tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From hgo...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jk/java/org/apache/jk/server JkCoyoteHandler.java
Date Sat, 23 Nov 2002 06:34:48 GMT
hgomez      2002/11/22 22:34:48

  Modified:    jk/java/org/apache/jk/common HandlerRequest.java
               jk/java/org/apache/jk/server JkCoyoteHandler.java
  Log:
  Fix null getRemoteHost.
  Lasy extraction of ssl certs to speed up jk/ajp13 when under SSL
  
  Revision  Changes    Path
  1.18      +6 -24     jakarta-tomcat-connectors/jk/java/org/apache/jk/common/HandlerRequest.java
  
  Index: HandlerRequest.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/jk/common/HandlerRequest.java,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- HandlerRequest.java	4 Oct 2002 23:26:25 -0000	1.17
  +++ HandlerRequest.java	23 Nov 2002 06:34:47 -0000	1.18
  @@ -62,13 +62,12 @@
   import java.io.*;
   import java.net.*;
   import java.util.*;
  -import java.security.*;
  -import java.security.cert.*;
   
   import org.apache.jk.core.*;
   
   import org.apache.tomcat.util.http.*;
   import org.apache.tomcat.util.buf.*;
  +import org.apache.tomcat.util.net.SSLSupport;
   
   import org.apache.coyote.Request;
   import org.apache.coyote.*;
  @@ -482,7 +481,7 @@
                */
               if( attributeCode == SC_A_SSL_KEY_SIZE ) {
                   // Bug 1326: it's an Integer.
  -		req.setAttribute("javax.servlet.request.key_size",
  +		req.setAttribute(SSLSupport.KEY_SIZE_KEY,
                                    new Integer( msg.getInt()));
   	       //Integer.toString(msg.getInt()));
               }
  @@ -535,38 +534,21 @@
                   // Transform the string into certificate.
                   msg.getBytes(tmpMB);
                   String certString = tmpMB.toString();
  -                byte[] certData = certString.getBytes();
  -                ByteArrayInputStream bais = new ByteArrayInputStream(certData);
  - 
  -                // Fill the first element.
  -                X509Certificate jsseCerts[] = null;
  -                try {
  -                    CertificateFactory cf =
  -                        CertificateFactory.getInstance("X.509");
  -                    X509Certificate cert = (X509Certificate)
  -                        cf.generateCertificate(bais);
  -                    jsseCerts =  new X509Certificate[1];
  -                    jsseCerts[0] = cert;
  -                } catch(java.security.cert.CertificateException e) {
  -                    log.error("Certificate convertion failed" + e );
  -                    e.printStackTrace();
  -                }
  - 
  -                req.setAttribute("javax.servlet.request.X509Certificate",
  -                                 jsseCerts);
  +				// SSL certificate extraction is costy, moved to JkCoyoteHandler
  +                req.setAttribute(SSLSupport.CERTIFICATE_KEY, certString);
                   break;
   		
    	    case SC_A_SSL_CIPHER   :
   		req.scheme().setString( "https" );
                   msg.getBytes(tmpMB);
  -		req.setAttribute("javax.servlet.request.cipher_suite",
  +		req.setAttribute(SSLSupport.CIPHER_SUITE_KEY,
   				 tmpMB.toString());
                   break;
   		
   	    case SC_A_SSL_SESSION  :
   		req.scheme().setString( "https" );
                   msg.getBytes(tmpMB);
  -		req.setAttribute("javax.servlet.request.ssl_session",
  +		req.setAttribute(SSLSupport.SESSION_ID_KEY, 
   				  tmpMB.toString());
                   break;
                   
  
  
  
  1.31      +31 -1     jakarta-tomcat-connectors/jk/java/org/apache/jk/server/JkCoyoteHandler.java
  
  Index: JkCoyoteHandler.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/jk/server/JkCoyoteHandler.java,v
  retrieving revision 1.30
  retrieving revision 1.31
  diff -u -r1.30 -r1.31
  --- JkCoyoteHandler.java	13 Nov 2002 00:18:16 -0000	1.30
  +++ JkCoyoteHandler.java	23 Nov 2002 06:34:47 -0000	1.31
  @@ -62,6 +62,8 @@
   import java.io.*;
   import java.net.*;
   import java.util.*;
  +import java.security.*;
  +import java.security.cert.*;
   
   import org.apache.jk.core.*;
   import org.apache.jk.common.*;
  @@ -69,6 +71,7 @@
   import org.apache.tomcat.util.buf.*;
   import org.apache.tomcat.util.log.*;
   import org.apache.tomcat.util.http.*;
  +import org.apache.tomcat.util.net.SSLSupport;
   
   import org.apache.coyote.*;
   
  @@ -376,9 +379,36 @@
                   if( logTime.isDebugEnabled() ) 
                       logTime(res.getRequest(), res);
               } else if( actionCode==ActionCode.ACTION_REQ_SSL_ATTRIBUTE ) {
  -                
  +                org.apache.coyote.Request req=(org.apache.coyote.Request)param;
  +
  +				// Extract SSL certificate information (if requested)
  +                String certString = (String)req.getAttribute(SSLSupport.CERTIFICATE_KEY);
  +                byte[] certData = certString.getBytes();
  +                ByteArrayInputStream bais = new ByteArrayInputStream(certData);
  + 
  +                // Fill the first element.
  +                X509Certificate jsseCerts[] = null;
  +                try {
  +                    CertificateFactory cf =
  +                        CertificateFactory.getInstance("X.509");
  +                    X509Certificate cert = (X509Certificate)
  +                        cf.generateCertificate(bais);
  +                    jsseCerts =  new X509Certificate[1];
  +                    jsseCerts[0] = cert;
  +                } catch(java.security.cert.CertificateException e) {
  +                    log.error("Certificate convertion failed" + e );
  +                    e.printStackTrace();
  +                }
  + 
  +                req.setAttribute(SSLSupport.CERTIFICATE_KEY, 
  +                                 jsseCerts);
                   
               } else if( actionCode==ActionCode.ACTION_REQ_HOST_ATTRIBUTE ) {
  +                org.apache.coyote.Request req=(org.apache.coyote.Request)param;
  +
  +				// If remoteHost not set by JK, get it's name from it's remoteAddr
  +            	if( req.remoteHost().isNull())
  +                	req.remoteHost().setString(InetAddress.getByName(req.remoteAddr().toString()).getHostName());
   
               // } else if( actionCode==ActionCode.ACTION_POST_REQUEST ) {
   
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message