You are viewing a plain text version of this content. The canonical link for it is here.
Posted to axis-cvs@ws.apache.org by di...@apache.org on 2008/03/30 08:14:35 UTC
svn commit: r642688 - in
/webservices/axis2/trunk/c/src/core/transport/http/sender/ssl: ssl_stream.c
ssl_utils.c
Author: dinesh
Date: Sat Mar 29 23:14:34 2008
New Revision: 642688
URL: http://svn.apache.org/viewvc?rev=642688&view=rev
Log:
code formatted and more log messages
Modified:
webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_stream.c
webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_utils.c
Modified: webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_stream.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_stream.c?rev=642688&r1=642687&r2=642688&view=diff
==============================================================================
--- webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_stream.c (original)
+++ webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_stream.c Sat Mar 29 23:14:34 2008
@@ -98,14 +98,14 @@
if (!stream_impl->ctx)
{
axis2_ssl_stream_free((axutil_stream_t *) stream_impl, env);
- AXIS2_HANDLE_ERROR(env->error, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
+ AXIS2_HANDLE_ERROR(env, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
return NULL;
}
stream_impl->ssl = axis2_ssl_utils_initialize_ssl(env, stream_impl->ctx,
stream_impl->socket);
if (!stream_impl->ssl)
{
- AXIS2_HANDLE_ERROR(env->error, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
+ AXIS2_HANDLE_ERROR(env, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
return NULL;
}
stream_impl->stream_type = AXIS2_STREAM_MANAGED;
Modified: webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_utils.c
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_utils.c?rev=642688&r1=642687&r2=642688&view=diff
==============================================================================
--- webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_utils.c (original)
+++ webservices/axis2/trunk/c/src/core/transport/http/sender/ssl/ssl_utils.c Sat Mar 29 23:14:34 2008
@@ -45,12 +45,10 @@
SSL_CTX *ctx = NULL;
axis2_char_t *ca_file = server_cert;
- AXIS2_ENV_CHECK(env, NULL);
-
if (!ca_file)
{
AXIS2_LOG_INFO(env->log, "[ssl client] CA certificate not specified");
- AXIS2_ERROR_SET(env->error, AXIS2_ERROR_SSL_NO_CA_FILE, AXIS2_FAILURE);
+ AXIS2_HANDLE_ERROR(env, AXIS2_ERROR_SSL_NO_CA_FILE, AXIS2_FAILURE);
return NULL;
}
@@ -74,7 +72,11 @@
if (key_file) /*can we check if the server needs client auth? */
{
if (!ssl_pp)
- AXIS2_LOG_INFO(env->log, "[ssl client] No passphrase specified");
+ {
+ AXIS2_LOG_INFO(env->log,
+ "[ssl client] No passphrase specified for \
+key file %s and server cert %s", key_file, server_cert);
+ }
SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *) ssl_pp);
SSL_CTX_set_default_passwd_cb(ctx, password_cb);
@@ -82,7 +84,8 @@
if (!(SSL_CTX_use_certificate_chain_file(ctx, key_file)))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[ssl client] Loading client certificate failed ");
+ "[ssl client] Loading client certificate failed \
+, key file %s", key_file);
SSL_CTX_free(ctx);
return NULL;
}
@@ -90,32 +93,29 @@
if (!(SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM)))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[ssl client] Loading client key failed");
+ "[ssl client] Loading client key failed, key file \
+%s", key_file);
SSL_CTX_free(ctx);
return NULL;
}
}
else
{
- AXIS2_LOG_INFO(env->log, "[ssl client] Client certificate chain file "
- "not specified");
+ AXIS2_LOG_INFO(env->log,
+ "[ssl client] Client certificate chain file"
+ "not specified");
}
/* Load the CAs we trust */
if (!(SSL_CTX_load_verify_locations(ctx, ca_file, 0)))
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
- "[ssl client] Loading CA certificate failed");
+ "[ssl client] Loading CA certificate failed, \
+ca_file is %s", ca_file);
SSL_CTX_free(ctx);
return NULL;
}
- /* verify depth should be read from axis2.xml, let's use the default for
- * the moment*/
-#if (OPENSSL_VERSION_NUMBER < 0x00905100L)
- /*SSL_CTX_set_verify_depth(ctx, 1); */
-#endif
-
return ctx;
}
@@ -128,25 +128,29 @@
SSL *ssl = NULL;
BIO *sbio = NULL;
- AXIS2_ENV_CHECK(env, NULL);
AXIS2_PARAM_CHECK(env->error, ctx, NULL);
ssl = SSL_new(ctx);
if (!ssl)
{
+ AXIS2_LOG_ERROR (env->log, AXIS2_LOG_SI,
+ "[ssl]unable to create new ssl context");
return NULL;
}
sbio = BIO_new_socket((int)socket, BIO_NOCLOSE);
if (!sbio)
{
+ AXIS2_LOG_ERROR (env->log, AXIS2_LOG_SI,
+ "[ssl]unable to create BIO new socket for socket %d",
+ (int)socket);
return NULL;
}
SSL_set_bio(ssl, sbio, sbio);
if (SSL_connect(ssl) <= 0)
{
- AXIS2_ERROR_SET(env->error, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
+ AXIS2_HANDLE_ERROR(env, AXIS2_ERROR_SSL_ENGINE, AXIS2_FAILURE);
return NULL;
}
@@ -164,6 +168,7 @@
{
peer_name = (peer_cert->cert_info)->subject;
}
+
cert_store = SSL_CTX_get_cert_store(ctx);
if (peer_name && cert_store)
{
@@ -207,7 +212,6 @@
SSL_CTX * ctx,
SSL * ssl)
{
- AXIS2_ENV_CHECK(env, AXIS2_FAILURE);
if (ssl)
{
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-cvs-help@ws.apache.org