tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src sslutils.c
Date Tue, 07 Jun 2005 07:22:06 GMT
mturk       2005/06/07 00:22:06

  Modified:    jni/native/include ssl_private.h
               jni/native/src sslutils.c
  Log:
  Use OpenSSL function for obtaining a password without echo.
  On WIN32 if running from service mode (or redirected trough ant)
  Open a new Console window and prompt for password.
  Not sure if this is good idea, because the best would be to create a
  small GUI dialog box rather then messing with console std handles.
  
  Revision  Changes    Path
  1.15      +12 -1     jakarta-tomcat-connectors/jni/native/include/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- ssl_private.h	6 Jun 2005 08:14:50 -0000	1.14
  +++ ssl_private.h	7 Jun 2005 07:22:06 -0000	1.15
  @@ -118,6 +118,16 @@
   #define SSL_CVERIFY_OPTIONAL_NO_CA  (3)
   #define SSL_VERIFY_PEER_STRICT      (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
   
  +#define SSL_PASSWORD_PROMPT         (0)
  +#define SSL_PASSWORD_FILE           (1)
  +#define SSL_PASSWORD_EXEC           (2)
  +#define SSL_PASSWORD_ENGINE         (3)
  +
  +#define STR_PASSWORD_PROMPT         ("pass:")
  +#define STR_PASSWORD_FILE           ("file:")
  +#define STR_PASSWORD_EXEC           ("exec:")
  +#define STR_PASSWORD_ENGINE         ("engine:")
  +
   extern void *SSL_temp_keys[SSL_TMP_KEY_MAX];
   
   typedef struct {
  @@ -132,6 +142,7 @@
   typedef struct {
       char            password[SSL_MAX_PASSWORD_LEN];
       const char     *prompt;
  +    int             mode;
       tcn_ssl_ctxt_t *ctx;
   } tcn_pass_cb_t;
   
  
  
  
  1.16      +33 -30    jakarta-tomcat-connectors/jni/native/src/sslutils.c
  
  Index: sslutils.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslutils.c,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- sslutils.c	6 Jun 2005 16:15:20 -0000	1.15
  +++ sslutils.c	7 Jun 2005 07:22:06 -0000	1.16
  @@ -100,30 +100,6 @@
       return APR_SUCCESS;
   }
   
  -static void password_prompt(const char *prompt, char *buf, size_t len)
  -{
  -    size_t i=0;
  -    int ch;
  -
  -    fprintf(stderr, prompt);
  -    fflush(stderr);
  -    for (i = 0; i < (len - 1); i++) {
  -        ch = getchar();
  -        if (ch == EOF)
  -            break;
  -        if (ch == '\n')
  -            break;
  -        else if (ch == '\b') {
  -            i--;
  -            if (i > 0)
  -                i--;
  -        }
  -        else
  -            buf[i] = ch;
  -    }
  -    buf[i] = '\0';
  -}
  -
   #define PROMPT_STRING "Enter password: "
   /* Simple echo password prompting */
   int SSL_password_prompt(tcn_pass_cb_t *data)
  @@ -135,16 +111,29 @@
       if (data->ctx && data->ctx->bio_is) {
           if (data->ctx->bio_is->flags & SSL_BIO_FLAG_RDONLY) {
               /* Use error BIO in case of stdin */
  -            BIO_printf(data->ctx->bio_is, data->prompt);
  +            BIO_puts(data->ctx->bio_os, data->prompt);
           }
           rv = BIO_gets(data->ctx->bio_is,
                         data->password, SSL_MAX_PASSWORD_LEN);
       }
       else {
  -        password_prompt(data->prompt, data->password,
  -                        SSL_MAX_PASSWORD_LEN);
  -        fputc('\n', stderr);
  -        fflush(stderr);
  +#ifdef WIN32
  +        STARTUPINFO si;
  +        GetStartupInfo(&si);
  +        /* Display a new Console window */
  +        if (si.wShowWindow == 0) {
  +            FreeConsole();
  +            AllocConsole();
  +            SetConsoleTitle("Enter password");
  +        }
  +#endif
  +        des_read_pw_string(data->password, SSL_MAX_PASSWORD_LEN,
  +                           data->prompt, 0);
  +#ifdef WIN32
  +        /* Destroy a new Console window */
  +        if (si.wShowWindow == 0)
  +            FreeConsole();
  +#endif
           rv = strlen(data->password);
       }
       if (rv > 0) {
  @@ -154,6 +143,12 @@
               *r = '\0';
               rv--;
           }
  +#ifdef WIN32
  +        if ((r = strchr(data->password, '\r'))) {
  +            *r = '\0';
  +            rv--;
  +        }
  +#endif
       }
       return rv;
   }
  @@ -171,6 +166,12 @@
           memset(&c, 0, sizeof(tcn_pass_cb_t));
           cb_data = &c;
       }
  +    else {
  +        /* TODO: Implement password prompt checking.
  +         * and decide what mechanism to use for obtaining
  +         * the password.
  +         */
  +    }
       if (cb_data->password[0] ||
           (SSL_password_prompt(cb_data) > 0)) {
           strncpy(buf, cb_data->password, bufsiz);
  @@ -386,6 +387,8 @@
           break;
           case 2048:
               idx = SSL_TMP_KEY_RSA_2048;
  +            if (conn->ctx->temp_keys[idx] == NULL)
  +                idx = SSL_TMP_KEY_RSA_1024;
           break;
           case 4096:
               idx = SSL_TMP_KEY_RSA_4096;
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message