dims 2003/06/08 07:23:40
Modified: java/src/org/apache/axis/components/net
IBMJSSESocketFactory.java JSSESocketFactory.java
SunJSSESocketFactory.java
Log:
Cleanup and tested non-default socket factories
Revision Changes Path
1.6 +2 -133
xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocketFactory.java
Index: IBMJSSESocketFactory.java
===================================================================
RCS file:
/home/cvs/xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocketFactory.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- IBMJSSESocketFactory.java 22 Apr 2003 19:34:11 -0000 1.5
+++ IBMJSSESocketFactory.java 8 Jun 2003 14:23:40 -0000 1.6
@@ -83,7 +83,7 @@
*
* @author Davanum Srinivas ([EMAIL PROTECTED])
*/
-public class IBMJSSESocketFactory extends DefaultSocketFactory implements
SecureSocketFactory {
+public class IBMJSSESocketFactory extends JSSESocketFactory implements
SecureSocketFactory {
/** Field keystoreType */
private String keystoreType;
@@ -103,9 +103,6 @@
/** Field clientAuth */
private boolean clientAuth = false;
- /** Field sslFactory */
- private SSLSocketFactory sslFactory = null;
-
/** Field defaultKeystoreFile */
static String defaultKeystoreFile =
System.getProperty("user.home") + "/.keystore";
@@ -123,134 +120,6 @@
}
/**
- * creates a secure socket
- *
- * @param host
- * @param port
- * @param otherHeaders
- * @param useFullURL
- *
- * @return Socket
- * @throws Exception
- */
- public Socket create(
- String host, int port, StringBuffer otherHeaders, BooleanHolder
useFullURL)
- throws Exception {
- Socket sslSocket = null;
- if (sslFactory == null) {
- initFactory();
- }
- if (port == -1) {
- port = 443;
- }
-
- TransportClientProperties tcp =
TransportClientPropertiesFactory.create("https");
-
- boolean hostInNonProxyList = isHostInNonProxyList(host,
tcp.getNonProxyHosts());
-
- if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) {
- // direct SSL connection
- sslSocket = sslFactory.createSocket(host, port);
- } else {
-
- // Default proxy port is 80, even for https
- int tunnelPort = (tcp.getProxyPort().length() != 0)
- ? Integer.parseInt(tcp.getProxyPort())
- : 80;
- if (tunnelPort < 0)
- tunnelPort = 80;
-
- // Create the regular socket connection to the proxy
- Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort);
-
- // The tunnel handshake method (condensed and made reflexive)
- OutputStream tunnelOutputStream = tunnel.getOutputStream();
- PrintWriter out = new PrintWriter(
- new BufferedWriter(new OutputStreamWriter(tunnelOutputStream)));
-
- // More secure version... engage later?
- // PasswordAuthentication pa =
- // Authenticator.requestPasswordAuthentication(
- // InetAddress.getByName(tunnelHost),
- // tunnelPort, "SOCK", "Proxy","HTTP");
- // if(pa == null){
- // printDebug("No Authenticator set.");
- // }else{
- // printDebug("Using Authenticator.");
- // tunnelUser = pa.getUserName();
- // tunnelPassword = new String(pa.getPassword());
- // }
- out.print("CONNECT " + host + ":" + port + " HTTP/1.0\r\n"
- + "User-Agent: AxisClient");
- if (tcp.getProxyUser().length() != 0 &&
- tcp.getProxyPassword().length() != 0) {
-
- // add basic authentication header for the proxy
- String encodedPassword = XMLUtils.base64encode((tcp.getProxyUser()
- + ":"
- + tcp.getProxyPassword()).getBytes());
-
- out.print("\nProxy-Authorization: Basic " + encodedPassword);
- }
- out.print("\nContent-Length: 0");
- out.print("\nPragma: no-cache");
- out.print("\r\n\r\n");
- out.flush();
- InputStream tunnelInputStream = tunnel.getInputStream();
-
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("isNull00", "tunnelInputStream",
- "" + (tunnelInputStream
- == null)));
- }
- String replyStr = "";
-
- // Make sure to read all the response from the proxy to prevent SSL
negotiation failure
- // Response message terminated by two sequential newlines
- int newlinesSeen = 0;
- boolean headerDone = false; /* Done on first newline */
-
- while (newlinesSeen < 2) {
- int i = tunnelInputStream.read();
-
- if (i < 0) {
- throw new IOException("Unexpected EOF from proxy");
- }
- if (i == '\n') {
- headerDone = true;
- ++newlinesSeen;
- } else if (i != '\r') {
- newlinesSeen = 0;
- if (!headerDone) {
- replyStr += String.valueOf((char) i);
- }
- }
- }
- if (!replyStr.startsWith("HTTP/1.0 200")
- && !replyStr.startsWith("HTTP/1.1 200")) {
- throw new IOException(Messages.getMessage("cantTunnel00",
- new String[]{
- tcp.getProxyHost(),
- "" + tunnelPort,
- replyStr}));
- }
-
- // End of condensed reflective tunnel handshake method
- sslSocket = sslFactory.createSocket(tunnel, host, port, true);
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("setupTunnel00",
- tcp.getProxyHost(),
- "" + tunnelPort));
- }
- }
- ((SSLSocket) sslSocket).startHandshake();
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("createdSSL00"));
- }
- return sslSocket;
- }
-
- /**
* Read the keystore, init the SSL socket factory
*
* @throws IOException
@@ -259,7 +128,7 @@
try {
Security.addProvider(new com.ibm.jsse.JSSEProvider());
- Security.addProvider(new com.ibm.crypto.provider.IBMJCA());
+ Security.addProvider(new com.ibm.crypto.provider.IBMJCE());
if(attributes == null) {
//No configuration specified. Get the default.
1.12 +12 -1
xml-axis/java/src/org/apache/axis/components/net/JSSESocketFactory.java
Index: JSSESocketFactory.java
===================================================================
RCS file:
/home/cvs/xml-axis/java/src/org/apache/axis/components/net/JSSESocketFactory.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- JSSESocketFactory.java 22 Apr 2003 19:34:11 -0000 1.11
+++ JSSESocketFactory.java 8 Jun 2003 14:23:40 -0000 1.12
@@ -80,7 +80,7 @@
public class JSSESocketFactory extends DefaultSocketFactory implements
SecureSocketFactory {
/** Field sslFactory */
- private static final SSLSocketFactory sslFactory =
(SSLSocketFactory)SSLSocketFactory.getDefault();
+ protected SSLSocketFactory sslFactory = null;
/**
* Constructor JSSESocketFactory
@@ -92,6 +92,14 @@
}
/**
+ * Initialize the SSLSocketFactory
+ * @throws IOException
+ */
+ protected void initFactory() throws IOException {
+ sslFactory = (SSLSocketFactory)SSLSocketFactory.getDefault();
+ }
+
+ /**
* creates a secure socket
*
* @param host
@@ -105,6 +113,9 @@
public Socket create(
String host, int port, StringBuffer otherHeaders, BooleanHolder
useFullURL)
throws Exception {
+ if (sslFactory == null) {
+ initFactory();
+ }
if (port == -1) {
port = 443;
}
1.6 +2 -133
xml-axis/java/src/org/apache/axis/components/net/SunJSSESocketFactory.java
Index: SunJSSESocketFactory.java
===================================================================
RCS file:
/home/cvs/xml-axis/java/src/org/apache/axis/components/net/SunJSSESocketFactory.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- SunJSSESocketFactory.java 6 Jun 2003 20:16:44 -0000 1.5
+++ SunJSSESocketFactory.java 8 Jun 2003 14:23:40 -0000 1.6
@@ -79,7 +79,7 @@
*
* @author Davanum Srinivas ([EMAIL PROTECTED])
*/
-public class SunJSSESocketFactory extends DefaultSocketFactory implements
SecureSocketFactory {
+public class SunJSSESocketFactory extends JSSESocketFactory implements
SecureSocketFactory {
/** Field keystoreType */
private String keystoreType;
@@ -99,9 +99,6 @@
/** Field clientAuth */
private boolean clientAuth = false;
- /** Field sslFactory */
- private SSLSocketFactory sslFactory = null;
-
/** Field defaultKeystoreFile */
static String defaultKeystoreFile =
System.getProperty("user.home") + "/.keystore";
@@ -119,139 +116,11 @@
}
/**
- * creates a secure socket
- *
- * @param host
- * @param port
- * @param otherHeaders
- * @param useFullURL
- *
- * @return Socket
- * @throws Exception
- */
- public Socket create(
- String host, int port, StringBuffer otherHeaders, BooleanHolder
useFullURL)
- throws Exception {
- Socket sslSocket = null;
- if (sslFactory == null) {
- initFactory();
- }
- if (port == -1) {
- port = 443;
- }
-
- TransportClientProperties tcp =
TransportClientPropertiesFactory.create("https");
-
- boolean hostInNonProxyList = isHostInNonProxyList(host,
tcp.getNonProxyHosts());
-
- if (tcp.getProxyHost().length() == 0 || hostInNonProxyList) {
- // direct SSL connection
- sslSocket = sslFactory.createSocket(host, port);
- } else {
-
- // Default proxy port is 80, even for https
- int tunnelPort = (tcp.getProxyPort().length() != 0)
- ? Integer.parseInt(tcp.getProxyPort())
- : 80;
- if (tunnelPort < 0)
- tunnelPort = 80;
-
- // Create the regular socket connection to the proxy
- Socket tunnel = new Socket(tcp.getProxyHost(), tunnelPort);
-
- // The tunnel handshake method (condensed and made reflexive)
- OutputStream tunnelOutputStream = tunnel.getOutputStream();
- PrintWriter out = new PrintWriter(
- new BufferedWriter(new OutputStreamWriter(tunnelOutputStream)));
-
- // More secure version... engage later?
- // PasswordAuthentication pa =
- // Authenticator.requestPasswordAuthentication(
- // InetAddress.getByName(tunnelHost),
- // tunnelPort, "SOCK", "Proxy","HTTP");
- // if(pa == null){
- // printDebug("No Authenticator set.");
- // }else{
- // printDebug("Using Authenticator.");
- // tunnelUser = pa.getUserName();
- // tunnelPassword = new String(pa.getPassword());
- // }
- out.print("CONNECT " + host + ":" + port + " HTTP/1.0\r\n"
- + "User-Agent: AxisClient");
- if (tcp.getProxyUser().length() != 0 &&
- tcp.getProxyPassword().length() != 0) {
-
- // add basic authentication header for the proxy
- String encodedPassword = XMLUtils.base64encode((tcp.getProxyUser()
- + ":"
- + tcp.getProxyPassword()).getBytes());
-
- out.print("\nProxy-Authorization: Basic " + encodedPassword);
- }
- out.print("\nContent-Length: 0");
- out.print("\nPragma: no-cache");
- out.print("\r\n\r\n");
- out.flush();
- InputStream tunnelInputStream = tunnel.getInputStream();
-
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("isNull00", "tunnelInputStream",
- "" + (tunnelInputStream
- == null)));
- }
- String replyStr = "";
-
- // Make sure to read all the response from the proxy to prevent SSL
negotiation failure
- // Response message terminated by two sequential newlines
- int newlinesSeen = 0;
- boolean headerDone = false; /* Done on first newline */
-
- while (newlinesSeen < 2) {
- int i = tunnelInputStream.read();
-
- if (i < 0) {
- throw new IOException("Unexpected EOF from proxy");
- }
- if (i == '\n') {
- headerDone = true;
- ++newlinesSeen;
- } else if (i != '\r') {
- newlinesSeen = 0;
- if (!headerDone) {
- replyStr += String.valueOf((char) i);
- }
- }
- }
- if (!replyStr.startsWith("HTTP/1.0 200")
- && !replyStr.startsWith("HTTP/1.1 200")) {
- throw new IOException(Messages.getMessage("cantTunnel00",
- new String[]{
- tcp.getProxyHost(),
- "" + tunnelPort,
- replyStr}));
- }
-
- // End of condensed reflective tunnel handshake method
- sslSocket = sslFactory.createSocket(tunnel, host, port, true);
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("setupTunnel00",
- tcp.getProxyHost(),
- "" + tunnelPort));
- }
- }
- ((SSLSocket) sslSocket).startHandshake();
- if (log.isDebugEnabled()) {
- log.debug(Messages.getMessage("createdSSL00"));
- }
- return sslSocket;
- }
-
- /**
* Read the keystore, init the SSL socket factory
*
* @throws IOException
*/
- private void initFactory() throws IOException {
+ protected void initFactory() throws IOException {
try {
Security.addProvider(new sun.security.provider.Sun());
