You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by jf...@apache.org on 2015/06/18 17:49:13 UTC
svn commit: r1686252 - in /tomcat/native/trunk/native: include/ssl_private.h
src/ssl.c src/sslutils.c
Author: jfclere
Date: Thu Jun 18 15:49:12 2015
New Revision: 1686252
URL: http://svn.apache.org/r1686252
Log:
Add netty-tc-native ssl.c modifications.
Modified:
tomcat/native/trunk/native/include/ssl_private.h
tomcat/native/trunk/native/src/ssl.c
tomcat/native/trunk/native/src/sslutils.c
Modified: tomcat/native/trunk/native/include/ssl_private.h
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/include/ssl_private.h?rev=1686252&r1=1686251&r2=1686252&view=diff
==============================================================================
--- tomcat/native/trunk/native/include/ssl_private.h (original)
+++ tomcat/native/trunk/native/include/ssl_private.h Thu Jun 18 15:49:12 2015
@@ -292,9 +292,13 @@ typedef struct {
/*
* Additional Functions
*/
-void SSL_init_app_data2_idx(void);
+void SSL_init_app_data2_3_idx(void);
+/* The app_data2 is used to store the tcn_ssl_ctxt_t pointer for the SSL instance. */
void *SSL_get_app_data2(SSL *);
void SSL_set_app_data2(SSL *, void *);
+/* The app_data3 is used to store the handshakeCount pointer for the SSL instance. */
+void *SSL_get_app_data3(SSL *);
+void SSL_set_app_data3(SSL *, void *);
int SSL_password_prompt(tcn_pass_cb_t *);
int SSL_password_callback(char *, int, int, void *);
void SSL_BIO_close(BIO *);
Modified: tomcat/native/trunk/native/src/ssl.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1686252&r1=1686251&r2=1686252&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/ssl.c (original)
+++ tomcat/native/trunk/native/src/ssl.c Thu Jun 18 15:49:12 2015
@@ -33,6 +33,10 @@ tcn_pass_cb_t tcn_password_callback;
/* Global reference to the pool used by the dynamic mutexes */
static apr_pool_t *dynlockpool = NULL;
+/* From netty-tcnative */
+static jclass byteArrayClass;
+static jclass stringClass;
+
/* Dynamic lock structure */
struct CRYPTO_dynlock_value {
apr_pool_t *pool;
@@ -637,6 +641,10 @@ static int ssl_rand_make(const char *fil
TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS, jstring engine)
{
+ int r = 0;
+ jclass clazz;
+ jclass sClazz;
+
TCN_ALLOC_CSTRING(engine);
UNREFERENCED(o);
@@ -709,8 +717,8 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
* low entropy seed.
*/
SSL_rand_seed(NULL);
- /* For SSL_get_app_data2() at request time */
- SSL_init_app_data2_idx();
+ /* For SSL_get_app_data2() and SSL_get_app_data3() at request time */
+ SSL_init_app_data2_3_idx();
init_dh_params();
@@ -721,6 +729,15 @@ TCN_IMPLEMENT_CALL(jint, SSL, initialize
ssl_init_cleanup,
apr_pool_cleanup_null);
TCN_FREE_CSTRING(engine);
+
+ /* Cache the byte[].class for performance reasons */
+ clazz = (*e)->FindClass(e, "[B");
+ byteArrayClass = (jclass) (*e)->NewGlobalRef(e, clazz);
+
+ /* Cache the String.class for performance reasons */
+ sClazz = (*e)->FindClass(e, "java/lang/String");
+ stringClass = (jclass) (*e)->NewGlobalRef(e, sClazz);
+
return (jint)APR_SUCCESS;
}
@@ -887,7 +904,7 @@ static int jbs_free(BIO *bi)
static int jbs_write(BIO *b, const char *in, int inl)
{
- jint ret = 0;
+ jint ret = -1;
if (b->init && in != NULL) {
BIO_JAVA *j = (BIO_JAVA *)b->ptr;
JNIEnv *e = NULL;
@@ -895,6 +912,7 @@ static int jbs_write(BIO *b, const char
tcn_get_java_env(&e);
jb = (*e)->NewByteArray(e, inl);
if (!(*e)->ExceptionOccurred(e)) {
+ BIO_clear_retry_flags(b);
(*e)->SetByteArrayRegion(e, jb, 0, inl, (jbyte *)in);
ret = (*e)->CallIntMethod(e, j->cb.obj,
j->cb.mid[0], jb);
@@ -902,6 +920,11 @@ static int jbs_write(BIO *b, const char
(*e)->DeleteLocalRef(e, jb);
}
}
+ /* From netty-tc-native, in the AF we were returning 0 */
+ if (ret == 0) {
+ BIO_set_retry_write(b);
+ ret = -1;
+ }
return ret;
}
@@ -915,12 +938,16 @@ static int jbs_read(BIO *b, char *out, i
tcn_get_java_env(&e);
jb = (*e)->NewByteArray(e, outl);
if (!(*e)->ExceptionOccurred(e)) {
+ BIO_clear_retry_flags(b);
ret = (*e)->CallIntMethod(e, j->cb.obj,
j->cb.mid[1], jb);
if (ret > 0) {
jbyte *jout = (*e)->GetPrimitiveArrayCritical(e, jb, NULL);
memcpy(out, jout, ret);
(*e)->ReleasePrimitiveArrayCritical(e, jb, jout, 0);
+ } else if (outl != 0) {
+ ret = -1;
+ BIO_set_retry_read(b);
}
(*e)->DeleteLocalRef(e, jb);
}
@@ -968,7 +995,16 @@ static int jbs_gets(BIO *b, char *out, i
static long jbs_ctrl(BIO *b, int cmd, long num, void *ptr)
{
- return 0;
+ int ret = 0;
+ switch (cmd) {
+ case BIO_CTRL_FLUSH:
+ ret = 1;
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+ return ret;
}
static BIO_METHOD jbs_methods = {
Modified: tomcat/native/trunk/native/src/sslutils.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1686252&r1=1686251&r2=1686252&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Thu Jun 18 15:49:12 2015
@@ -51,8 +51,9 @@ static int ssl_ocsp_request(X509 *cert,
* SSL_get_ex_new_index() is called, so we _must_ do this at startup.
*/
static int SSL_app_data2_idx = -1;
+static int SSL_app_data3_idx = -1;
-void SSL_init_app_data2_idx(void)
+void SSL_init_app_data2_3_idx(void)
{
int i;
@@ -67,6 +68,16 @@ void SSL_init_app_data2_idx(void)
"Second Application Data for SSL",
NULL, NULL, NULL);
}
+
+ if (SSL_app_data3_idx > -1) {
+ return;
+ }
+
+ SSL_app_data3_idx =
+ SSL_get_ex_new_index(0,
+ "Third Application Data for SSL",
+ NULL, NULL, NULL);
+
}
void *SSL_get_app_data2(SSL *ssl)
@@ -80,6 +91,17 @@ void SSL_set_app_data2(SSL *ssl, void *a
return;
}
+
+void *SSL_get_app_data3(SSL *ssl)
+{
+ return SSL_get_ex_data(ssl, SSL_app_data3_idx);
+}
+
+void SSL_set_app_data3(SSL *ssl, void *arg)
+{
+ SSL_set_ex_data(ssl, SSL_app_data3_idx, arg);
+}
+
/* Simple echo password prompting */
int SSL_password_prompt(tcn_pass_cb_t *data)
{
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org