Return-Path: Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 16502 invoked from network); 1 Jul 2000 19:29:23 -0000 Received: from mtiwmhc24.worldnet.att.net (204.127.131.49) by locus.apache.org with SMTP; 1 Jul 2000 19:29:23 -0000 Received: from raegunn ([12.72.64.144]) by mtiwmhc24.worldnet.att.net (InterMail vM.4.01.02.39 201-229-119-122) with SMTP id <20000701192851.FIPO2023.mtiwmhc24.worldnet.att.net@raegunn> for ; Sat, 1 Jul 2000 19:28:51 +0000 Message-ID: <001801bfe392$930434c0$9040480c@raegunn> From: "Warner Onstine" To: Subject: [patch] Patch for SSL Date: Sat, 1 Jul 2000 12:28:43 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N Hi all, I have added some variables and cleaned up some stuff in Costin's code. It has been now set up for Client Auth. -------------------------------------------------- Index: SSLSocketFactory.java =================================================================== RCS file: /home/cvspublic/jakarta-tomcat/src/share/org/apache/tomcat/net/SSLSocketFact ory.java,v retrieving revision 1.1 diff -r1.1 SSLSocketFactory.java 96a97 > private String keystore; 102a104,107 > static String defaultKeystore = "JKS"; > static String defaultProtocol = "TLS"; > static String defaultAlgorithm = "SunX509"; > static boolean defaultClientAuth = false; 151c156,157 < String keystoreFile=(String)attributes.get("keystore"); --- > //Where is the server certificate at? > String keystoreFile=(String)attributes.get("keystoreFile"); 153a160 > //Password for the server certificate 156a164,186 > //This is the type of keystore ie - JKS > keystore = (String)attributes.get("keystore"); > if(keystore == null) keystore=defaultKeystore; > > //determine whether we want client authentication > String clientAuthBool = (String)attributes.get("clientauth"); > > clientAuthBool==null){ > clientAuth=defaultClientAuth; > } else if(clientAuthBool.equalsIgnoreCase("true")){ > clientAuth = true; > } else{ > clientAuth = false; > } > > //protocol for the SSL ie - TLS, SSL v3 etc. > String protocol = (String)attributes.get("protocol"); > if(protocol == null) protocol = defaultProtocol; > > //Algorithm used to encode the certificate ie - SunX509 > String algorithm = (String)attributes.get("algorithm"); > if(algorithm == null) algorithm = defaultAlgorithm; > 164c194 < com.sun.net.ssl.SSLContext.getInstance("TLS"); //SSL --- > com.sun.net.ssl.SSLContext.getInstance(protocol); //SSL 168c198 < com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509"); --- > com.sun.net.ssl.KeyManagerFactory.getInstance(algo rithm); 177c207 < context.init(kmf.getKeyManagers(), null, null); --- > context.init(kmf.getKeyManagers(), null, new java.security.SecureRandom()); 203c233 < socket.setNeedClientAuth(false); --- > socket.setNeedClientAuth(clientAuth); 212c242 < KeyStore kstore=KeyStore.getInstance( "JKS" ); --- > KeyStore kstore=KeyStore.getInstance(keystore);