tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Rescorla <>
Subject Re: Resend: SSL portability and Coyote
Date Sat, 27 Apr 2002 15:44:10 GMT
"Bill Barker" <> writes:
> From: "Eric Rescorla" <>
> I assume you mean actions.  They are defined in o.a.c.ActionCode, and
> processed by somebody implementing o.a.c.ActionHook (both under the "coyote"
> directory).  For the HTTP/1.1 connector, this is
> o.a.c.http11.Http11Processor (under the "http11" directory).  The usual way
> to fire them is to call o.a.c.Response.action (which is conventionally named
> "coyoteResponse").  For the SSL action, the second parameter is the
> o.a.c.Request.
> This is mostly working, except that I couldn't find how to get the keySize
> for PureTLS (so PureTLSSupport is currently returning null).
It's still not clear to me what "keysize" means. Is it supposed
to be the symmetric key size? If so, you just use the same kind of
table as in CertificateValve. Email to Sun to get this question answered
haven't been returned. It could also be the asymmetric key size.

> > I can arrange for this to get called, but I'm not even sure where
> > to look to arrange it.
> >
> I'm not sure either, which is why I'm talking about it instead of doing it
> :).  My guess would be o.a.c.tomcat4.CoyoteAdapter.postParseRequest.
> However, the current Catalina code is doing it much much later.  I'm pretty
> sure that you can't get the 3.3.x behavior of "only when asked for" without
> a lot of changes in Catalina (this is more a reflection of spec changes
> between 2.2 & 2.3 than design).
Yeah. Who here understands this part of Catalina well enough to have
an opinion?

[Eric Rescorla                         ]

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message