You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2011/09/21 16:16:07 UTC
svn commit: r1173660 - in /tomcat/tc7.0.x/trunk: ./
java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java
webapps/docs/changelog.xml
Author: markt
Date: Wed Sep 21 14:16:07 2011
New Revision: 1173660
URL: http://svn.apache.org/viewvc?rev=1173660&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51860
Fix issues when using NIO, SSL and a custom SSLImplementation.
Based on a suggestion by Roman Tsirulnikov.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Sep 21 14:16:07 2011
@@ -1 +1 @@
-/tomcat/trunk:1156171,1156276,1156304,1156530,1156602,1157015,1157018,1157151,1157198,1157204,1157810,1157832,1157834,1157847,1157908,1157939,1158155,1158160,1158176,1158195,1158198-1158199,1158227,1158331,1158334-1158335,1158426,1160347,1160592,1160611,1160619,1160626,1160639,1160652,1160720-1160721,1160772,1160774,1160776,1161303,1161310,1161322,1161339,1161486,1161540,1161549,1161584,1162082,1162149,1162169,1162721,1162769,1162836,1162932,1163630,1164419,1164438,1164469,1164480,1164567,1165234,1165247-1165248,1165253,1165273,1165282,1165309,1165331,1165338,1165347,1165360-1165361,1165367-1165368,1165602,1165608,1165677,1165693,1165721,1165723,1165728,1165730,1165738,1165746,1165765,1165777,1165918,1165921,1166077,1166150-1166151,1166290,1166366,1166620,1166686,1166752,1166757,1167368,1167394,1169447,1170647,1171692,1172233-1172234,1172236,1172269,1172278,1172282,1172610,1172664,1172689,1172711,1173020-1173021,1173082,1173096,1173241,1173256,1173288,1173614,1173630
+/tomcat/trunk:1156171,1156276,1156304,1156530,1156602,1157015,1157018,1157151,1157198,1157204,1157810,1157832,1157834,1157847,1157908,1157939,1158155,1158160,1158176,1158195,1158198-1158199,1158227,1158331,1158334-1158335,1158426,1160347,1160592,1160611,1160619,1160626,1160639,1160652,1160720-1160721,1160772,1160774,1160776,1161303,1161310,1161322,1161339,1161486,1161540,1161549,1161584,1162082,1162149,1162169,1162721,1162769,1162836,1162932,1163630,1164419,1164438,1164469,1164480,1164567,1165234,1165247-1165248,1165253,1165273,1165282,1165309,1165331,1165338,1165347,1165360-1165361,1165367-1165368,1165602,1165608,1165677,1165693,1165721,1165723,1165728,1165730,1165738,1165746,1165765,1165777,1165918,1165921,1166077,1166150-1166151,1166290,1166366,1166620,1166686,1166752,1166757,1167368,1167394,1169447,1170647,1171692,1172233-1172234,1172236,1172269,1172278,1172282,1172610,1172664,1172689,1172711,1173020-1173021,1173082,1173096,1173241,1173256,1173288,1173614,1173630,1173659
Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java?rev=1173660&r1=1173659&r2=1173660&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java Wed Sep 21 14:16:07 2011
@@ -22,6 +22,8 @@ import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
/**
@@ -31,7 +33,7 @@ import javax.net.ssl.X509KeyManager;
*
* @author Jan Luehe
*/
-public final class JSSEKeyManager implements X509KeyManager {
+public final class JSSEKeyManager extends X509ExtendedKeyManager {
private X509KeyManager delegate;
private String serverKeyAlias;
@@ -44,6 +46,7 @@ public final class JSSEKeyManager implem
* supporting certificate chain
*/
public JSSEKeyManager(X509KeyManager mgr, String serverKeyAlias) {
+ super();
this.delegate = mgr;
this.serverKeyAlias = serverKeyAlias;
}
@@ -74,12 +77,9 @@ public final class JSSEKeyManager implem
* Returns this key manager's server key alias that was provided in the
* constructor.
*
- * @param keyType The key algorithm type name (ignored)
- * @param issuers The list of acceptable CA issuer subject names, or null
- * if it does not matter which issuers are used (ignored)
- * @param socket The socket to be used for this connection. This parameter
- * can be null, in which case this method will return the most generic
- * alias to use (ignored)
+ * @param keyType Ignored
+ * @param issuers Ignored
+ * @param socket Ignored
*
* @return Alias name for the desired key
*/
@@ -148,4 +148,40 @@ public final class JSSEKeyManager implem
public PrivateKey getPrivateKey(String alias) {
return delegate.getPrivateKey(alias);
}
+
+ /**
+ * Choose an alias to authenticate the client side of a secure socket,
+ * given the public key type and the list of certificate issuer authorities
+ * recognized by the peer (if any).
+ *
+ * @param keyType The key algorithm type name(s), ordered with the
+ * most-preferred key type first
+ * @param issuers The list of acceptable CA issuer subject names, or null
+ * if it does not matter which issuers are used
+ * @param engine Ignored
+ *
+ * @return The alias name for the desired key, or null if there are no
+ * matches
+ */
+ @Override
+ public String chooseEngineClientAlias(String[] keyType, Principal[] issuers,
+ SSLEngine engine) {
+ return delegate.chooseClientAlias(keyType, issuers, null);
+ }
+
+ /**
+ * Returns this key manager's server key alias that was provided in the
+ * constructor.
+ *
+ * @param keyType Ignored
+ * @param issuers Ignored
+ * @param engine Ignored
+ *
+ * @return Alias name for the desired key
+ */
+ @Override
+ public String chooseEngineServerAlias(String keyType, Principal[] issuers,
+ SSLEngine engine) {
+ return serverKeyAlias;
+ }
}
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1173660&r1=1173659&r2=1173660&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Wed Sep 21 14:16:07 2011
@@ -149,6 +149,10 @@
Replace unneeded call that iterated events queue in NioEndpoint.Poller.
(kkolinko)
</fix>
+ <fix>
+ <bug>51860</bug>: Fix issues if using NIO with a custom
+ SSLImplementation. Based on a suggestion by Roman Tsirulnikov. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org