tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src sslcontext.c sslutils.c
Date Tue, 07 Jun 2005 09:13:22 GMT
mturk       2005/06/07 02:13:22

  Modified:    jni/native/include ssl_private.h
               jni/native/src sslcontext.c sslutils.c
  Log:
  Remove all pass: and exec: pipe handling.
  This is not the responsibility of native, but rather the Java that
  uses the API. Higher level API has to provide a way to obtain
  a valid password if needed.
  
  Revision  Changes    Path
  1.17      +1 -4      jakarta-tomcat-connectors/jni/native/include/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- ssl_private.h	7 Jun 2005 08:15:32 -0000	1.16
  +++ ssl_private.h	7 Jun 2005 09:13:22 -0000	1.17
  @@ -131,11 +131,8 @@
   
   typedef struct {
       char            password[SSL_MAX_PASSWORD_LEN];
  -    const char     *pass;
       const char     *prompt;
       tcn_ssl_ctxt_t *ctx;
  -    apr_file_t     *wrtty;
  -    apr_file_t     *rdtty;
   } tcn_pass_cb_t;
   
   struct tcn_ssl_ctxt_t {
  
  
  
  1.25      +6 -3      jakarta-tomcat-connectors/jni/native/src/sslcontext.c
  
  Index: sslcontext.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- sslcontext.c	7 Jun 2005 09:01:00 -0000	1.24
  +++ sslcontext.c	7 Jun 2005 09:13:22 -0000	1.25
  @@ -468,6 +468,7 @@
       jboolean rv = JNI_TRUE;
       TCN_ALLOC_CSTRING(cert);
       TCN_ALLOC_CSTRING(key);
  +    TCN_ALLOC_CSTRING(password);
       const char *key_file, *cert_file;
       char err[256];
   
  @@ -479,8 +480,10 @@
           rv = JNI_FALSE;
           goto cleanup;
       }
  -    if (password)
  -        c->password.pass = tcn_pstrdup(e, password, c->pool);
  +    if (J2S(password)) {
  +        strncpy(c->password.password, J2S(password), SSL_MAX_PASSWORD_LEN);
  +        c->password.password[SSL_MAX_PASSWORD_LEN-1] = '\0';
  +    }
       key_file  = J2S(key);
       cert_file = J2S(cert);
       if (!key_file)
  
  
  
  1.18      +3 -116    jakarta-tomcat-connectors/jni/native/src/sslutils.c
  
  Index: sslutils.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslutils.c,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- sslutils.c	7 Jun 2005 08:15:32 -0000	1.17
  +++ sslutils.c	7 Jun 2005 09:13:22 -0000	1.18
  @@ -73,92 +73,6 @@
       return;
   }
   
  -/*
  - * Return APR_SUCCESS if the named file exists and is readable
  - */
  -static apr_status_t exists_and_readable(const char *fname, apr_pool_t *pool,
  -                                        apr_time_t *mtime)
  -{
  -    apr_status_t stat;
  -    apr_finfo_t sbuf;
  -    apr_file_t *fd;
  -
  -    if ((stat = apr_stat(&sbuf, fname, APR_FINFO_MIN, pool)) != APR_SUCCESS)
  -        return stat;
  -
  -    if (sbuf.filetype != APR_REG)
  -        return APR_EGENERAL;
  -
  -    if ((stat = apr_file_open(&fd, fname, APR_READ, 0, pool)) != APR_SUCCESS)
  -        return stat;
  -
  -    if (mtime) {
  -        *mtime = sbuf.mtime;
  -    }
  -
  -    apr_file_close(fd);
  -    return APR_SUCCESS;
  -}
  -
  -static apr_status_t ssl_pipe_child_create(tcn_pass_cb_t *data, apr_pool_t *p, const char
*progname)
  -{
  -    /* Child process code for 'ErrorLog "|..."';
  -     * may want a common framework for this, since I expect it will
  -     * be common for other foo-loggers to want this sort of thing...
  -     */
  -    apr_status_t rc;
  -    apr_procattr_t *procattr;
  -    apr_proc_t *procnew;
  -
  -    if (((rc = apr_procattr_create(&procattr, p)) == APR_SUCCESS) &&
  -        ((rc = apr_procattr_io_set(procattr,
  -                                   APR_FULL_BLOCK,
  -                                   APR_FULL_BLOCK,
  -                                   APR_NO_PIPE)) == APR_SUCCESS)) {
  -        char **args;
  -        const char *pname;
  -
  -        apr_tokenize_to_argv(progname, &args, p);
  -        pname = apr_pstrdup(p, args[0]);
  -        procnew = (apr_proc_t *)apr_pcalloc(p, sizeof(*procnew));
  -        rc = apr_proc_create(procnew, pname, (const char * const *)args,
  -                             NULL, procattr, p);
  -        if (rc == APR_SUCCESS) {
  -            /* XXX: not sure if we aught to...
  -             * apr_pool_note_subprocess(p, procnew, APR_KILL_AFTER_TIMEOUT);
  -             */
  -            data->wrtty = procnew->in;
  -            data->rdtty = procnew->out;
  -        }
  -    }
  -    return rc;
  -}
  -
  -static int pipe_get_passwd_cb(tcn_pass_cb_t *data, char *buf, int length,
  -                              const char *prompt)
  -{
  -    apr_status_t rc;
  -    char *p;
  -
  -    apr_file_puts(prompt, data->wrtty);
  -
  -    buf[0]='\0';
  -    rc = apr_file_gets(buf, length, data->rdtty);
  -    apr_file_puts(APR_EOL_STR, data->wrtty);
  -
  -    if (rc != APR_SUCCESS || apr_file_eof(data->rdtty)) {
  -        memset(buf, 0, length);
  -        return 1;  /* failure */
  -    }
  -    if ((p = strchr(buf, '\n')) != NULL)
  -        *p = '\0';
  -#ifdef WIN32
  -    if ((p = strchr(buf, '\r')) != NULL)
  -        *p = '\0';
  -#endif
  -    return 0;
  -}
  -
   #define PROMPT_STRING "Enter password: "
   /* Simple echo password prompting */
   int SSL_password_prompt(tcn_pass_cb_t *data)
  @@ -178,19 +92,11 @@
           STARTUPINFO si;
           GetStartupInfo(&si);
           /* Display a new Console window */
  -        if (si.wShowWindow == 0) {
  -            FreeConsole();
  -            AllocConsole();
  -            SetConsoleTitle("Enter password");
  -        }
  +        if (si.wShowWindow == 0)
  +            return 0;
   #endif
           des_read_pw_string(data->password, SSL_MAX_PASSWORD_LEN,
                              data->prompt, 0);
  -#ifdef WIN32
  -        /* Destroy a new Console window */
  -        if (si.wShowWindow == 0)
  -            FreeConsole();
  -#endif
           rv = strlen(data->password);
       }
       if (rv > 0) {
  @@ -230,25 +136,6 @@
           buf[bufsiz - 1] = '\0';
           return strlen(buf);
       }
  -    if (!cb_data->prompt)
  -        cb_data->prompt = PROMPT_STRING;
  -    if (cb_data->pass) {
  -        if (strncmp(cb_data->pass, "pass:", 5) == 0)
  -            strncpy(buf, cb_data->pass + 5, bufsiz);
  -        else if (strncmp(cb_data->pass, "exec:", 5) == 0) {
  -            apr_pool_t *p;
  -            apr_pool_create(&p, cb_data->ctx->pool);
  -            if (ssl_pipe_child_create(cb_data, p,
  -                        cb_data->pass + 5) == APR_SUCCESS) {
  -                pipe_get_passwd_cb(cb_data, buf, bufsiz, cb_data->prompt);
  -            }
  -            apr_pool_destroy(p);
  -        }
  -        buf[bufsiz-1] = '\0';
  -        strncpy(cb_data->password, buf, SSL_MAX_PASSWORD_LEN);
  -        cb_data->password[SSL_MAX_PASSWORD_LEN - 1] = '\0';
  -        return strlen(buf);
  -    }
       else {
           if (SSL_password_prompt(cb_data) > 0)
               strncpy(buf, cb_data->password, bufsiz);
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message