cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
billbarker2005/04/07 19:49:50 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Add support for using Smart Cards as trust/keyStore. Revision ChangesPath 1.18 +8 -8 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- JSSESocketFactory.java29 Aug 2004 17:14:42 - 1.17 +++ JSSESocketFactory.java8 Apr 2005 02:49:50 - 1.18 @@ -270,22 +270,22 @@ InputStream istream = null; try { ks = KeyStore.getInstance(type); -File keyStoreFile = new File(path); -if (!keyStoreFile.isAbsolute()) { -keyStoreFile = new File(System.getProperty(catalina.base), -path); +if(! PKCS11.equalsIgnoreCase(type) ) { +File keyStoreFile = new File(path); +if (!keyStoreFile.isAbsolute()) { +keyStoreFile = new File(System.getProperty(catalina.base), +path); +} +istream = new FileInputStream(keyStoreFile); } -istream = new FileInputStream(keyStoreFile); ks.load(istream, pass.toCharArray()); -istream.close(); -istream = null; } catch (FileNotFoundException fnfe) { throw fnfe; } catch (IOException ioe) { throw ioe; } catch(Exception ex) { -ex.printStackTrace(); +log.error(Exception trying to load keystore +path,ex); throw new IOException(Exception trying to load keystore + path + : + ex.getMessage() ); } finally { - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
luehe 2004/02/18 14:42:22 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Fixed Bugzilla 27050 (keystoreFile parameter, when specified as relative, is not treated relative to $CATALINA_BASE or catalina.base property) Revision ChangesPath 1.14 +8 -1 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- JSSESocketFactory.java24 Jan 2004 04:56:32 - 1.13 +++ JSSESocketFactory.java18 Feb 2004 22:42:22 - 1.14 @@ -58,6 +58,7 @@ */ package org.apache.tomcat.util.net.jsse; +import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; @@ -309,7 +310,13 @@ InputStream istream = null; try { ks = KeyStore.getInstance(type); -istream = new FileInputStream(path); +File keyStoreFile = new File(path); +if (!keyStoreFile.isAbsolute()) { +keyStoreFile = new File(System.getProperty(catalina.base), +path); +} +istream = new FileInputStream(keyStoreFile); + ks.load(istream, pass.toCharArray()); istream.close(); istream = null; - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
billbarker2003/12/17 21:19:47 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Adding a 'truststoreType' attribute, and making the trustStorePassword default to the keystorePass. Sort of fix for bug #25603. Revision ChangesPath 1.12 +19 -1 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- JSSESocketFactory.java6 Oct 2003 00:08:19 - 1.11 +++ JSSESocketFactory.java18 Dec 2003 05:19:47 - 1.12 @@ -102,6 +102,8 @@ private static final String defaultKeystoreFile = System.getProperty(user.home) + /.keystore; private static final String defaultKeyPass = changeit; +static org.apache.commons.logging.Log log = +org.apache.commons.logging.LogFactory.getLog(JSSESocketFactory.class); protected boolean initialized; protected boolean clientAuth = false; @@ -269,12 +271,28 @@ if(trustStoreFile == null) { trustStoreFile = System.getProperty(javax.net.ssl.trustStore); } +if(log.isDebugEnabled()) { +log.debug(Truststore = + trustStoreFile); +} String trustStorePassword = (String)attributes.get(truststorePass); if( trustStorePassword == null) { trustStorePassword = System.getProperty(javax.net.ssl.trustStorePassword); } +if( trustStorePassword == null ) { +trustStorePassword = getKeystorePassword(); +} +if(log.isDebugEnabled()) { +log.debug(TrustPass = + trustStorePassword); +} +String truststoreType = (String)attributes.get(truststoreType); +if(truststoreType == null) { +truststoreType = keystoreType; +} +if(log.isDebugEnabled()) { +log.debug(trustType = + truststoreType); +} if (trustStoreFile != null trustStorePassword != null){ -trustStore = getStore(keystoreType, trustStoreFile, +trustStore = getStore(truststoreType, trustStoreFile, trustStorePassword); } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
billbarker2003/10/05 16:43:47 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Make the TrustStore a configurable option (so different Hosts can have different TrustStores). Revision ChangesPath 1.10 +8 -3 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- JSSESocketFactory.java2 Sep 2003 21:34:38 - 1.9 +++ JSSESocketFactory.java5 Oct 2003 23:43:47 - 1.10 @@ -265,9 +265,14 @@ protected KeyStore getTrustStore(String keystoreType) throws IOException { KeyStore trustStore = null; -String trustStoreFile = System.getProperty(javax.net.ssl.trustStore); -String trustStorePassword = -System.getProperty(javax.net.ssl.trustStorePassword); +String trustStoreFile = (String)attributes.get(truststoreFile); + if(trustStoreFile == null) { + trustStoreFile = System.getProperty(javax.net.ssl.trustStore); + } +String trustStorePassword = (String)attributes.get(truststorePass); + if( trustStorePassword == null) { +trustStorePassword = System.getProperty(javax.net.ssl.trustStorePassword); + } if (trustStoreFile != null trustStorePassword != null){ trustStore = getStore(keystoreType, trustStoreFile, trustStorePassword); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
billbarker2003/10/05 17:08:19 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Attempting to escape the dreaded tab-police. This just hasn't been my day. Apologies for all of the bad commits. Revision ChangesPath 1.11 +5 -5 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- JSSESocketFactory.java5 Oct 2003 23:43:47 - 1.10 +++ JSSESocketFactory.java6 Oct 2003 00:08:19 - 1.11 @@ -266,13 +266,13 @@ KeyStore trustStore = null; String trustStoreFile = (String)attributes.get(truststoreFile); - if(trustStoreFile == null) { - trustStoreFile = System.getProperty(javax.net.ssl.trustStore); - } +if(trustStoreFile == null) { +trustStoreFile = System.getProperty(javax.net.ssl.trustStore); +} String trustStorePassword = (String)attributes.get(truststorePass); - if( trustStorePassword == null) { +if( trustStorePassword == null) { trustStorePassword = System.getProperty(javax.net.ssl.trustStorePassword); - } +} if (trustStoreFile != null trustStorePassword != null){ trustStore = getStore(keystoreType, trustStoreFile, trustStorePassword); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java
luehe 2003/08/25 11:38:52 Modified:util/java/org/apache/tomcat/util/net/jsse JSSESocketFactory.java Log: Also consider last element in comma-separated list of ciphers, or the case where the list contains a single element and no commas Revision ChangesPath 1.8 +44 -19 jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Index: JSSESocketFactory.java === RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- JSSESocketFactory.java13 Aug 2003 05:32:53 - 1.7 +++ JSSESocketFactory.java25 Aug 2003 18:38:52 - 1.8 @@ -172,28 +172,53 @@ if (requestedCiphers != null) { Vector vec = null; -int fromIndex = 0; -int index = requestedCiphers.indexOf(',', fromIndex); -while (index != -1) { -String cipher -= requestedCiphers.substring(fromIndex, index).trim(); -/* - * Check to see if the requested cipher is among the supported - * ciphers, i.e., may be enabled - */ -for (int i=0; supportedCiphers != null - isupportedCiphers.length; i++) { -if (supportedCiphers[i].equals(cipher)) { -if (vec == null) { -vec = new Vector(); +String cipher = requestedCiphers; +int index = requestedCiphers.indexOf(','); +if (index != -1) { +int fromIndex = 0; +while (index != -1) { +cipher = requestedCiphers.substring(fromIndex, index).trim(); +if (cipher.length() 0) { +/* + * Check to see if the requested cipher is among the + * supported ciphers, i.e., may be enabled + */ +for (int i=0; supportedCiphers != null + isupportedCiphers.length; i++) { +if (supportedCiphers[i].equals(cipher)) { +if (vec == null) { +vec = new Vector(); +} +vec.addElement(cipher); +break; +} } -vec.addElement(cipher); -break; } -} -fromIndex = index+1; -index = requestedCiphers.indexOf(',', fromIndex); +fromIndex = index+1; +index = requestedCiphers.indexOf(',', fromIndex); +} // while +cipher = requestedCiphers.substring(fromIndex); } + +if (cipher != null) { +cipher = cipher.trim(); +if (cipher.length() 0) { +/* + * Check to see if the requested cipher is among the + * supported ciphers, i.e., may be enabled + */ +for (int i=0; supportedCiphers != null + isupportedCiphers.length; i++) { +if (supportedCiphers[i].equals(cipher)) { +if (vec == null) { +vec = new Vector(); +} +vec.addElement(cipher); +break; +} +} +} +} if (vec != null) { enabledCiphers = new String[vec.size()]; - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]