tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11 Http11AprProcessor.java
Date Wed, 13 Jul 2005 11:05:20 GMT
remm        2005/07/13 04:05:20

  Modified:    http11/src/java/org/apache/coyote/http11
                        Http11AprProcessor.java
  Log:
  - Fix array length if no client certs.
  
  Revision  Changes    Path
  1.24      +22 -25    jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java
  
  Index: Http11AprProcessor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11AprProcessor.java,v
  retrieving revision 1.23
  retrieving revision 1.24
  diff -u -r1.23 -r1.24
  --- Http11AprProcessor.java	12 Jul 2005 17:01:42 -0000	1.23
  +++ Http11AprProcessor.java	13 Jul 2005 11:05:19 -0000	1.24
  @@ -1085,22 +1085,20 @@
                           request.setAttribute
                               ("javax.servlet.request.cipher_suite", sslO);
                       int certLength = SSLSocket.getInfoI(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN);
  -                    X509Certificate[] certs = new X509Certificate[certLength];
  -                    for (int i = 0; i < certLength; i++) {
  -                        byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN
+ i);
  -                        CertificateFactory cf =
  -                            CertificateFactory.getInstance("X.509");
  -                        ByteArrayInputStream stream = new ByteArrayInputStream(data);
  -                        certs[i] = (X509Certificate) cf.generateCertificate(stream);
  -                    }
  +                    X509Certificate[] certs = null;
                       if (certLength > 0) {
  -                        sslO = certs;
  -                    } else {
  -                        sslO = null;
  +                        certs = new X509Certificate[certLength];
  +                        for (int i = 0; i < certLength; i++) {
  +                            byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN
+ i);
  +                            CertificateFactory cf =
  +                                CertificateFactory.getInstance("X.509");
  +                            ByteArrayInputStream stream = new ByteArrayInputStream(data);
  +                            certs[i] = (X509Certificate) cf.generateCertificate(stream);
  +                        }
                       }
  -                    if (sslO != null)
  +                    if (certs != null)
                           request.setAttribute
  -                            ("javax.servlet.request.X509Certificate", sslO);
  +                            ("javax.servlet.request.X509Certificate", certs);
                       sslO = new Integer(SSLSocket.getInfoI(socket, SSL.SSL_INFO_CIPHER_USEKEYSIZE));
                       if (sslO != null)
                           request.setAttribute
  @@ -1130,21 +1128,20 @@
                       // FIXME: Verify this is the right thing to do
                       SSLSocket.renegotiate(socket);
                       int certLength = SSLSocket.getInfoI(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN);
  -                    X509Certificate[] certs = new X509Certificate[certLength];
  -                    for (int i = 0; i < certLength; i++) {
  -                        byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN
+ i);
  -                        CertificateFactory cf =
  -                            CertificateFactory.getInstance("X.509");
  -                        ByteArrayInputStream stream = new ByteArrayInputStream(data);
  -                        certs[i] = (X509Certificate) cf.generateCertificate(stream);
  -                    }
  -                    Object sslO = null;
  +                    X509Certificate[] certs = null;
                       if (certLength > 0) {
  -                        sslO = certs;
  +                        certs = new X509Certificate[certLength];
  +                        for (int i = 0; i < certLength; i++) {
  +                            byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT_CHAIN
+ i);
  +                            CertificateFactory cf =
  +                                CertificateFactory.getInstance("X.509");
  +                            ByteArrayInputStream stream = new ByteArrayInputStream(data);
  +                            certs[i] = (X509Certificate) cf.generateCertificate(stream);
  +                        }
                       }
  -                    if (sslO != null)
  +                    if (certs != null)
                           request.setAttribute
  -                            ("javax.servlet.request.X509Certificate", sslO);
  +                            ("javax.servlet.request.X509Certificate", certs);
                   } catch (Exception e) {
                       log.warn("Exception getting SSL Cert", e);
                   }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message