tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src ssl.c sslcontext.c sslutils.c
Date Wed, 01 Jun 2005 08:19:39 GMT
mturk       2005/06/01 01:19:39

  Modified:    jni/java/org/apache/tomcat/jni SSLContext.java
               jni/native/include ssl_private.h
               jni/native/src ssl.c sslcontext.c sslutils.c
  Log:
  Add functions for setting error and password prompt BIO callbacks.
  
  Revision  Changes    Path
  1.4       +34 -1     jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java
  
  Index: SSLContext.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- SSLContext.java	1 Jun 2005 06:38:09 -0000	1.3
  +++ SSLContext.java	1 Jun 2005 08:19:39 -0000	1.4
  @@ -61,6 +61,39 @@
        * @return APR Status code.
        */
       public static native int free(long ctx);
  +    
  +    /**
  +     * Set Virtual host id. Usually host:port combination.
  +     * @param ctx Context to use.
  +     * @param id  String that uniquely identifies this context.
  +     */
  +     public static native void setVhostId(long ctx, String id);
  + 
  +    /**
  +     * Asssociate BIOCallback for error reporting.
  +     * <br />
  +     * First word in the output string will contain error
  +     * level in the form:
  +     * <PRE>
  +     * [ERROR]  -- Critical error messages
  +     * [WARN]   -- Varning messages
  +     * [INFO]   -- Informational messages
  +     * [DEBUG]  -- Debugging messaged
  +     * </PRE>
  +     * Callback can use that word to determine application logging level
  +     * by intercepting <b>write</b> call. 
  +     * If the <b>bio</b> is set to 0 no error messages will be displayed.
  +     * Default is to use the stderr output stream.
  +     * @param ctx Server or Client context to use.
  +     * @param bio BIO handle to use, created with SSL.newBIO
  +     */
  +     public static native void setErrBIO(long ctx, long bio);
   
  +    /**
  +     * Asssociate BIOCallback for Password prompting.
  +     * @param ctx Server or Client context to use.
  +     * @param bio BIO handle to use, created with SSL.newBIO
  +     */
  +     public static native void setPPromptBIO(long ctx, long bio);
   
   }
  
  
  
  1.6       +4 -2      jakarta-tomcat-connectors/jni/native/include/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- ssl_private.h	1 Jun 2005 06:38:09 -0000	1.5
  +++ ssl_private.h	1 Jun 2005 08:19:39 -0000	1.6
  @@ -110,6 +110,8 @@
   struct tcn_ssl_ctxt {
       apr_pool_t      *pool;
       SSL_CTX         *ctx;
  +    BIO             *bio_err;
  +    BIO             *pprompt;
       unsigned char   vhost_id[MD5_DIGEST_LENGTH];
   
       int             protocol;
  @@ -144,6 +146,6 @@
   void        SSL_init_app_data2_idx(void);
   void       *SSL_get_app_data2(SSL *);
   void        SSL_set_app_data2(SSL *, void *);
  -
  +int         SSL_password_prompt(tcn_ssl_ctxt_t *, char *, int);
   
   #endif /* SSL_PRIVATE_H */
  
  
  
  1.15      +2 -2      jakarta-tomcat-connectors/jni/native/src/ssl.c
  
  Index: ssl.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- ssl.c	1 Jun 2005 06:38:09 -0000	1.14
  +++ ssl.c	1 Jun 2005 08:19:39 -0000	1.15
  @@ -438,8 +438,8 @@
               TCN_UNLOAD_CLASS(j->cb.env, j->cb.obj);
           }
           bi->init = 0;
  +        OPENSSL_free(bi->ptr);
       }
  -    OPENSSL_free(bi->ptr);
       bi->ptr = NULL;
       return 1;
   }
  
  
  
  1.5       +67 -4     jakarta-tomcat-connectors/jni/native/src/sslcontext.c
  
  Index: sslcontext.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- sslcontext.c	1 Jun 2005 06:35:26 -0000	1.4
  +++ sslcontext.c	1 Jun 2005 08:19:39 -0000	1.5
  @@ -53,9 +53,16 @@
                   }
               }
           }
  -        else {
  +        else if (c->pk.c.certs) {
               sk_X509_INFO_pop_free(c->pk.c.certs, X509_INFO_free);
  +            c->pk.c.certs = NULL;
           }
  +        if (c->pprompt)
  +            BIO_free(c->pprompt);
  +        c->pprompt = NULL;
  +        if (c->bio_err)
  +            BIO_free(c->bio_err);
  +        c->bio_err = NULL;
       }
       return APR_SUCCESS;
   }
  @@ -98,7 +105,14 @@
       c->mode = 1;
       c->ctx  = ctx;
       c->pool = p;
  -
  +    c->bio_err = BIO_new(BIO_s_file());
  +    c->pprompt = BIO_new(BIO_s_file());
  +    if (c->bio_err != NULL)
  +        BIO_set_fp(c->bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
  +    if (c->pprompt != NULL) {
  +        BIO_set_fp(c->bio_err, stdin, BIO_NOCLOSE | BIO_FP_TEXT);
  +        c->pprompt->flags = BIO_FLAGS_MEM_RDONLY;
  +    }
       SSL_CTX_set_options(c->ctx, SSL_OP_ALL);
       if (!(protocol & SSL_PROTOCOL_SSLV2))
           SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2);
  @@ -168,7 +182,14 @@
       c->mode = 0;
       c->ctx  = ctx;
       c->pool = p;
  -
  +    c->bio_err = BIO_new(BIO_s_file());
  +    c->pprompt = BIO_new(BIO_s_file());
  +    if (c->bio_err != NULL)
  +        BIO_set_fp(c->bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
  +    if (c->pprompt != NULL) {
  +        BIO_set_fp(c->bio_err, stdin, BIO_NOCLOSE | BIO_FP_TEXT);
  +        c->pprompt->flags = BIO_FLAGS_MEM_RDONLY;
  +    }
       SSL_CTX_set_options(c->ctx, SSL_OP_ALL);
       if (!(protocol & SSL_PROTOCOL_SSLV2))
           SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2);
  @@ -209,6 +230,48 @@
       return apr_pool_cleanup_run(c->pool, c, ssl_context_cleanup);
   }
   
  +TCN_IMPLEMENT_CALL(void, SSLContext, setVhostId)(TCN_STDARGS, jlong ctx,
  +                                                 jstring id)
  +{
  +    tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
  +    TCN_ALLOC_CSTRING(id);
  +
  +    TCN_ASSERT(ctx != 0);
  +    UNREFERENCED(o);
  +    if (J2S(id))
  +        MD5((const unsigned char *)J2S(id), (unsigned long)strlen(J2S(id)),
  +            &(c->vhost_id[0]));
  +
  +    TCN_FREE_CSTRING(id);
  +}
  +
  +TCN_IMPLEMENT_CALL(void, SSLContext, setErrBIO)(TCN_STDARGS, jlong ctx,
  +                                                jlong bio)
  +{
  +    tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
  +    BIO *bio_err      = J2P(bio, BIO *);
  +
  +    UNREFERENCED_STDARGS;
  +    TCN_ASSERT(ctx != 0);
  +    if (c->bio_err && c->bio_err != bio_err)
  +        BIO_free(c->bio_err);
  +    c->bio_err = bio_err;
  +}
  +
  +TCN_IMPLEMENT_CALL(void, SSLContext, setPPromptBIO)(TCN_STDARGS, jlong ctx,
  +                                                    jlong bio)
  +{
  +    tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
  +    BIO *pprompt      = J2P(bio, BIO *);
  +
  +    UNREFERENCED_STDARGS;
  +    TCN_ASSERT(ctx != 0);
  +    if (c->pprompt && c->pprompt != pprompt)
  +        BIO_free(c->pprompt);
  +    c->pprompt = pprompt;
  +}
  +
  +
   #else
   /* OpenSSL is not supported
    * If someday we make OpenSSL optional
  
  
  
  1.4       +15 -1     jakarta-tomcat-connectors/jni/native/src/sslutils.c
  
  Index: sslutils.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslutils.c,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- sslutils.c	1 Jun 2005 06:36:08 -0000	1.3
  +++ sslutils.c	1 Jun 2005 08:19:39 -0000	1.4
  @@ -100,6 +100,20 @@
       return APR_SUCCESS;
   }
   
  +/* Simple password prompting */
  +int SSL_password_prompt(tcn_ssl_ctxt_t *c, char *buf, int len)
  +{
  +    int rv = 0;
  +    if (c && c->pprompt) {        
  +        if (c->pprompt->flags & BIO_FLAGS_MEM_RDONLY) {
  +            /* Use error BIO in case of stdin */
  +            BIO_printf(c->bio_err, "Enter password: ");
  +        }
  +        rv = BIO_gets(c->pprompt, buf, len);
  +    }
  +    return rv;
  +}
  +
   #else
   /* OpenSSL is not supported
    * If someday we make OpenSSL optional
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message