date:20160108

cxf git commit: Recording .gitmergeinfo Changes

2016-01-08 Thread asoldano

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 2fccfdcdb -> b4bfa886e


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b4bfa886
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b4bfa886
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b4bfa886

Branch: refs/heads/3.1.x-fixes
Commit: b4bfa886ee80b681b09eb578c69a03a43ea964e2
Parents: 2fccfdc
Author: Alessio Soldano 
Authored: Fri Jan 8 23:30:02 2016 +0100
Committer: Alessio Soldano 
Committed: Fri Jan 8 23:30:02 2016 +0100

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/b4bfa886/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index b6394a2..436297c 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -15,4 +15,5 @@ B f0e08b7bea2660542e18294d490e68c7b14aaa4b
 B f1b56150d6520e73d2ade2296c3b2f13839e63e5
 B f94e1dd9b2a8d27ec5a27bfb7c026e3ae2350e39
 B fb30f8bffc85fcc3208fcc0e1eda4b54a89b5d37
+M 0222768baf6b60742c4a8332308edf2be0f4a2e4
 M 8583a24ac541dc373503d7a6c59cd90890acdae3

buildbot success in ASF Buildbot on cxf-site-production

2016-01-08 Thread buildbot

The Buildbot has detected a restored build on builder cxf-site-production while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/cxf-site-production/builds/4627

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: bb-cms-slave

Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this 
build
Build Source Stamp: [branch cxf/web] HEAD
Blamelist: 

Build succeeded!

Sincerely,
 -The Buildbot

buildbot failure in ASF Buildbot on cxf-site-production

2016-01-08 Thread buildbot

The Buildbot has detected a new failure on builder cxf-site-production while 
building ASF Buildbot. Full details are available at:
http://ci.apache.org/builders/cxf-site-production/builds/4626

Buildbot URL: http://ci.apache.org/

Buildslave for this Build: bb-cms-slave

Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this 
build
Build Source Stamp: [branch cxf/web] HEAD
Blamelist: 

BUILD FAILED: failed compile

Sincerely,
 -The Buildbot

cxf git commit: [CXF-6739] Refactor to reduce memory pressure in org.apache.cxf.attachment.AttachmentDeserializer: * reset and reuse the same StringBuilder for fetching each line from the message inpu

2016-01-08 Thread asoldano

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 785994070 -> 2fccfdcdb


[CXF-6739] Refactor to reduce memory pressure in 
org.apache.cxf.attachment.AttachmentDeserializer:
 * reset and reuse the same StringBuilder for fetching each line from the 
message input stream, instead of allocating a new one (using 128 bytes) every 
time
 * avoid the ArrayList intermediate model and directly convert the 
StringBuilder into entries for the resulting TreeMap object
 * remove part of the special treatment of lines strating with spaces, as with 
the existing code there's no way such a line could be added to the headerLines 
list while the buffer is empty unless it's the first line from the stream 
(which means the headerLines will be empty and hence there's no need to worry 
about appending it to the previous one).


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2fccfdcd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2fccfdcd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2fccfdcd

Branch: refs/heads/3.1.x-fixes
Commit: 2fccfdcdbcd3a8bb8ea740eda499b48b74dbaf65
Parents: 7859940
Author: Alessio Soldano 
Authored: Fri Jan 8 13:31:40 2016 +0100
Committer: Alessio Soldano 
Committed: Fri Jan 8 23:27:37 2016 +0100

--
 .../cxf/attachment/AttachmentDeserializer.java  | 109 +++
 1 file changed, 42 insertions(+), 67 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/2fccfdcd/core/src/main/java/org/apache/cxf/attachment/AttachmentDeserializer.java
--
diff --git 
a/core/src/main/java/org/apache/cxf/attachment/AttachmentDeserializer.java 
b/core/src/main/java/org/apache/cxf/attachment/AttachmentDeserializer.java
index 8d54660..e8dd326 100644
--- a/core/src/main/java/org/apache/cxf/attachment/AttachmentDeserializer.java
+++ b/core/src/main/java/org/apache/cxf/attachment/AttachmentDeserializer.java
@@ -312,73 +312,41 @@ public class AttachmentDeserializer {
 
 
 private Map loadPartHeaders(InputStream in) throws 
IOException {
-List headerLines = new ArrayList(10);
 StringBuilder buffer = new StringBuilder(128);
-String line;
+StringBuilder b = new StringBuilder(128);
+Map heads = new TreeMap(String.CASE_INSENSITIVE_ORDER);
 // loop until we hit the end or a null line
-while ((line = readLine(in)) != null) {
+while (readLine(in, b)) {
 // lines beginning with white space get special handling
-if (line.startsWith(" ") || line.startsWith("\t")) {
-// this gets handled using the logic defined by
-// the addHeaderLine method.  If this line is a continuation, 
but
-// there's nothing before it, just call addHeaderLine to add it
-// to the last header in the headers list
-if (buffer.length() == 0) {
-addHeaderLine(headerLines, line);
-} else {
+char c = b.charAt(0);
+if (c == ' ' || c == '\t') {
+if (buffer.length() != 0) {
 // preserve the line break and append the continuation
 buffer.append("\r\n");
-buffer.append(line);
+buffer.append(b);
 }
 } else {
 // if we have a line pending in the buffer, flush it
 if (buffer.length() > 0) {
-addHeaderLine(headerLines, buffer.toString());
+addHeaderLine(heads, buffer);
 buffer.setLength(0);
 }
 // add this to the accumulator
-buffer.append(line);
+buffer.append(b);
 }
 }
 
 // if we have a line pending in the buffer, flush it
 if (buffer.length() > 0) {
-addHeaderLine(headerLines, buffer.toString());
-}
-Map heads = new TreeMap(String.CASE_INSENSITIVE_ORDER);
-for (String h: headerLines) {
-int separator = h.indexOf(':');
-String name = null;
-String value = "";
-if (separator == -1) {
-name = h.trim();
-} else {
-name = h.substring(0, separator);
-// step past the separator.  Now we need to remove any leading 
white space characters.
-separator++;
-
-while (separator < h.length()) {
-char ch = h.charAt(separator);
-if (ch != ' ' && ch != '\t' && ch != '\r' && ch != '\n') {
-break;

cxf git commit: Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue

2016-01-08 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/master 8a4e85b24 -> 9754ca7ba


Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9754ca7b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9754ca7b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9754ca7b

Branch: refs/heads/master
Commit: 9754ca7bab38fc8e73df276488ff63295fcb2b82
Parents: 8a4e85b
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 12:14:17 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 12:14:17 2016 +

--
 .../AsymmetricBindingHandler.java   |  6 +++-
 .../IssuedTokenPolicyValidator.java |  3 ++
 .../sts/asymmetric/AsymmetricBindingTest.java   | 35 +++-
 .../cxf/systest/sts/asymmetric/DoubleIt.wsdl|  3 ++
 .../cxf/systest/sts/asymmetric/cxf-client.xml   | 30 +
 .../cxf/systest/sts/asymmetric/cxf-service.xml  |  7 
 .../systest/sts/asymmetric/cxf-stax-service.xml |  8 +
 7 files changed, 90 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/9754ca7b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 2508447..564cece 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
+import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -478,10 +479,13 @@ public class AsymmetricBindingHandler extends 
AbstractBindingBuilder {
 if (!isRequestor() && securityToken != null 
 && securityToken.getX509Certificate() != null) {
 
encr.setUseThisCert(securityToken.getX509Certificate());
+} else if (!isRequestor() && securityToken != null 
+&& securityToken.getKey() instanceof PublicKey) {
+
encr.setUseThisPublicKey((PublicKey)securityToken.getKey());
 } else {
 setEncryptionUser(encr, encrToken, false, crypto);
 }
-if (!encr.isCertSet() && crypto == null) {
+if (!encr.isCertSet() && encr.getUseThisPublicKey() == 
null && crypto == null) {
 unassertPolicy(recToken, "Missing security 
configuration. "
 + "Make sure jaxws:client element is 
configured " 
 + "with a " + 
SecurityConstants.ENCRYPT_PROPERTIES + " value.");

http://git-wip-us.apache.org/repos/asf/cxf/blob/9754ca7b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
index 73f3f29..c2c21f2 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
@@ -270,6 +270,9 @@ public class IssuedTokenPolicyValidator extends 
AbstractSamlPolicyValidator {
 if (certs != null && certs.length > 0) {
 token.setX509Certificate(certs[0], null);
 }
+if (subjectKeyInfo.getPublicKey() != null) {
+token.setKey(subjectKeyInfo.getPublicKey());
+}
 }
 if (assertionWrapper.getSaml1() != null) {
 token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);

http://git-wip-us.apache.org/repos/asf/cxf/blob/9754ca7b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
--
diff --git 
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java

cxf git commit: Recording .gitmergeinfo Changes

2016-01-08 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 9c8d92890 -> 5c8e6c86e


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5c8e6c86
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5c8e6c86
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5c8e6c86

Branch: refs/heads/3.0.x-fixes
Commit: 5c8e6c86eb9f34bf0355ba62d1449d7e8ad591b7
Parents: 9c8d928
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 13:45:16 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 13:45:16 2016 +

--
 .gitmergeinfo | 2 ++
 1 file changed, 2 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/5c8e6c86/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 7c8a413..4b39755 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -242,6 +242,7 @@ B 69176e3dd7c69901d03f6d93bb365df784f06525
 B 698227f4a2a9341e2d4de2de6a7d827f1958fd90
 B 698cd0483b99f9638ce05557e1137ffce86d4185
 B 6994a35eaf0a71dc392dcb094a6f418ef37a12f4
+B 69b2098d6e3bc83e26b614c5766b808f6d23f108
 B 6a328a5c03cf04330293221fb1bb44173afa790f
 B 6a778890e91542ce0f8b92c6bbf3c3d403fa7aaa
 B 6a77cd049fc39bfd27dfe364fc7c1970e58cc455
@@ -481,6 +482,7 @@ B d021b9041e00518099947274455b2027326a3c7c
 B d04f83cecea57d92052f3bf1f4eea7f4adfac6c6
 B d0c5c3defab6dbb9619f8fd291f2e06b685cb03c
 B d1c7f1f6be4ce14bd0e99ec9672d9c1957515f35
+B d2ee79c9371fa23ecd8e2a3a0d907c3256466f28
 B d391d9371d8505c7774308c4fbbb9bc57ffd34a6
 B d3e9295d3acfe3c970a325bbbafdba83a0d6e83c
 B d3ea067659eb3f765df0bee6ce7b4abb55f76ab5

[2/2] cxf git commit: Minor changes

2016-01-08 Thread coheigea

Minor changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/69b2098d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/69b2098d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/69b2098d

Branch: refs/heads/3.1.x-fixes
Commit: 69b2098d6e3bc83e26b614c5766b808f6d23f108
Parents: d2ee79c
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 13:44:12 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 13:44:12 2016 +

--
 .../wss4j/policyhandlers/AsymmetricBindingHandler.java   | 8 
 .../cxf/systest/sts/asymmetric/AsymmetricBindingTest.java| 2 ++
 2 files changed, 6 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/69b2098d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 564cece..d16b521 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -19,7 +19,6 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
-import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -479,13 +478,14 @@ public class AsymmetricBindingHandler extends 
AbstractBindingBuilder {
 if (!isRequestor() && securityToken != null 
 && securityToken.getX509Certificate() != null) {
 
encr.setUseThisCert(securityToken.getX509Certificate());
-} else if (!isRequestor() && securityToken != null 
+} else { /* TODO when WSS4J 2.1.5 is released else if 
(!isRequestor() && securityToken != null 
 && securityToken.getKey() instanceof PublicKey) {
 
encr.setUseThisPublicKey((PublicKey)securityToken.getKey());
-} else {
+} */
 setEncryptionUser(encr, encrToken, false, crypto);
 }
-if (!encr.isCertSet() && encr.getUseThisPublicKey() == 
null && crypto == null) {
+if (!encr.isCertSet() // TODO when WSS4J 2.1.5 is 
released&& encr.getUseThisPublicKey() == null
+&& crypto == null) {
 unassertPolicy(recToken, "Missing security 
configuration. "
 + "Make sure jaxws:client element is 
configured " 
 + "with a " + 
SecurityConstants.ENCRYPT_PROPERTIES + " value.");

http://git-wip-us.apache.org/repos/asf/cxf/blob/69b2098d/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
--
diff --git 
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
 
b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
index cb4627c..68eaec5 100644
--- 
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
+++ 
b/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
@@ -177,7 +177,9 @@ public class AsymmetricBindingTest extends 
AbstractBusClientServerTestBase {
 bus.shutdown(true);
 }
 
+// TODO enable when WSS4J 2.1.5 is released, and some stuff in the 
AsymmetricBindingHandler
 @org.junit.Test
+@org.junit.Ignore
 public void testUsernameTokenSAML2KeyValue() throws Exception {
 // TODO
 if (test.isStreaming() || STAX_PORT.equals(test.getPort())) {

[1/2] cxf git commit: Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue

2016-01-08 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 4e68076d7 -> 69b2098d6


Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d2ee79c9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d2ee79c9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d2ee79c9

Branch: refs/heads/3.1.x-fixes
Commit: d2ee79c9371fa23ecd8e2a3a0d907c3256466f28
Parents: 4e68076
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 12:14:17 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 13:38:31 2016 +

--
 .../AsymmetricBindingHandler.java   |  6 +++-
 .../IssuedTokenPolicyValidator.java |  3 ++
 .../sts/asymmetric/AsymmetricBindingTest.java   | 35 +++-
 .../cxf/systest/sts/asymmetric/DoubleIt.wsdl|  3 ++
 .../cxf/systest/sts/asymmetric/cxf-client.xml   | 30 +
 .../cxf/systest/sts/asymmetric/cxf-service.xml  |  7 
 .../systest/sts/asymmetric/cxf-stax-service.xml |  8 +
 7 files changed, 90 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d2ee79c9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
index 2508447..564cece 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
+import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -478,10 +479,13 @@ public class AsymmetricBindingHandler extends 
AbstractBindingBuilder {
 if (!isRequestor() && securityToken != null 
 && securityToken.getX509Certificate() != null) {
 
encr.setUseThisCert(securityToken.getX509Certificate());
+} else if (!isRequestor() && securityToken != null 
+&& securityToken.getKey() instanceof PublicKey) {
+
encr.setUseThisPublicKey((PublicKey)securityToken.getKey());
 } else {
 setEncryptionUser(encr, encrToken, false, crypto);
 }
-if (!encr.isCertSet() && crypto == null) {
+if (!encr.isCertSet() && encr.getUseThisPublicKey() == 
null && crypto == null) {
 unassertPolicy(recToken, "Missing security 
configuration. "
 + "Make sure jaxws:client element is 
configured " 
 + "with a " + 
SecurityConstants.ENCRYPT_PROPERTIES + " value.");

http://git-wip-us.apache.org/repos/asf/cxf/blob/d2ee79c9/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
index 73f3f29..c2c21f2 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
@@ -270,6 +270,9 @@ public class IssuedTokenPolicyValidator extends 
AbstractSamlPolicyValidator {
 if (certs != null && certs.length > 0) {
 token.setX509Certificate(certs[0], null);
 }
+if (subjectKeyInfo.getPublicKey() != null) {
+token.setKey(subjectKeyInfo.getPublicKey());
+}
 }
 if (assertionWrapper.getSaml1() != null) {
 token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);

http://git-wip-us.apache.org/repos/asf/cxf/blob/d2ee79c9/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java
--
diff --git 
a/services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/asymmetric/AsymmetricBindingTest.java

[2/2] cxf git commit: Fixing merge

2016-01-08 Thread coheigea

Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6cdfe4ba
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6cdfe4ba
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6cdfe4ba

Branch: refs/heads/3.0.x-fixes
Commit: 6cdfe4babfd9f8bd066f8d39ed0049001ac2fd0d
Parents: 99276ba
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 16:53:42 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 16:53:42 2016 +

--
 .../https/httpclient/PublicSuffixListParser.java  | 10 +-
 .../https/httpclient/DefaultHostnameVerifierTest.java |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/6cdfe4ba/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/PublicSuffixListParser.java
--
diff --git 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/PublicSuffixListParser.java
 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/PublicSuffixListParser.java
index 5c4df13..2e1c124 100644
--- 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/PublicSuffixListParser.java
+++ 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/PublicSuffixListParser.java
@@ -52,8 +52,8 @@ public final class PublicSuffixListParser {
  * @throws java.io.IOException on error while reading from list
  */
 public PublicSuffixList parse(final Reader reader) throws IOException {
-final List rules = new ArrayList<>();
-final List exceptions = new ArrayList<>();
+final List rules = new ArrayList();
+final List exceptions = new ArrayList();
 final BufferedReader r = new BufferedReader(reader);
 
 String line;
@@ -94,7 +94,7 @@ public final class PublicSuffixListParser {
  * @since 4.5
  */
 public List parseByType(final Reader reader) throws 
IOException {
-final List result = new ArrayList<>(2);
+final List result = new 
ArrayList(2);
 
 final BufferedReader r = new BufferedReader(reader);
 
@@ -142,12 +142,12 @@ public final class PublicSuffixListParser {
 
 if (isException) {
 if (exceptions == null) {
-exceptions = new ArrayList<>();
+exceptions = new ArrayList();
 }
 exceptions.add(line);
 } else {
 if (rules == null) {
-rules = new ArrayList<>();
+rules = new ArrayList();
 }
 rules.add(line);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/6cdfe4ba/rt/transports/http/src/test/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifierTest.java
--
diff --git 
a/rt/transports/http/src/test/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifierTest.java
 
b/rt/transports/http/src/test/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifierTest.java
index 3ec14d1..b16dbfa 100644
--- 
a/rt/transports/http/src/test/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifierTest.java
+++ 
b/rt/transports/http/src/test/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifierTest.java
@@ -50,7 +50,7 @@ public class DefaultHostnameVerifierTest {
 private DefaultHostnameVerifier implWithPublicSuffixCheck;
 
 @Before
-public void setup() {
+public void setUp() {
 impl = new DefaultHostnameVerifier();
 publicSuffixMatcher = new PublicSuffixMatcher(DomainType.ICANN, 
Arrays.asList("com", "co.jp", "gov.uk"), null);
 implWithPublicSuffixCheck = new 
DefaultHostnameVerifier(publicSuffixMatcher);

[1/2] cxf git commit: Updating HostnameVerifier as per recent changes in httpclient

2016-01-08 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 5c8e6c86e -> 6cdfe4bab


Updating HostnameVerifier as per recent changes in httpclient


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/99276baf
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/99276baf
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/99276baf

Branch: refs/heads/3.0.x-fixes
Commit: 99276baf0a2e6f8aaa08586d21ed905c5cce574e
Parents: 5c8e6c8
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 16:48:43 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 16:50:15 2016 +

--
 .../httpclient/DefaultHostnameVerifier.java |  71 ++---
 .../transport/https/httpclient/DomainType.java  |  37 +++
 .../https/httpclient/PublicSuffixList.java  |  11 +-
 .../httpclient/PublicSuffixListParser.java  | 105 ++-
 .../https/httpclient/PublicSuffixMatcher.java   |  99 ++---
 .../httpclient/DefaultHostnameVerifierTest.java |  14 ++-
 6 files changed, 254 insertions(+), 83 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/99276baf/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
--
diff --git 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
index 8fb067f..5d3287c 100644
--- 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
+++ 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
@@ -58,6 +58,8 @@ import org.apache.cxf.common.logging.LogUtils;
  */
 public final class DefaultHostnameVerifier implements HostnameVerifier {
 
+enum TYPE { IPv4, IPv6, DNS };
+
 static final int DNS_NAME_TYPE = 2;
 static final int IP_ADDRESS_TYPE = 7;
 
@@ -90,16 +92,29 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 
 public void verify(
 final String host, final X509Certificate cert) throws SSLException 
{
-final boolean ipv4 = InetAddressUtils.isIPv4Address(host);
-final boolean ipv6 = InetAddressUtils.isIPv6Address(host);
-final int subjectType = ipv4 || ipv6 ? IP_ADDRESS_TYPE : DNS_NAME_TYPE;
+TYPE hostFormat = TYPE.DNS;
+if (InetAddressUtils.isIPv4Address(host)) {
+hostFormat = TYPE.IPv4;
+} else {
+String s = host;
+if (s.startsWith("[") && s.endsWith("]")) {
+s = host.substring(1, host.length() - 1);
+}
+if (InetAddressUtils.isIPv6Address(s)) {
+hostFormat = TYPE.IPv6;
+}
+}
+final int subjectType = hostFormat == TYPE.IPv4 || hostFormat == 
TYPE.IPv6 ? IP_ADDRESS_TYPE : DNS_NAME_TYPE;
 final List subjectAlts = extractSubjectAlts(cert, subjectType);
 if (subjectAlts != null && !subjectAlts.isEmpty()) {
-if (ipv4) {
+switch (hostFormat) {
+case IPv4:
 matchIPAddress(host, subjectAlts);
-} else if (ipv6) {
+break;
+case IPv6:
 matchIPv6Address(host, subjectAlts);
-} else {
+break;
+default:
 matchDNSName(host, subjectAlts, this.publicSuffixMatcher);
 }
 } else {
@@ -108,7 +123,7 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 final X500Principal subjectPrincipal = 
cert.getSubjectX500Principal();
 final String cn = 
extractCN(subjectPrincipal.getName(X500Principal.RFC2253));
 if (cn == null) {
-throw new SSLException("Certificate subject for <" + host + "> 
doesn't contain " 
+throw new SSLException("Certificate subject for <" + host + "> 
doesn't contain "
 + "a common name and does not have alternative names");
 }
 matchCN(host, cn, this.publicSuffixMatcher);
@@ -160,35 +175,23 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 + "common name of the certificate subject: " + cn);
 }
 }
+
+static boolean matchDomainRoot(final String host, final String domainRoot) 
{
+if (domainRoot == null) {
+return false;
+}
+return host.endsWith(domainRoot) && (host.length() == 
domainRoot.length()
+|| host.charAt(host.length() - domainRoot.length() - 1) == 
'.');
+}

cxf git commit: Updating HostnameVerifier as per recent changes in httpclient

2016-01-08 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 69b2098d6 -> 785994070


Updating HostnameVerifier as per recent changes in httpclient


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/78599407
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/78599407
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/78599407

Branch: refs/heads/3.1.x-fixes
Commit: 7859940700f57e2624eafacbe6218a0053d34c78
Parents: 69b2098
Author: Colm O hEigeartaigh 
Authored: Fri Jan 8 16:48:43 2016 +
Committer: Colm O hEigeartaigh 
Committed: Fri Jan 8 16:49:22 2016 +

--
 .../httpclient/DefaultHostnameVerifier.java |  71 ++---
 .../transport/https/httpclient/DomainType.java  |  37 +++
 .../https/httpclient/PublicSuffixList.java  |  11 +-
 .../httpclient/PublicSuffixListParser.java  | 105 ++-
 .../https/httpclient/PublicSuffixMatcher.java   |  99 ++---
 .../httpclient/DefaultHostnameVerifierTest.java |  14 ++-
 6 files changed, 254 insertions(+), 83 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/78599407/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
--
diff --git 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
index 8fb067f..5d3287c 100644
--- 
a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
+++ 
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java
@@ -58,6 +58,8 @@ import org.apache.cxf.common.logging.LogUtils;
  */
 public final class DefaultHostnameVerifier implements HostnameVerifier {
 
+enum TYPE { IPv4, IPv6, DNS };
+
 static final int DNS_NAME_TYPE = 2;
 static final int IP_ADDRESS_TYPE = 7;
 
@@ -90,16 +92,29 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 
 public void verify(
 final String host, final X509Certificate cert) throws SSLException 
{
-final boolean ipv4 = InetAddressUtils.isIPv4Address(host);
-final boolean ipv6 = InetAddressUtils.isIPv6Address(host);
-final int subjectType = ipv4 || ipv6 ? IP_ADDRESS_TYPE : DNS_NAME_TYPE;
+TYPE hostFormat = TYPE.DNS;
+if (InetAddressUtils.isIPv4Address(host)) {
+hostFormat = TYPE.IPv4;
+} else {
+String s = host;
+if (s.startsWith("[") && s.endsWith("]")) {
+s = host.substring(1, host.length() - 1);
+}
+if (InetAddressUtils.isIPv6Address(s)) {
+hostFormat = TYPE.IPv6;
+}
+}
+final int subjectType = hostFormat == TYPE.IPv4 || hostFormat == 
TYPE.IPv6 ? IP_ADDRESS_TYPE : DNS_NAME_TYPE;
 final List subjectAlts = extractSubjectAlts(cert, subjectType);
 if (subjectAlts != null && !subjectAlts.isEmpty()) {
-if (ipv4) {
+switch (hostFormat) {
+case IPv4:
 matchIPAddress(host, subjectAlts);
-} else if (ipv6) {
+break;
+case IPv6:
 matchIPv6Address(host, subjectAlts);
-} else {
+break;
+default:
 matchDNSName(host, subjectAlts, this.publicSuffixMatcher);
 }
 } else {
@@ -108,7 +123,7 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 final X500Principal subjectPrincipal = 
cert.getSubjectX500Principal();
 final String cn = 
extractCN(subjectPrincipal.getName(X500Principal.RFC2253));
 if (cn == null) {
-throw new SSLException("Certificate subject for <" + host + "> 
doesn't contain " 
+throw new SSLException("Certificate subject for <" + host + "> 
doesn't contain "
 + "a common name and does not have alternative names");
 }
 matchCN(host, cn, this.publicSuffixMatcher);
@@ -160,35 +175,23 @@ public final class DefaultHostnameVerifier implements 
HostnameVerifier {
 + "common name of the certificate subject: " + cn);
 }
 }
+
+static boolean matchDomainRoot(final String host, final String domainRoot) 
{
+if (domainRoot == null) {
+return false;
+}
+return host.endsWith(domainRoot) && (host.length() == 
domainRoot.length()
+|| host.charAt(host.length() - domainRoot.length() - 1) == 
'.');
+}

cxf git commit: Recording .gitmergeinfo Changes

buildbot success in ASF Buildbot on cxf-site-production

buildbot failure in ASF Buildbot on cxf-site-production

cxf git commit: [CXF-6739] Refactor to reduce memory pressure in org.apache.cxf.attachment.AttachmentDeserializer: * reset and reuse the same StringBuilder for fetching each line from the message inpu

cxf git commit: Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue

cxf git commit: Recording .gitmergeinfo Changes

[2/2] cxf git commit: Minor changes

[1/2] cxf git commit: Support referencing a SAML PublicKey with the Asymmetric Binding + KeyValue

[2/2] cxf git commit: Fixing merge

[1/2] cxf git commit: Updating HostnameVerifier as per recent changes in httpclient

cxf git commit: Updating HostnameVerifier as per recent changes in httpclient

11 matches

Site Navigation

Mail list logo

Footer information