You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cc...@apache.org on 2001/10/06 21:50:58 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net DefaultServerSocketFactory.java SSLServerSocketFactory.java ServerSocketFactory.java
ccain 01/10/06 12:50:58
Modified: catalina/src/share/org/apache/catalina/connector/http
HttpConnector.java
catalina/src/share/org/apache/catalina/connector/http10
HttpConnector.java
catalina/src/share/org/apache/catalina/connector/warp
WarpConnector.java
catalina/src/share/org/apache/catalina/net
DefaultServerSocketFactory.java
SSLServerSocketFactory.java
ServerSocketFactory.java
Log:
Improved exception-handling and logging for SSL problems, as well as one
possible unfreed resource issue.
Revision Changes Path
1.25 +68 -12 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java
Index: HttpConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- HttpConnector.java 2001/09/11 17:33:02 1.24
+++ HttpConnector.java 2001/10/06 19:50:58 1.25
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v 1.24 2001/09/11 17:33:02 craigmcc Exp $
- * $Revision: 1.24 $
- * $Date: 2001/09/11 17:33:02 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v 1.25 2001/10/06 19:50:58 ccain Exp $
+ * $Revision: 1.25 $
+ * $Date: 2001/10/06 19:50:58 $
*
* ====================================================================
*
@@ -69,10 +69,16 @@
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
+import java.net.UnknownHostException;
import java.security.AccessControlException;
import java.util.Stack;
import java.util.Vector;
import java.util.Enumeration;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
import org.apache.catalina.Connector;
import org.apache.catalina.Container;
import org.apache.catalina.HttpRequest;
@@ -96,7 +102,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.24 $ $Date: 2001/09/11 17:33:02 $
+ * @version $Revision: 1.25 $ $Date: 2001/10/06 19:50:58 $
*/
@@ -933,9 +939,22 @@
* address has been specified, the socket will be opened only on that
* address; otherwise it will be opened on all addresses.
*
- * @exception IOException if an input/output error occurs
- */
- private ServerSocket open() throws IOException {
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
+ */
+ private ServerSocket open()
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
// Acquire the server socket factory for this Connector
ServerSocketFactory factory = getFactory();
@@ -989,6 +1008,7 @@
// if (debug >= 3)
// log("run: Accept returned IOException", e);
try {
+ // If reopening fails, exit
synchronized (threadSync) {
if (started && !stopped)
log("accept: ", e);
@@ -1003,11 +1023,26 @@
}
// if (debug >= 3)
// log("run: IOException processing completed");
- } catch (IOException ex) {
- // If reopening fails, exit
- log("socket reopen: ", ex);
+ } catch (IOException ioe) {
+ log("socket reopen, io problem: ", ioe);
+ break;
+ } catch (KeyStoreException kse) {
+ log("socket reopen, keystore problem: ", kse);
+ break;
+ } catch (NoSuchAlgorithmException nsae) {
+ log("socket reopen, keystore algorithm problem: ", nsae);
+ break;
+ } catch (CertificateException ce) {
+ log("socket reopen, certificate problem: ", ce);
break;
+ } catch (UnrecoverableKeyException uke) {
+ log("socket reopen, unrecoverable key: ", uke);
+ break;
+ } catch (KeyManagementException kme) {
+ log("socket reopen, key management problem: ", kme);
+ break;
}
+
continue;
}
@@ -1107,14 +1142,35 @@
if (initialized)
throw new LifecycleException (
sm.getString("httpConnector.alreadyInitialized"));
+
this.initialized=true;
+ Exception eRethrow = null;
// Establish a server socket on the specified port
try {
serverSocket = open();
- } catch (IOException e) {
- throw new LifecycleException(threadName + ".open", e);
+ } catch (IOException ioe) {
+ log("httpConnector, io problem: ", ioe);
+ eRethrow = ioe;
+ } catch (KeyStoreException kse) {
+ log("httpConnector, keystore problem: ", kse);
+ eRethrow = kse;
+ } catch (NoSuchAlgorithmException nsae) {
+ log("httpConnector, keystore algorithm problem: ", nsae);
+ eRethrow = nsae;
+ } catch (CertificateException ce) {
+ log("httpConnector, certificate problem: ", ce);
+ eRethrow = ce;
+ } catch (UnrecoverableKeyException uke) {
+ log("httpConnector, unrecoverable key: ", uke);
+ eRethrow = uke;
+ } catch (KeyManagementException kme) {
+ log("httpConnector, key management problem: ", kme);
+ eRethrow = kme;
}
+
+ if ( eRethrow != null )
+ throw new LifecycleException(threadName + ".open", eRethrow);
}
1.13 +48 -9 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpConnector.java
Index: HttpConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpConnector.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- HttpConnector.java 2001/09/11 17:33:02 1.12
+++ HttpConnector.java 2001/10/06 19:50:58 1.13
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpConnector.java,v 1.12 2001/09/11 17:33:02 craigmcc Exp $
- * $Revision: 1.12 $
- * $Date: 2001/09/11 17:33:02 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http10/HttpConnector.java,v 1.13 2001/10/06 19:50:58 ccain Exp $
+ * $Revision: 1.13 $
+ * $Date: 2001/10/06 19:50:58 $
*
* ====================================================================
*
@@ -72,6 +72,11 @@
import java.security.AccessControlException;
import java.util.Stack;
import java.util.Vector;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
import org.apache.catalina.Connector;
import org.apache.catalina.Container;
import org.apache.catalina.HttpRequest;
@@ -95,7 +100,7 @@
* purposes. Not intended to be the final solution.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.12 $ $Date: 2001/09/11 17:33:02 $
+ * @version $Revision: 1.13 $ $Date: 2001/10/06 19:50:58 $
*/
@@ -858,9 +863,22 @@
* address has been specified, the socket will be opened only on that
* address; otherwise it will be opened on all addresses.
*
- * @exception IOException if an input/output error occurs
- */
- private ServerSocket open() throws IOException {
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
+ */
+ private ServerSocket open()
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
// Acquire the server socket factory for this Connector
ServerSocketFactory factory = getFactory();
@@ -1011,14 +1029,35 @@
if (initialized)
throw new LifecycleException (
sm.getString("httpConnector.alreadyInitialized"));
+
this.initialized=true;
+ Exception eRethrow = null;
// Establish a server socket on the specified port
try {
serverSocket = open();
- } catch (IOException e) {
- throw new LifecycleException(threadName + ".open", e);
+ } catch (IOException ioe) {
+ log("httpConnector, io problem: ", ioe);
+ eRethrow = ioe;
+ } catch (KeyStoreException kse) {
+ log("httpConnector, keystore problem: ", kse);
+ eRethrow = kse;
+ } catch (NoSuchAlgorithmException nsae) {
+ log("httpConnector, keystore algorithm problem: ", nsae);
+ eRethrow = nsae;
+ } catch (CertificateException ce) {
+ log("httpConnector, certificate problem: ", ce);
+ eRethrow = ce;
+ } catch (UnrecoverableKeyException uke) {
+ log("httpConnector, unrecoverable key: ", uke);
+ eRethrow = uke;
+ } catch (KeyManagementException kme) {
+ log("httpConnector, key management problem: ", kme);
+ eRethrow = kme;
}
+
+ if ( eRethrow != null )
+ throw new LifecycleException(threadName + ".open", eRethrow);
}
1.17 +18 -2 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/warp/WarpConnector.java
Index: WarpConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/warp/WarpConnector.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- WarpConnector.java 2001/08/23 22:32:10 1.16
+++ WarpConnector.java 2001/10/06 19:50:58 1.17
@@ -78,6 +78,12 @@
import org.apache.catalina.net.ServerSocketFactory;
import org.apache.catalina.util.LifecycleSupport;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
+
public class WarpConnector implements Connector, Lifecycle, Runnable {
/* ==================================================================== */
@@ -478,8 +484,18 @@
InetAddress addr=InetAddress.getByName(this.getAddress());
this.server=fact.createSocket(port,accc,addr);
}
- } catch (IOException e) {
- throw new LifecycleException("Error creating server socket",e);
+ } catch (IOException ioe) {
+ throw new LifecycleException("Error creating server socket",ioe);
+ } catch (KeyStoreException kse) {
+ throw new LifecycleException("Error creating server socket",kse);
+ } catch (NoSuchAlgorithmException nsae) {
+ throw new LifecycleException("Error creating server socket",nsae);
+ } catch (CertificateException ce) {
+ throw new LifecycleException("Error creating server socket",ce);
+ } catch (UnrecoverableKeyException uke) {
+ throw new LifecycleException("Error creating server socket",uke);
+ } catch (KeyManagementException kme) {
+ throw new LifecycleException("Error creating server socket",kme);
}
}
1.4 +48 -10 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java
Index: DefaultServerSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- DefaultServerSocketFactory.java 2001/07/22 20:25:11 1.3
+++ DefaultServerSocketFactory.java 2001/10/06 19:50:58 1.4
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v 1.3 2001/07/22 20:25:11 pier Exp $
- * $Revision: 1.3 $
- * $Date: 2001/07/22 20:25:11 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v 1.4 2001/10/06 19:50:58 ccain Exp $
+ * $Revision: 1.4 $
+ * $Date: 2001/10/06 19:50:58 $
*
* ====================================================================
*
@@ -68,8 +68,12 @@
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
+import java.security.cert.CertificateException;
-
/**
* Default server socket factory, which returns unadorned server sockts.
*
@@ -92,9 +96,21 @@
*
* @param port the port to listen to
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
- public ServerSocket createSocket (int port) throws IOException {
+ public ServerSocket createSocket (int port)
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException {
return (new ServerSocket(port));
@@ -110,10 +126,21 @@
* @param port the port to listen to
* @param backlog how many connections are queued
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
public ServerSocket createSocket (int port, int backlog)
- throws IOException {
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException {
return (new ServerSocket(port, backlog));
@@ -130,11 +157,22 @@
* @param backlog how many connections are queued
* @param ifAddress the network interface address to use
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
public ServerSocket createSocket (int port, int backlog,
InetAddress ifAddress)
- throws IOException {
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException {
return (new ServerSocket(port, backlog, ifAddress));
1.7 +131 -59 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/SSLServerSocketFactory.java
Index: SSLServerSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/SSLServerSocketFactory.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- SSLServerSocketFactory.java 2001/09/12 17:00:32 1.6
+++ SSLServerSocketFactory.java 2001/10/06 19:50:58 1.7
@@ -66,6 +66,8 @@
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
import java.security.Security;
import java.security.cert.CertificateException;
import javax.net.ServerSocketFactory;
@@ -177,7 +179,11 @@
*/
private KeyStore keyStore = null;
- public KeyStore getKeyStore() throws IOException {
+ public KeyStore getKeyStore()
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException,UnrecoverableKeyException,
+ KeyManagementException
+ {
if (sslProxy == null)
initialize();
return (this.keyStore);
@@ -255,9 +261,22 @@
*
* @param port Port to listen to
*
- * @exception IOException if an input/output or network error occurs
- */
- public ServerSocket createSocket(int port) throws IOException {
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception CertificateException general certificate error
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate
+ * @exception KeyManagementException problem in the key management
+ * layer
+ */
+ public ServerSocket createSocket(int port)
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
if (sslProxy == null)
initialize();
@@ -278,10 +297,22 @@
* @param port Port to listen to
* @param backlog Maximum number of connections to be queued
*
- * @exception IOException if an input/output or network error occurs
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception CertificateException general certificate error
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate
+ * @exception KeyManagementException problem in the key management
+ * layer
*/
public ServerSocket createSocket(int port, int backlog)
- throws IOException {
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
if (sslProxy == null)
initialize();
@@ -303,11 +334,23 @@
* @param backlog Maximum number of connections to be queued
* @param ifAddress Address of the interface to be used
*
- * @exception IOException if an input/output or network error occurs
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception CertificateException general certificate error
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate
+ * @exception KeyManagementException problem in the key management
+ * layer
*/
public ServerSocket createSocket(int port, int backlog,
InetAddress ifAddress)
- throws IOException {
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
if (sslProxy == null)
initialize();
@@ -325,9 +368,22 @@
/**
* Initialize objects that will be required to create sockets.
*
- * @exception IOException if an input/output error occurs
- */
- private synchronized void initialize() throws IOException {
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception CertificateException general certificate error
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate
+ * @exception KeyManagementException problem in the key management
+ * layer
+ */
+ private synchronized void initialize()
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException
+ {
initHandler();
initKeyStore();
@@ -354,20 +410,35 @@
/**
* Initialize the internal representation of the key store file.
*
- * @exception IOException if an input/output exception occurs
- */
- private void initKeyStore() throws IOException {
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception CertificateException general certificate error
+ */
+ private void initKeyStore()
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException
+ {
+ FileInputStream istream = null;
+
try {
keyStore = KeyStore.getInstance(keystoreType);
- FileInputStream istream = new FileInputStream(keystoreFile);
+ istream = new FileInputStream(keystoreFile);
keyStore.load(istream, keystorePass.toCharArray());
- istream.close();
- } catch (Exception e) {
- // FIXME - send to an appropriate log file?
- System.out.println("initKeyStore: " + e);
- e.printStackTrace(System.out);
- throw new IOException(e.toString());
+ } catch (IOException ioe) {
+ throw ioe;
+ } catch (KeyStoreException kse) {
+ throw kse;
+ } catch (NoSuchAlgorithmException nsae) {
+ throw nsae;
+ } catch (CertificateException ce) {
+ throw ce;
+ } finally {
+ if ( istream != null )
+ istream.close();
}
}
@@ -376,47 +447,48 @@
/**
* Initialize the SSL socket factory.
*
- * @exception IOException if an input/output error occurs
- */
- private void initProxy() throws IOException {
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate
+ * @exception KeyManagementException problem in the key management
+ * layer
+ */
+ private void initProxy()
+ throws KeyStoreException, NoSuchAlgorithmException,
+ UnrecoverableKeyException, KeyManagementException
+ {
+ // Register the JSSE security Provider (if it is not already there)
try {
-
- // Register the JSSE security Provider (if it is not already there)
- try {
- Security.addProvider((java.security.Provider)
- Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
- } catch (Throwable t) {
- ;
- }
-
- // Create an SSL context used to create an SSL socket factory
- SSLContext context = SSLContext.getInstance(protocol);
-
- // Create the key manager factory used to extract the server key
- KeyManagerFactory keyManagerFactory =
- KeyManagerFactory.getInstance(algorithm);
- keyManagerFactory.init(keyStore, keystorePass.toCharArray());
-
- // Create the trust manager factory used for checking certificates
- /*
- trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
- trustManagerFactory.init(keyStore);
- */
-
- // Initialize the context with the key managers
- context.init(keyManagerFactory.getKeyManagers(), null,
- new java.security.SecureRandom());
-
- // Create the proxy and return
- sslProxy = context.getServerSocketFactory();
-
- } catch (Exception e) {
- // FIXME - send to an appropriate log file?
- System.out.println("initProxy: " + e);
- e.printStackTrace(System.out);
- throw new IOException(e.toString());
+ Security.addProvider((java.security.Provider)
+ Class.forName("com.sun.net.ssl.internal.ssl.Provider").newInstance());
+ } catch (Throwable t) {
+ ;
}
+
+ // Create an SSL context used to create an SSL socket factory
+ SSLContext context = SSLContext.getInstance(protocol);
+
+ // Create the key manager factory used to extract the server key
+ KeyManagerFactory keyManagerFactory =
+ KeyManagerFactory.getInstance(algorithm);
+ keyManagerFactory.init(keyStore, keystorePass.toCharArray());
+
+ // Create the trust manager factory used for checking certificates
+ /*
+ trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
+ trustManagerFactory.init(keyStore);
+ */
+
+ // Initialize the context with the key managers
+ context.init(keyManagerFactory.getKeyManagers(), null,
+ new java.security.SecureRandom());
+
+ // Create the proxy and return
+ sslProxy = context.getServerSocketFactory();
}
1.4 +45 -6 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/ServerSocketFactory.java
Index: ServerSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/ServerSocketFactory.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ServerSocketFactory.java 2001/07/22 20:25:11 1.3
+++ ServerSocketFactory.java 2001/10/06 19:50:58 1.4
@@ -64,6 +64,11 @@
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.UnrecoverableKeyException;
+import java.security.KeyManagementException;
/**
@@ -90,9 +95,21 @@
*
* @param port the port to listen to
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
- public ServerSocket createSocket (int port) throws IOException;
+ public ServerSocket createSocket (int port)
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException;
/**
@@ -104,10 +121,21 @@
* @param port the port to listen to
* @param backlog how many connections are queued
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
public ServerSocket createSocket (int port, int backlog)
- throws IOException;
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException;
/**
@@ -120,11 +148,22 @@
* @param backlog how many connections are queued
* @param ifAddress the network interface address to use
*
- * @exception IOException for networking errors
+ * @exception IOException input/output or network error
+ * @exception KeyStoreException error instantiating the
+ * KeyStore from file (SSL only)
+ * @exception NoSuchAlgorithmException KeyStore algorithm unsupported
+ * by current provider (SSL only)
+ * @exception CertificateException general certificate error (SSL only)
+ * @exception UnrecoverableKeyException internal KeyStore problem with
+ * the certificate (SSL only)
+ * @exception KeyManagementException problem in the key management
+ * layer (SSL only)
*/
public ServerSocket createSocket (int port, int backlog,
InetAddress ifAddress)
- throws IOException;
+ throws IOException, KeyStoreException, NoSuchAlgorithmException,
+ CertificateException, UnrecoverableKeyException,
+ KeyManagementException;
}