tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src ssl.c sslcontext.c
Date Sat, 11 Jun 2005 18:22:25 GMT
mturk       2005/06/11 11:22:25

  Modified:    jni/native/src ssl.c sslcontext.c
  Log:
  Native part of changes in SSL.java and SSLContext.java
  
  Revision  Changes    Path
  1.33      +9 -1      jakarta-tomcat-connectors/jni/native/src/ssl.c
  
  Index: ssl.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
  retrieving revision 1.32
  retrieving revision 1.33
  diff -u -r1.32 -r1.33
  --- ssl.c	11 Jun 2005 07:03:45 -0000	1.32
  +++ ssl.c	11 Jun 2005 18:22:25 -0000	1.33
  @@ -760,6 +760,14 @@
       return r;
   }
   
  +TCN_IMPLEMENT_CALL(jstring, SSL, getLastError)(TCN_STDARGS)
  +{
  +    char buf[256];
  +    UNREFERENCED(o);
  +    ERR_error_string(ERR_get_error(), buf);
  +    return tcn_new_string(e, buf, -1);
  +}
  +
   #else
   /* OpenSSL is not supported
    * If someday we make OpenSSL optional
  
  
  
  1.34      +16 -6     jakarta-tomcat-connectors/jni/native/src/sslcontext.c
  
  Index: sslcontext.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
  retrieving revision 1.33
  retrieving revision 1.34
  diff -u -r1.33 -r1.34
  --- sslcontext.c	11 Jun 2005 07:03:45 -0000	1.33
  +++ sslcontext.c	11 Jun 2005 18:22:25 -0000	1.34
  @@ -145,11 +145,11 @@
        */
       SSL_CTX_set_options(c->ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
   #endif
  -    /* Default vhost id and cache size */
  +    /* Default session context id and cache size */
       SSL_CTX_sess_set_cache_size(c->ctx, SSL_DEFAULT_CACHE_SIZE);
       MD5((const unsigned char *)SSL_DEFAULT_VHOST_NAME,
           (unsigned long)(sizeof(SSL_DEFAULT_VHOST_NAME) - 1),
  -        &(c->vhost_id[0]));
  +        &(c->context_id[0]));
       if (mode) {
           SSL_CTX_set_tmp_rsa_callback(c->ctx, SSL_callback_tmp_RSA);
           SSL_CTX_set_tmp_dh_callback(c->ctx,  SSL_callback_tmp_DH);
  @@ -185,8 +185,8 @@
       return apr_pool_cleanup_run(c->pool, c, ssl_context_cleanup);
   }
   
  -TCN_IMPLEMENT_CALL(void, SSLContext, setVhostId)(TCN_STDARGS, jlong ctx,
  -                                                 jstring id)
  +TCN_IMPLEMENT_CALL(void, SSLContext, setContextId)(TCN_STDARGS, jlong ctx,
  +                                                   jstring id)
   {
       tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
       TCN_ALLOC_CSTRING(id);
  @@ -196,7 +196,7 @@
       if (J2S(id)) {
           MD5((const unsigned char *)J2S(id),
               (unsigned long)strlen(J2S(id)),
  -            &(c->vhost_id[0]));
  +            &(c->context_id[0]));
       }
       TCN_FREE_CSTRING(id);
   }
  @@ -363,6 +363,7 @@
           rv = JNI_FALSE;
           goto cleanup;
       }
  +    c->store = SSL_CTX_get_cert_store(c->ctx);
       if (c->mode) {
           STACK_OF(X509_NAME) *ca_certs;
           c->ca_certs++;
  @@ -425,6 +426,15 @@
       if ((c->verify_mode == SSL_CVERIFY_OPTIONAL) ||
           (c->verify_mode == SSL_CVERIFY_OPTIONAL_NO_CA))
           verify |= SSL_VERIFY_PEER;
  +    if (!c->store) {
  +        if (SSL_CTX_set_default_verify_paths(c->ctx)) {
  +            c->store = SSL_CTX_get_cert_store(c->ctx);
  +            X509_STORE_set_flags(c->store, 0);
  +        }
  +        else {
  +            /* XXX: See if this is fatal */ 
  +        }
  +    }
   
       SSL_CTX_set_verify(c->ctx, verify, SSL_callback_SSL_verify);
   }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message