Re: cvs commit:jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/netJSSESocketFactory.java

Thu, 19 Sep 2002 10:22:29 -0700 

Humm...  When I set SSL connector with  clientAuth="true", Tomcat 5
gives me this,

    Handshake failed javax.net.ssl.SSLHandshakeException:
javax.net.ssl.SSLProtocolException: handshake alert:  no_certificate



On Thu, 2002-09-19 at 01:09, [EMAIL PROTECTED] wrote:
> billbarker    2002/09/18 22:09:28
> 
>   Modified:    util/java/org/apache/tomcat/util/net JSSESocketFactory.java
>   Log:
>   Fix problem with JSSE not honoring "clientauth".
>   
>   Now there should be now reason for anyone to believe that CertificatesValve should 
>be used ever with the CoyoteConnector. :-)
>   
>   Revision  Changes    Path
>   1.3       +16 -2     
>jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java
>   
>   Index: JSSESocketFactory.java
>   ===================================================================
>   RCS file: 
>/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java,v
>   retrieving revision 1.2
>   retrieving revision 1.3
>   diff -u -r1.2 -r1.3
>   --- JSSESocketFactory.java  18 Sep 2002 15:10:04 -0000      1.2
>   +++ JSSESocketFactory.java  19 Sep 2002 05:09:28 -0000      1.3
>   @@ -161,7 +161,18 @@
>    
>           //determine whether we want client authentication
>           // the presence of the attribute enables client auth
>   -       clientAuth = null != (String)attributes.get("clientauth");
>   +       String clientAuthStr=(String)attributes.get("clientauth");
>   +       if(clientAuthStr != null){
>   +           if(clientAuthStr.equals("true")){
>   +               clientAuth=true;
>   +           } else if(clientAuthStr.equals("false")) {
>   +               clientAuth=false;
>   +           } else {
>   +               throw new IOException("Invalid value '" +
>   +                                     clientAuthStr + 
>   +                                     "' for 'clientauth' parameter:");
>   +           }
>   +       }
>    
>           String keyPass=(String)attributes.get("keypass");
>           if( keyPass==null) keyPass=defaultKeyPass;
>   @@ -224,11 +235,14 @@
>        public Socket acceptSocket(ServerSocket socket)
>       throws IOException
>        {
>   +   SSLSocket asock = null;
>       try {
>   -       return socket.accept();
>   +        asock = (SSLSocket)socket.accept();
>   +        asock.setNeedClientAuth(clientAuth);
>       } catch (SSLException e){
>         throw new SocketException("SSL handshake error" + e.toString());
>       }
>   +   return asock;
>        }
>         
>        /** Set server socket properties ( accepted cipher suites, etc)
>   
>   
>   
> 
> --
> To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to