tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lu...@apache.org
Subject cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5 CoyoteConnector.java CoyoteServerSocketFactory.java mbeans-descriptors.xml
Date Mon, 11 Aug 2003 21:44:16 GMT
luehe       2003/08/11 14:44:16

  Modified:    catalina/src/share/org/apache/coyote/tomcat5
                        CoyoteConnector.java CoyoteServerSocketFactory.java
                        mbeans-descriptors.xml
  Log:
  - Added support for specifying comma-separated list of SSL protocol
    variants to be enabled
  
    This may be useful to disable the less secure SSLv2.
  
  - Fixed bug in CoyoteConnector getter methods for SSL related attributes, which
    would always return null if SSL properties were configured directly on the
    <Connector> (instead of its nested and now deprecated <Factory> element)
  
  Revision  Changes    Path
  1.22      +107 -45   jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteConnector.java
  
  Index: CoyoteConnector.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteConnector.java,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- CoyoteConnector.java	11 Aug 2003 18:06:11 -0000	1.21
  +++ CoyoteConnector.java	11 Aug 2003 21:44:16 -0000	1.22
  @@ -1302,6 +1302,8 @@
                                              ssf.getKeystoreType());
               IntrospectionUtils.setProperty(protocolHandler, "protocol",
                                              ssf.getProtocol());
  +            IntrospectionUtils.setProperty(protocolHandler, "protocols",
  +                                           ssf.getProtocols());
               IntrospectionUtils.setProperty(protocolHandler,
                                              "sSLImplementation",
                                              ssf.getSSLImplementation());
  @@ -1336,23 +1338,27 @@
           }
       }
   
  -    /**
  +    /*
        * Translate the attribute name from the legacy Factory names to their
        * internal protocol names.
        */
       private String translateAttributeName(String name) {
  -	if("clientAuth".equals(name)) {
  +	if ("clientAuth".equals(name)) {
   	    return "clientauth";
  -	} else if("keystoreFile".equals(name)) {
  +	} else if ("keystoreFile".equals(name)) {
   	    return "keystore";
  -	} else if("randomFile".equals(name)) {
  +	} else if ("randomFile".equals(name)) {
   	    return "randomfile";
  -	} else if("rootFile".equals(name)) {
  +	} else if ("rootFile".equals(name)) {
   	    return "rootfile";
  -	} else if("keystorePass".equals(name)) {
  +	} else if ("keystorePass".equals(name)) {
   	    return "keypass";
  -	} else if("keystoreType".equals(name)) {
  +	} else if ("keystoreType".equals(name)) {
   	    return "keytype";
  +	} else if ("sslProtocol".equals(name)) {
  +	    return "protocol";
  +	} else if ("sslProtocols".equals(name)) {
  +	    return "protocols";
   	}
   	return name;
       }
  @@ -1454,50 +1460,63 @@
       // -------------------- Management methods --------------------
   
       public boolean getClientAuth() {
  -        ServerSocketFactory factory= this.getFactory();
  -        if( ! (factory instanceof CoyoteServerSocketFactory) )
  -            return false;
  -        CoyoteServerSocketFactory coyoteFactory=(CoyoteServerSocketFactory)factory;
  -        return coyoteFactory.getClientAuth();
  +        boolean ret = false;
  +
  +        String prop = (String) getProperty("clientauth");
  +        if (prop != null) {
  +            ret = Boolean.valueOf(prop).booleanValue();
  +        } else {	
  +            ServerSocketFactory factory = this.getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getClientAuth();
  +            }
  +        }
  +
  +        return ret;
       }
   
       public void setClientAuth(boolean clientAuth) {
           setProperty("clientauth", String.valueOf(clientAuth));
  -        ServerSocketFactory factory= this.getFactory();
  -        if( ! (factory instanceof CoyoteServerSocketFactory) )
  -            return;
  -        CoyoteServerSocketFactory coyoteFactory=(CoyoteServerSocketFactory)factory;
  -        coyoteFactory.setClientAuth(clientAuth);
  +        ServerSocketFactory factory = this.getFactory();
  +        if (factory instanceof CoyoteServerSocketFactory) {
  +            ((CoyoteServerSocketFactory)factory).setClientAuth(clientAuth);
  +        }
       }
   
   
       public String getKeystoreFile() {
  -        ServerSocketFactory factory= this.getFactory();
  -        if( ! (factory instanceof CoyoteServerSocketFactory) )
  -            return null;
  -        CoyoteServerSocketFactory coyoteFactory=(CoyoteServerSocketFactory)factory;
  -        return coyoteFactory.getKeystoreFile();
  +        String ret = (String) getProperty("keystore");
  +        if (ret == null) {
  +            ServerSocketFactory factory = this.getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getKeystoreFile();
  +            }
  +        }
  +
  +        return ret;
       }
   
       public void setKeystoreFile(String keystoreFile) {
           setProperty("keystore", keystoreFile);
  -        ServerSocketFactory factory= this.getFactory();
  -        if( ! (factory instanceof CoyoteServerSocketFactory) )
  -            return;
  -        CoyoteServerSocketFactory coyoteFactory=(CoyoteServerSocketFactory)factory;
  -        coyoteFactory.setKeystoreFile(keystoreFile);
  -        
  +        ServerSocketFactory factory = this.getFactory();
  +        if (factory instanceof CoyoteServerSocketFactory) {
  +            ((CoyoteServerSocketFactory)factory).setKeystoreFile(keystoreFile);
  +        }
       }
   
       /**
        * Return keystorePass
        */
       public String getKeystorePass() {
  -        ServerSocketFactory factory = getFactory();
  -        if( factory instanceof CoyoteServerSocketFactory ) {
  -            return ((CoyoteServerSocketFactory)factory).getKeystorePass();
  +        String ret = (String) getProperty("keypass");
  +        if (ret == null) {
  +            ServerSocketFactory factory = getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory ) {
  +                return ((CoyoteServerSocketFactory)factory).getKeystorePass();
  +            }
           }
  -        return null;
  +
  +        return ret;
       }
   
       /**
  @@ -1519,11 +1538,15 @@
        * enabled
        */
       public String getCiphers() {
  -        ServerSocketFactory factory = getFactory();
  -        if (factory instanceof CoyoteServerSocketFactory) {
  -            return ((CoyoteServerSocketFactory)factory).getCiphers();
  +        String ret = (String) getProperty("ciphers");
  +        if (ret == null) {
  +            ServerSocketFactory factory = getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getCiphers();
  +            }
           }
  -        return null;
  +
  +        return ret;
       }
   
       /**
  @@ -1549,11 +1572,15 @@
        * @return The alias name of the keypair and supporting certificate chain
        */
       public String getKeyAlias() {
  -        ServerSocketFactory factory = getFactory();
  -        if (factory instanceof CoyoteServerSocketFactory) {
  -            return ((CoyoteServerSocketFactory)factory).getKeyAlias();
  +        String ret = (String) getProperty("keyAlias");
  +        if (ret == null) {
  +            ServerSocketFactory factory = getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getKeyAlias();
  +            }
           }
  -        return null;
  +
  +        return ret;
       }
   
       /**
  @@ -1577,11 +1604,15 @@
        * @return SSL protocol variant
        */
       public String getSslProtocol() {
  -        ServerSocketFactory factory = getFactory();
  -        if (factory instanceof CoyoteServerSocketFactory) {
  -            return ((CoyoteServerSocketFactory)factory).getProtocol();
  +        String ret = (String) getProperty("sslProtocol");
  +        if (ret == null) {
  +            ServerSocketFactory factory = getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getProtocol();
  +            }
           }
  -        return null;
  +
  +        return ret;
       }
   
       /**
  @@ -1590,9 +1621,40 @@
        * @param sslProtocol SSL protocol variant
        */
       public void setSslProtocol(String sslProtocol) {
  +        setProperty("sslProtocol", sslProtocol);
           ServerSocketFactory factory = getFactory();
           if (factory instanceof CoyoteServerSocketFactory) {
               ((CoyoteServerSocketFactory)factory).setProtocol(sslProtocol);
  +        }
  +    }
  +
  +    /**
  +     * Gets the SSL protocol variants to be enabled.
  +     *
  +     * @return Comma-separated list of SSL protocol variants
  +     */
  +    public String getSslProtocols() {
  +        String ret = (String) getProperty("sslProtocols");
  +        if (ret == null) {
  +            ServerSocketFactory factory = getFactory();
  +            if (factory instanceof CoyoteServerSocketFactory) {
  +                ret = ((CoyoteServerSocketFactory)factory).getProtocols();
  +            }
  +        }
  +
  +        return ret;
  +    }
  +
  +    /**
  +     * Sets the SSL protocol variants to be enabled.
  +     *
  +     * @param sslProtocols Comma-separated list of SSL protocol variants
  +     */
  +    public void setSslProtocols(String sslProtocols) {
  +        setProperty("sslProtocols", sslProtocols);
  +        ServerSocketFactory factory = getFactory();
  +        if (factory instanceof CoyoteServerSocketFactory) {
  +            ((CoyoteServerSocketFactory)factory).setProtocols(sslProtocols);
           }
       }
   
  
  
  
  1.4       +19 -0     jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteServerSocketFactory.java
  
  Index: CoyoteServerSocketFactory.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/CoyoteServerSocketFactory.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- CoyoteServerSocketFactory.java	11 Aug 2003 18:06:11 -0000	1.3
  +++ CoyoteServerSocketFactory.java	11 Aug 2003 21:44:16 -0000	1.4
  @@ -113,6 +113,7 @@
       private String keystorePass = "changeit";
       private String keystoreType = "JKS";
       private String protocol = "TLS";
  +    private String protocols;
       private String sslImplementation = null;
       private String cipherSuites;
       private String keyAlias;
  @@ -277,6 +278,24 @@
        */
       public void setProtocol(String protocol) {
           this.protocol = protocol;
  +    }
  +
  +    /**
  +     * Gets the SSL protocol variants to be enabled.
  +     *
  +     * @return Comma-separated list of SSL protocol variants
  +     */
  +    public String getProtocols() {
  +        return this.protocols;
  +    }
  +
  +    /**
  +     * Sets the SSL protocol variants to be enabled.
  +     *
  +     * @param protocols Comma-separated list of SSL protocol variants
  +     */
  +    public void setProtocols(String protocols) {
  +        this.protocols = protocols;
       }
   
       /**
  
  
  
  1.5       +4 -0      jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/mbeans-descriptors.xml
  
  Index: mbeans-descriptors.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5/mbeans-descriptors.xml,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- mbeans-descriptors.xml	11 Aug 2003 18:06:11 -0000	1.4
  +++ mbeans-descriptors.xml	11 Aug 2003 21:44:16 -0000	1.5
  @@ -40,6 +40,10 @@
             description="SSL protocol variant to be used"
                    type="java.lang.String"/>
   
  +    <attribute   name="sslProtocols"
  +          description="Comma-separated list of SSL protocol variants to be enabled"
  +                 type="java.lang.String"/>
  +
       <attribute   name="connectionTimeout"
             description="Timeout value on the incoming connection"
                    type="int"/>
  
  
  

Mime
View raw message