tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
Date Wed, 15 Jun 2005 12:08:02 GMT
mturk       2005/06/15 05:08:02

  Modified:    jni/java/org/apache/tomcat/jni SSL.java SSLSocket.java
               jni/native/include ssl_private.h
               jni/native/src sslinfo.c
  Log:
  Update sslinfo to use the indexed approach to the params instead
  a name based. This way we'll keep the lower number of native functions.
  
  Revision  Changes    Path
  1.19      +7 -2      jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
  
  Index: SSL.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -r1.18 -r1.19
  --- SSL.java	12 Jun 2005 07:33:08 -0000	1.18
  +++ SSL.java	15 Jun 2005 12:08:02 -0000	1.19
  @@ -158,6 +158,11 @@
       public static final int SSL_SHUTDOWN_TYPE_UNCLEAN  = 2;
       public static final int SSL_SHUTDOWN_TYPE_ACCURATE = 3;
   
  +    public static final int SSL_INFO_SESSION_ID             = 1;
  +    public static final int SSL_INFO_CIPHER                 = 2;
  +    public static final int SSL_INFO_CIPHER_USEKEYSIZE      = 3;
  +    public static final int SSL_INFO_CIPHER_ALGKEYSIZE      = 4;
  +
       /* Return OpenSSL version number */
       public static native int version();
   
  @@ -261,7 +266,7 @@
        * @param file File contatining DH params.
        */
       public static native boolean loadDSATempKey(int idx, String file);
  -    
  +
       /**
        * Return last SSL error string
        */
  
  
  
  1.12      +27 -4     jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
  
  Index: SSLSocket.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- SSLSocket.java	14 Jun 2005 20:59:33 -0000	1.11
  +++ SSLSocket.java	15 Jun 2005 12:08:02 -0000	1.12
  @@ -234,10 +234,33 @@
                                       int offset, int nbytes, long timeout);
   
       /**
  -     * Retrun SSL SESSION id.
  +     * Retrun SSL Info parameter as byte array.
        *
        * @param sock The socket to read the data from.
  -     * @return Byte array containing session id.
  +     * @param id Parameter id.
  +     * @return Byte array containing info id value.
        */
  -    public static native byte[] getSessionId(long sock);
  +    public static native byte[] getInfoB(long sock, int id)
  +        throws Exception;
  +
  +    /**
  +     * Retrun SSL Info parameter as String.
  +     *
  +     * @param sock The socket to read the data from.
  +     * @param id Parameter id.
  +     * @return String containing info id value.
  +     */
  +    public static native String getInfoS(long sock, int id)
  +        throws Exception;
  +
  +    /**
  +     * Retrun SSL Info parameter as integer.
  +     *
  +     * @param sock The socket to read the data from.
  +     * @param id Parameter id.
  +     * @return Integer containing info id value or -1 on error.
  +     */
  +    public static native int getInfoI(long sock, int id)
  +        throws Exception;
  +
   }
  
  
  
  1.29      +6 -1      jakarta-tomcat-connectors/jni/native/include/ssl_private.h
  
  Index: ssl_private.h
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
  retrieving revision 1.28
  retrieving revision 1.29
  diff -u -r1.28 -r1.29
  --- ssl_private.h	12 Jun 2005 10:31:16 -0000	1.28
  +++ ssl_private.h	15 Jun 2005 12:08:02 -0000	1.29
  @@ -141,6 +141,11 @@
   
   #define SSL_TO_APR_ERROR(X)         (APR_OS_START_USERERR + 1000 + X)
   
  +#define SSL_INFO_SESSION_ID         (1)
  +#define SSL_INFO_CIPHER             (2)
  +#define SSL_INFO_CIPHER_USEKEYSIZE  (3)
  +#define SSL_INFO_CIPHER_ALGKEYSIZE  (4)
  +
   #define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
      ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
       || (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \
  
  
  
  1.2       +103 -13   jakarta-tomcat-connectors/jni/native/src/sslinfo.c
  
  Index: sslinfo.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- sslinfo.c	14 Jun 2005 11:55:54 -0000	1.1
  +++ sslinfo.c	15 Jun 2005 12:08:02 -0000	1.2
  @@ -31,27 +31,117 @@
   #ifdef HAVE_OPENSSL
   #include "ssl_private.h"
   
  -TCN_IMPLEMENT_CALL(jobject, SSLSocket, getSessionId)(TCN_STDARGS, jlong sock)
  +static const char *hex_basis = "0123456789ABCDEF";
  +
  +static char *convert_to_hex(const void *buf, size_t len)
  +{
  +    const unsigned char *p = ( const unsigned char *)buf;
  +    char *str, *s;
  +    size_t i;
  +
  +    if ((len < 1) || ((str = malloc(len * 2 + 1)) == NULL))
  +        return NULL;
  +    for (i = 0, s = str; i < len; i++) {
  +        unsigned char c = *p++;
  +        *s++ = hex_basis[c >> 4];
  +        *s++ = hex_basis[c & 0x0F];
  +    }
  +    *s = '\0';
  +    return str;
  +}
  +
  +TCN_IMPLEMENT_CALL(jobject, SSLSocket, getInfoB)(TCN_STDARGS, jlong sock,
  +                                                 jint what)
   {
       tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
  -    SSL_SESSION *session;
  +    jbyteArray array = NULL;
   
       UNREFERENCED(o);
       TCN_ASSERT(sock != 0);
  -    if ((session = SSL_get_session(s->ssl)) != NULL) {
  -        jbyteArray array;
  -        jsize      len = (jsize)session->session_id_length;
  -        array = (*e)->NewByteArray(e, len);
  -        if (array) {
  -            (*e)->SetByteArrayRegion(e, array, 0, len,
  -                                     (jbyte *)(&session->session_id[0]));
  +
  +    switch (what) {
  +        case SSL_INFO_SESSION_ID:
  +        {
  +            SSL_SESSION *session  = SSL_get_session(s->ssl);
  +            if (session) {
  +                jsize len = (jsize)session->session_id_length;
  +                if ((array = (*e)->NewByteArray(e, len)) != NULL)
  +                    (*e)->SetByteArrayRegion(e, array, 0, len,
  +                                (jbyte *)(&session->session_id[0]));
  +            }
           }
  -        return array;
  +        break;
  +        default:
  +            tcn_ThrowAPRException(e, APR_EINVAL);
  +        break;
       }
  -    else
  -        return NULL;
  +
  +    return array;
   }
   
  +TCN_IMPLEMENT_CALL(jstring, SSLSocket, getInfoS)(TCN_STDARGS, jlong sock,
  +                                                 jint what)
  +{
  +    tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
  +    jstring value = NULL;
  +
  +    UNREFERENCED(o);
  +    TCN_ASSERT(sock != 0);
  +
  +    switch (what) {
  +        case SSL_INFO_SESSION_ID:
  +        {
  +            SSL_SESSION *session  = SSL_get_session(s->ssl);
  +            if (session) {
  +                char *hs = convert_to_hex(&session->session_id[0],
  +                                          session->session_id_length);
  +                if (hs) {
  +                    value = tcn_new_string(e, hs, -1);
  +                    free(hs);
  +                }
  +            }
  +        }
  +        break;
  +        default:
  +            tcn_ThrowAPRException(e, APR_EINVAL);
  +        break;
  +    }
  +
  +    return value;
  +}
  +
  +TCN_IMPLEMENT_CALL(jint, SSLSocket, getInfoI)(TCN_STDARGS, jlong sock,
  +                                              jint what)
  +{
  +    tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
  +    jint value = -1;
  +
  +    UNREFERENCED(o);
  +    TCN_ASSERT(sock != 0);
  +
  +    switch (what) {
  +        case SSL_INFO_CIPHER_USEKEYSIZE:
  +        case SSL_INFO_CIPHER_ALGKEYSIZE:
  +        {
  +            int usekeysize = 0;
  +            int algkeysize = 0;
  +            SSL_CIPHER *cipher = SSL_get_current_cipher(s->ssl);
  +            if (cipher) {
  +                usekeysize = SSL_CIPHER_get_bits(cipher, &algkeysize);
  +                if (what == SSL_INFO_CIPHER_USEKEYSIZE)
  +                    value = usekeysize;
  +                else
  +                    value = algkeysize;
  +            }
  +        }
  +        break;
  +        default:
  +            tcn_ThrowAPRException(e, APR_EINVAL);
  +        break;
  +    }
  +
  +    return value;
  +}
   
   #else
   /* OpenSSL is not supported
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message