You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by jf...@apache.org on 2001/09/21 10:29:56 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/util/compat CertCompat.java JSSECertCompat.java
jfclere 01/09/21 01:29:56
Modified: . build.xml
src/share/org/apache/tomcat/modules/server
Http10Interceptor.java
Added: src/share/org/apache/tomcat/util/compat CertCompat.java
JSSECertCompat.java
Log:
Add support for JSSE in Http10Connector.
Revision Changes Path
1.154 +2 -0 jakarta-tomcat/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat/build.xml,v
retrieving revision 1.153
retrieving revision 1.154
diff -u -r1.153 -r1.154
--- build.xml 2001/09/18 23:24:46 1.153
+++ build.xml 2001/09/21 08:29:56 1.154
@@ -256,6 +256,8 @@
<include name="org/apache/tomcat/util/**"/>
<exclude name="**/util/net/SSLSocketFactory.java" unless="jsse.present"/>
<exclude name="**/util/net/SSLSocketFactory.java" unless="jdk12.present"/>
+ <exclude name="**/util/compat/JSSECertCompat.java" unless="jsse.present"/>
+ <exclude name="**/util/compat/JSSECertCompat.java" unless="jdk12.present"/>
<exclude name="**/util/compat/Jdk12Support.java" unless="jdk12.present"/>
<exclude name="**/util/depend/DependClassLoader12.java" unless="jdk12.present"/>
</javac>
1.24 +8 -0 jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Http10Interceptor.java
Index: Http10Interceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/server/Http10Interceptor.java,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- Http10Interceptor.java 2001/09/17 04:56:02 1.23
+++ Http10Interceptor.java 2001/09/21 08:29:56 1.24
@@ -71,6 +71,7 @@
import org.apache.tomcat.util.net.*;
import org.apache.tomcat.util.net.ServerSocketFactory;
import org.apache.tomcat.util.log.*;
+import org.apache.tomcat.util.compat.*;
/** Standalone http.
*
@@ -204,9 +205,16 @@
Http10 http=new Http10();
private boolean moreRequests = false;
Socket socket;
+ static CertCompat certcompat = CertCompat.getCertCompat();
public HttpRequest() {
super();
+ }
+ public Object getAttribute(String name) {
+ if (name.equals("javax.servlet.request.X509Certificate")) {
+ return(certcompat.getX509Certificates(socket));
+ }
+ return(super.getAttribute(name));
}
public void recycle() {
1.1 jakarta-tomcat/src/share/org/apache/tomcat/util/compat/CertCompat.java
Index: CertCompat.java
===================================================================
package org.apache.tomcat.util.compat;
import java.net.Socket;
public class CertCompat {
/** Return the client certificate.
*/
public Object getX509Certificates(Socket s)
{
return null;
}
// -------------------- Factory --------------------
/** Get a compatibility helper class.
*/
public static CertCompat getCertCompat() {
return compat;
}
static CertCompat compat;
static {
init();
}
static final String JSSE_SUPPORT=
"org.apache.tomcat.util.compat.JSSECertCompat";
private static void init() {
try {
Class c=Class.forName(JSSE_SUPPORT);
compat=(CertCompat)c.newInstance();
} catch( Exception ex ) {
compat=new CertCompat();
}
}
}
1.1 jakarta-tomcat/src/share/org/apache/tomcat/util/compat/JSSECertCompat.java
Index: JSSECertCompat.java
===================================================================
package org.apache.tomcat.util.compat;
import java.io.ByteArrayInputStream;
import java.net.Socket;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import java.security.cert.CertificateFactory;
import javax.security.cert.X509Certificate;
public class JSSECertCompat extends CertCompat {
/** Return the client certificate.
*/
public Object getX509Certificates(Socket s)
{
// Make sure it is a SSLSocket.
if (s == null)
return null;
if (!(s instanceof SSLSocket))
return null;
SSLSocket socket = (SSLSocket) s;
// Look up the current SSLSession
SSLSession session = socket.getSession();
if (session == null)
return null;
// Convert JSSE's certificate format to the ones we need
X509Certificate jsseCerts[] = null;
java.security.cert.X509Certificate x509Certs[] = null;
try {
jsseCerts = session.getPeerCertificateChain();
if (jsseCerts == null)
jsseCerts = new X509Certificate[0];
x509Certs =
new java.security.cert.X509Certificate[jsseCerts.length];
for (int i = 0; i < x509Certs.length; i++) {
byte buffer[] = jsseCerts[i].getEncoded();
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
ByteArrayInputStream stream =
new ByteArrayInputStream(buffer);
x509Certs[i] = (java.security.cert.X509Certificate)
cf.generateCertificate(stream);
}
} catch (Throwable t) {
return null;
}
if ((x509Certs == null) || (x509Certs.length < 1))
return null;
return x509Certs;
}
}