAuthenticationRequired());
+            if(ssl.getClientAuth() == ClientAuth.NEED) {
+                sslServerSocket.setNeedClientAuth(true);
+            } else if(ssl.getClientAuth() == ClientAuth.WANT) {
+                sslServerSocket.setWantClientAuth(true);
+            }
             
             if(ssl.getEnabledCipherSuites() != null) {
                 sslServerSocket.setEnabledCipherSuites(ssl.getEnabledCipherSuites());

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaConnection.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaConnection.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaConnection.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaConnection.java
Fri Aug 10 03:20:39 2007
@@ -28,6 +28,7 @@
 import org.apache.ftpserver.IODataConnectionFactory;
 import org.apache.ftpserver.FtpSessionImpl;
 import org.apache.ftpserver.ftplet.FtpException;
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.FtpServerSession;
 import org.apache.ftpserver.interfaces.Ssl;
@@ -96,7 +97,11 @@
             session.setAttribute(SSLFilter.DISABLE_ENCRYPTION_ONCE);
             
             SSLFilter sslFilter = new SSLFilter( ssl.getSSLContext() );
-            sslFilter.setNeedClientAuth(ssl.getClientAuthenticationRequired());
+            if(ssl.getClientAuth() == ClientAuth.NEED) {
+                sslFilter.setNeedClientAuth(true);
+            } else if(ssl.getClientAuth() == ClientAuth.WANT) {
+                sslFilter.setWantClientAuth(true);
+            }
             
             if(ssl.getEnabledCipherSuites() != null) {
                 sslFilter.setEnabledCipherSuites(ssl.getEnabledCipherSuites());

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaListener.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaListener.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaListener.java
(original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/listener/mina/MinaListener.java
Fri Aug 10 03:20:39 2007
@@ -22,6 +22,7 @@
 import java.io.IOException;
 import java.net.InetSocketAddress;
 
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.FtpServerContext;
 import org.apache.ftpserver.interfaces.Ssl;
 import org.apache.ftpserver.listener.AbstractListener;
@@ -99,7 +100,12 @@
             Ssl ssl = getSsl();
             SSLFilter sslFilter = new SSLFilter( ssl.getSSLContext() );
             
-            sslFilter.setNeedClientAuth(ssl.getClientAuthenticationRequired());
+            if(ssl.getClientAuth() == ClientAuth.NEED) {
+                sslFilter.setNeedClientAuth(true);
+            } else if(ssl.getClientAuth() == ClientAuth.WANT) {
+                sslFilter.setWantClientAuth(true);
+            }
+
             if(ssl.getEnabledCipherSuites() != null) {
                 sslFilter.setEnabledCipherSuites(ssl.getEnabledCipherSuites());
             }

Modified: incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ssl/DefaultSsl.java
URL: http://svn.apache.org/viewvc/incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ssl/DefaultSsl.java?view=diff&rev=564538&r1=564537&r2=564538
==============================================================================
--- incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ssl/DefaultSsl.java (original)
+++ incubator/ftpserver/trunk/core/src/java/org/apache/ftpserver/ssl/DefaultSsl.java Fri Aug
10 03:20:39 2007
@@ -30,6 +30,7 @@
 import javax.net.ssl.TrustManagerFactory;
 
 import org.apache.ftpserver.FtpServerConfigurationException;
+import org.apache.ftpserver.interfaces.ClientAuth;
 import org.apache.ftpserver.interfaces.Ssl;
 import org.apache.ftpserver.util.IoUtils;
 import org.slf4j.Logger;
@@ -50,7 +51,7 @@
     private String keystoreAlgorithm = "SunX509";
     
     private String sslProtocol = "TLS";
-    private boolean clientAuthReqd = false;
+    private ClientAuth clientAuthReqd = ClientAuth.NONE;
     private String keyPass = "password";   // TODO should we really default this value?
 
     private KeyStore keyStore;
@@ -81,8 +82,15 @@
         this.sslProtocol = sslProtocol;
     }
     
-    public void setClientAuthentication(boolean clientAuthReqd) {
-        this.clientAuthReqd = clientAuthReqd;
+    public void setClientAuthentication(String clientAuthReqd) {
+        if("true".equalsIgnoreCase(clientAuthReqd) 
+                || "yes".equalsIgnoreCase(clientAuthReqd)) {
+            this.clientAuthReqd = ClientAuth.NEED;
+        } else if("want".equalsIgnoreCase(clientAuthReqd)) {
+            this.clientAuthReqd = ClientAuth.WANT;
+        } else {
+            this.clientAuthReqd = ClientAuth.NONE;
+        }
     }
     
     public void setKeyPassword(String keyPass) {
@@ -166,7 +174,7 @@
     public void dispose() {
     }
 
-    public boolean getClientAuthenticationRequired() {
+    public ClientAuth getClientAuth() {
         return clientAuthReqd;
     }
 



Mime
View raw message