tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From billbar...@apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/server Http10Interceptor.java PoolTcpConnector.java
Date Fri, 07 Dec 2001 04:38:26 GMT
billbarker    01/12/06 20:38:26

  Modified:    src/share/org/apache/tomcat/modules/server
                        Http10Interceptor.java PoolTcpConnector.java
  Log:
  PureTLS support changes.
  Submitted by:	Eric Rescorla ekr@rtfm.com
  
  Revision  Changes    Path
  1.28      +45 -7     jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Http10Interceptor.java
  
  Index: Http10Interceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Http10Interceptor.java,v
  retrieving revision 1.27
  retrieving revision 1.28
  diff -u -r1.27 -r1.28
  --- Http10Interceptor.java	2001/11/02 03:14:03	1.27
  +++ Http10Interceptor.java	2001/12/07 04:38:26	1.28
  @@ -156,6 +156,10 @@
   	    reqA.readNextRequest(resA);
   	    if( secure ) {
   		reqA.scheme().setString( "https" );
  + 
  + 		// Load up the SSLSupport class
  +		if(sslImplementation != null)
  +		    reqA.setSSLSupport(sslImplementation.getSSLSupport(socket));
   	    }
   	    
   	    cm.service( reqA, resA );
  @@ -199,13 +203,47 @@
   	    catch (IOException e) { /* ignore */ }
           }
       }
  + 
  +     /**
  +       getInfo calls for SSL data
  + 
  +       @return the requested data
  +     */
  +     public Object getInfo( Context ctx, Request request,
  + 			   int id, String key ) {
  +       // The following code explicitly assumes that the only
  +       // attributes hand;ed here are HTTP. If you change that
  +       // you MUST change the test for sslSupport==null --EKR
  + 
  +       HttpRequest httpReq;
  +
  +       
  +       try {
  + 	httpReq=(HttpRequest)request;
  +       } catch (ClassCastException e){
  + 	return null;
  +       }
  + 
  +       if(key!=null && httpReq!=null && httpReq.sslSupport!=null){
  + 	  try {
  + 	      if(key.equals("javax.servlet.request.cipher_suite"))
  + 		  return httpReq.sslSupport.getCipherSuite();
  + 	      if(key.equals("javax.servlet.request.X509Certificate"))
  + 		  return httpReq.sslSupport.getPeerCertificateChain();
  + 	  } catch (Exception e){
  + 	      log("Exception getting SSL attribute " + key,e,Log.WARNING);
  + 	      return null;
  + 	  }
  +       }
  +       return super.getInfo(ctx,request,id,key);
  +     }
   }
   
   class HttpRequest extends Request {
       Http10 http=new Http10();
       private boolean moreRequests = false;
       Socket socket;
  -    static CertCompat certcompat = CertCompat.getCertCompat();
  +    SSLSupport sslSupport=null;
       
       public HttpRequest() {
           super();
  @@ -214,12 +252,6 @@
           remoteAddrMB.recycle();
           remoteHostMB.recycle();
       }
  -    public Object getAttribute(String name) {
  -        if (name.equals("javax.servlet.request.X509Certificate")) {
  -            return(certcompat.getX509Certificates(socket));
  -	}
  -        return(super.getAttribute(name));
  -    }
   
       public void recycle() {
   	super.recycle();
  @@ -227,6 +259,7 @@
           // recycle these to remove the defaults
           remoteAddrMB.recycle();
           remoteHostMB.recycle();
  +	sslSupport=null;
       }
   
       public void setSocket(Socket socket) throws IOException {
  @@ -352,6 +385,11 @@
   	//	log("No server name, defaulting to localhost");
           serverNameMB.setString( getLocalHost() );
       }
  + 
  +    void setSSLSupport(SSLSupport s){
  +        sslSupport=s;
  +    }
  + 
   }
   
   
  
  
  
  1.13      +29 -27    jakarta-tomcat/src/share/org/apache/tomcat/modules/server/PoolTcpConnector.java
  
  Index: PoolTcpConnector.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/PoolTcpConnector.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- PoolTcpConnector.java	2001/11/07 03:36:47	1.12
  +++ PoolTcpConnector.java	2001/12/07 04:38:26	1.13
  @@ -88,9 +88,11 @@
   {
       protected PoolTcpEndpoint ep;
       protected ServerSocketFactory socketFactory;
  +    protected SSLImplementation sslImplementation;
       // socket factory attriubtes ( XXX replace with normal setters ) 
       protected Hashtable attributes = new Hashtable();
       protected String socketFactoryName=null;
  +    protected String sslImplementationName=null;
       protected boolean secure=false;
   
       public PoolTcpConnector() {
  @@ -187,33 +189,39 @@
        */
       private void checkSocketFactory() throws TomcatException {
   	if(secure) {
  -	    if(socketFactoryName == null)
  -		socketFactoryName = SSL_FACT;
  -	    /* backwards compatibility */
  -	    if(SSL_FACT.equals(socketFactoryName)) {
  -		try {
  -		    Class c1=Class.forName( SSL_CHECK );		    
  -		} catch (Exception sslex) {
  -		    throw new TomcatException("JSSE not installed.",sslex);
  -		}
  -		System.getProperties().put("java.protocol.handler.pkgs",
  -                        "com.sun.net.ssl.internal.www.protocol");
  -	    }
  -	}
  -	if(socketFactoryName != null) {
  -	    try {
  -		socketFactory = string2SocketFactory(socketFactoryName);
  -		ep.setServerSocketFactory(socketFactory);
  -	    } catch(Exception sfex) {
  -		throw new TomcatException("Error Loading Socket Factory " +
  -					  socketFactoryName,
  -					  sfex);
  + 	    try {
  + 		// The SSL setup code has been moved into
  + 		// SSLImplementation since SocketFactory doesn't
  + 		// provide a wide enough interface
  + 		sslImplementation=SSLImplementation.getInstance
  + 		    (sslImplementationName);
  + 		ep.setServerSocketFactory(sslImplementation.
  + 					  getServerSocketFactory());
  + 	    } catch (ClassNotFoundException e){
  + 		throw new TomcatException("Error loading SSLImplementation ",
  + 					  e);
  +  	    }
  +  	}
  + 	else {
  + 	    if (socketFactoryName != null) {
  + 		try {
  + 		    socketFactory = string2SocketFactory(socketFactoryName);
  + 		    ep.setServerSocketFactory(socketFactory);
  + 		} catch(Exception sfex) {
  + 		    throw new TomcatException("Error Loading Socket Factory " +
  + 					      socketFactoryName,
  + 					      sfex);
  + 		}
   	    }
   	}
       }
       public void setSocketFactory( String valueS ) {
   	socketFactoryName = valueS;
       }
  +    public void setSSLImplementation( String valueS) {
  + 	sslImplementationName=valueS;
  +    }
  + 	
   
       // -------------------- Socket options --------------------
   
  @@ -271,12 +279,6 @@
       public boolean isClientauthSet() {
           return (attributes.get("clientauth") != null);
       }
  -
  -    public static final String SSL_CHECK=
  -	"javax.net.ssl.SSLServerSocketFactory";
  -    public static final String SSL_FACT=
  -	"org.apache.tomcat.util.net.SSLSocketFactory";
  -
   
       public void setSecure( boolean b ) {
       	secure=b;
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message