tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src ssl.c sslcontext.c
Date Sat, 11 Jun 2005 07:03:45 GMT
mturk       2005/06/11 00:03:45

  Modified:    jni/examples/org/apache/tomcat/jni SSLServer.java
               jni/java/org/apache/tomcat/jni SSLSocket.java
               jni/native/include ssl_private.h
               jni/native/os/netware system.c
               jni/native/os/unix system.c
               jni/native/os/win32 system.c
               jni/native/src ssl.c sslcontext.c
  Log:
  Remove accept and connect. Use two new functions attach
  and handshake.
  
  Revision  Changes    Path
  1.5       +96 -4     jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java
  
  Index: SSLServer.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- SSLServer.java	9 Jun 2005 09:13:54 -0000	1.4
  +++ SSLServer.java	11 Jun 2005 07:03:45 -0000	1.5
  @@ -17,12 +17,14 @@
       public static String serverAddr = null;
       public static int serverPort    = 0;
       public static int serverNmax    = 0;
  +    public static int serverNrun    = 0;
       public static long serverPool   = 0;
       public static long serverCtx    = 0;
       public static String serverCert = null;
       public static String serverKey  = null;
       public static String serverCiphers  = null;
       public static String serverPassword = null;
  +    private static Acceptor serverAcceptor = null;
   
       private static Object threadLock = new Object();
   
  @@ -58,15 +60,105 @@
               SSLContext.setCipherSuite(serverCtx, serverCiphers);
               /* Load Server key and certificate */
               SSLContext.setCertificate(serverCtx, serverCert, serverKey, serverPassword,
SSL.SSL_AIDX_RSA);
  -            SSLContext.setVerifyDepth(serverCtx, 10);
  -            SSLContext.setVerifyClient(serverCtx, SSL.SSL_CVERIFY_REQUIRE);
  -            
  +            SSLContext.setVerify(serverCtx, SSL.SSL_CVERIFY_REQUIRE, 10);
  +            serverAcceptor = new Acceptor();
  +            serverAcceptor.start();
  +
           } catch (Exception e) {
               e.printStackTrace();
           }
   
       }
  +    public static void incThreads() {
  +        synchronized(threadLock) {
  +            serverNrun++;
  +        }
  +    }
  +
  +    public static void decThreads() {
  +        synchronized(threadLock) {
  +            serverNrun--;
  +        }
  +    }
  +
  +    /* Acceptor thread. Listens for new connections */
  +    private class Acceptor extends Thread {
  +        private long serverSock = 0;
  +        private long inetAddress = 0;
  +        private long pool = 0;
  +        public Acceptor() throws Exception {
  +            try {
  +
  +                pool = Pool.create(SSLServer.serverPool);
  +                System.out.println("Accepting: " +  SSLServer.serverAddr + ":" +
  +                                   SSLServer.serverPort);
  +                inetAddress = Address.info(SSLServer.serverAddr, Socket.APR_INET,
  +                                           SSLServer.serverPort, 0,
  +                                           pool);
  +                serverSock = Socket.create(Socket.APR_INET, Socket.SOCK_STREAM,
  +                                           Socket.APR_PROTO_TCP, pool);
  +                long sa = Address.get(Socket.APR_LOCAL, serverSock);
  +                Sockaddr addr = new Sockaddr();
  +                if (Address.fill(addr, sa)) {
  +                    System.out.println("Host: " + addr.hostname);
  +                    System.out.println("Server: " + addr.servname);
  +                    System.out.println("IP: " + Address.getip(sa) +
  +                                       ":" + addr.port);
  +                }
  +                int rc = Socket.bind(serverSock, inetAddress);
  +                if (rc != 0) {
  +                  throw(new Exception("Can't create Acceptor: bind: " + Error.strerror(rc)));
  +                }
  +                Socket.listen(serverSock, 5);
  +            }
  +            catch( Exception ex ) {
  +                ex.printStackTrace();
  +                throw(new Exception("Can't create Acceptor"));
  +            }
  +        }
   
  +        public void run() {
  +            int i = 0;
  +            try {
  +                while (true) {
  +                    long clientSock = Socket.accept(serverSock, pool);
  +                    System.out.println("Accepted id: " +  i);
  +
  +                    try {
  +                        long sa = Address.get(Socket.APR_REMOTE, clientSock);
  +                        Sockaddr raddr = new Sockaddr();
  +                        if (Address.fill(raddr, sa)) {
  +                            System.out.println("Remote Host: " + Address.getnameinfo(sa,
0));
  +                            System.out.println("Remote IP: " + Address.getip(sa) +
  +                                               ":" + raddr.port);
  +                        }
  +                        sa = Address.get(Socket.APR_LOCAL, clientSock);
  +                        Sockaddr laddr = new Sockaddr();
  +                        if (Address.fill(laddr, sa)) {
  +                            System.out.println("Local Host: " + laddr.hostname);
  +                            System.out.println("Local Server: " + Address.getnameinfo(sa,
0));
  +                            System.out.println("Local IP: " + Address.getip(sa) +
  +                                               ":" + laddr.port);
  +                        }
  +
  +                    } catch (Exception e) {
  +                        // Ignore
  +                        e.printStackTrace();
  +                    }
  +
  +                    Socket.timeoutSet(clientSock, 10000000);
  +                    long sslSocket = SSLSocket.attach(SSLServer.serverCtx, clientSock,
pool);
  +                    i = SSLSocket.handshake(sslSocket);
  +                    System.out.println("Handskake : " + i);
  +
  +                    SSLSocket.close(sslSocket);
  +                }
  +            }
  +            catch( Exception ex ) {
  +                ex.printStackTrace();
  +            }
  +        }
  +    }
       public static void main(String [] args) {
           try {
               Library.initialize(null);
  
  
  
  1.5       +9 -18     jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
  
  Index: SSLSocket.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- SSLSocket.java	10 Jun 2005 17:15:56 -0000	1.4
  +++ SSLSocket.java	11 Jun 2005 07:03:45 -0000	1.5
  @@ -28,25 +28,21 @@
   public class SSLSocket {
   
       /**
  -     * Accept a SSL connection.
  +     * Attach APR socket on a SSL connection.
        * @param ctx SSLContext to use.
  -     * @param sock APR Socket that already did physical accept.
  +     * @param sock APR Socket that already did physical connect.
  +     * @param pool The pool to use
        * @param pool The pool to use
        * @return The new socket that has been set up.
        */
  -    public static native long accept(long ctx, long sock, long pool)
  +    public static native long attach(long ctx, long sock, long pool)
           throws Exception;
   
       /**
  -     * Connect on a SSL connection.
  -     * @param ctx SSLContext to use.
  -     * @param sock APR Socket that already did physical connect.
  -     * @param pool The pool to use
  -     * @return The new socket that has been set up.
  +     * Do a SSL handshake.
  +     * @param thesocket The socket to close
        */
  -    public static native long connect(long ctx, long sock, long pool)
  -        throws Exception;
  -
  +    public static native int handshake(long thesocket);
   
       /**
        * Shutdown a socket.
  @@ -72,10 +68,5 @@
        */
       public static native int close(long thesocket);
   
  -    /**
  -     * Get the SSL error code.
  -     * @param thesocket The SSL socket to use.
  -     * @retcode the "local" error code returned by SSL.
  -     * @return the error code.
  -    public static native int geterror(long thesocket, int retcode);
  +
   }
  
  
  
  1.25      +13 -1     jakarta-tomcat-connectors/jni/native/include/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
  retrieving revision 1.24
  retrieving revision 1.25
  diff -u -r1.24 -r1.25
  --- ssl_private.h	10 Jun 2005 10:47:37 -0000	1.24
  +++ ssl_private.h	11 Jun 2005 07:03:45 -0000	1.25
  @@ -139,6 +139,17 @@
   #define SSL_SHUTDOWN_TYPE_UNCLEAN   (2)
   #define SSL_SHUTDOWN_TYPE_ACCURATE  (3)
   
  +#define SSL_TO_APR_ERROR(X)         (APR_OS_START_USERERR + 1000 + X)
  +
  +#define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
  +   ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
  +    || (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \
  +    || (errnum == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) \
  +    || (errnum == X509_V_ERR_CERT_UNTRUSTED) \
  +    || (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))
  +
  +
  +
   #define SSL_DEFAULT_PASS_PROMPT "Some of your private key files are encrypted for security
reasons.\n"  \
                                   "In order to read them you have to provide the pass phrases.\n"
        \
                                   "Enter password :"
  @@ -198,6 +209,7 @@
       X509           *cert;
       int             shutdown_type;
       apr_socket_t   *sock;
  +    apr_pollset_t  *pollset;
   } tcn_ssl_conn_t;
   
   
  
  
  
  1.5       +2 -1      jakarta-tomcat-connectors/jni/native/os/netware/system.c
  
  Index: system.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/os/netware/system.c,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- system.c	24 May 2005 09:25:36 -0000	1.4
  +++ system.c	11 Jun 2005 07:03:45 -0000	1.5
  @@ -22,6 +22,7 @@
   #include "apr.h"
   #include "apr_pools.h"
   #include "apr_network_io.h"
  +#include "apr_poll.h"
   
   #include "tcn.h"
   
  
  
  
  1.6       +2 -1      jakarta-tomcat-connectors/jni/native/os/unix/system.c
  
  Index: system.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/os/unix/system.c,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- system.c	28 May 2005 11:40:52 -0000	1.5
  +++ system.c	11 Jun 2005 07:03:45 -0000	1.6
  @@ -22,6 +22,7 @@
   #include "apr.h"
   #include "apr_pools.h"
   #include "apr_network_io.h"
  +#include "apr_pol.h"
   
   #include "tcn.h"
   #if defined(__linux__)
  
  
  
  1.7       +3 -2      jakarta-tomcat-connectors/jni/native/os/win32/system.c
  
  Index: system.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/os/win32/system.c,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- system.c	7 Jun 2005 12:41:44 -0000	1.6
  +++ system.c	11 Jun 2005 07:03:45 -0000	1.7
  @@ -24,6 +24,7 @@
   #include <winsock.h>
   #include "apr.h"
   #include "apr_pools.h"
  +#include "apr_poll.h"
   #include "apr_network_io.h"
   #include "apr_arch_misc.h" /* for apr_os_level */
   #include "apr_arch_atime.h"  /* for FileTimeToAprTime */
  @@ -266,7 +267,7 @@
                   0, &id);
       WaitForSingleObject(thread, INFINITE);
       CloseHandle(thread);
  -    return strlen(data->password);
  +    return (int)strlen(data->password);
   }
   
   
  
  
  
  1.32      +2 -1      jakarta-tomcat-connectors/jni/native/src/ssl.c
  
  Index: ssl.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
  retrieving revision 1.31
  retrieving revision 1.32
  diff -u -r1.31 -r1.32
  --- ssl.c	9 Jun 2005 10:44:06 -0000	1.31
  +++ ssl.c	11 Jun 2005 07:03:45 -0000	1.32
  @@ -26,6 +26,7 @@
   #include "apr_thread_mutex.h"
   #include "apr_strings.h"
   #include "apr_atomic.h"
  +#include "apr_poll.h"
   
   #include "tcn.h"
   
  
  
  
  1.33      +2 -1      jakarta-tomcat-connectors/jni/native/src/sslcontext.c
  
  Index: sslcontext.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -r1.32 -r1.33
  --- sslcontext.c	10 Jun 2005 07:53:24 -0000	1.32
  +++ sslcontext.c	11 Jun 2005 07:03:45 -0000	1.33
  @@ -24,6 +24,7 @@
   #include "apr_file_io.h"
   #include "apr_portable.h"
   #include "apr_thread_mutex.h"
  +#include "apr_poll.h"
   
   #include "tcn.h"
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message