cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:27:59 Modified:jni/native/src sslinfo.c Log: Release X509 certificate to supress the mem leak. Revision ChangesPath 1.14 +2 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- sslinfo.c 1 Aug 2005 07:23:09 - 1.13 +++ sslinfo.c 1 Aug 2005 07:27:59 - 1.14 @@ -544,6 +544,7 @@ rv = APR_EINVAL; break; } + X509_free(xs); } } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:23:10
Modified:jni/java/org/apache/tomcat/jni SSL.java
jni/native/include ssl_private.h
jni/native/src sslinfo.c
Log:
Implement SSL_INFO_CLIENT_V_REMAIN cert info flag and call.
Revision ChangesPath
1.23 +2 -1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
Index: SSL.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- SSL.java 12 Jul 2005 14:56:09 - 1.22
+++ SSL.java 1 Aug 2005 07:23:09 - 1.23
@@ -195,6 +195,7 @@
public static final int SSL_INFO_CLIENT_A_SIG = 0x0105;
public static final int SSL_INFO_CLIENT_A_KEY = 0x0106;
public static final int SSL_INFO_CLIENT_CERT = 0x0107;
+public static final int SSL_INFO_CLIENT_V_REMAIN = 0x0108;
public static final int SSL_INFO_SERVER_M_VERSION = 0x0201;
public static final int SSL_INFO_SERVER_M_SERIAL = 0x0202;
1.35 +2 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- ssl_private.h 12 Jul 2005 14:56:10 - 1.34
+++ ssl_private.h 1 Aug 2005 07:23:09 - 1.35
@@ -178,6 +178,7 @@
#define SSL_INFO_CLIENT_A_SIG (0x0105)
#define SSL_INFO_CLIENT_A_KEY (0x0106)
#define SSL_INFO_CLIENT_CERT(0x0107)
+#define SSL_INFO_CLIENT_V_REMAIN(0x0108)
#define SSL_INFO_SERVER_MASK(0x0200)
1.13 +19 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- sslinfo.c 1 Aug 2005 07:12:55 - 1.12
+++ sslinfo.c 1 Aug 2005 07:23:09 - 1.13
@@ -498,6 +498,7 @@
{
tcn_socket_t *a = J2P(sock, tcn_socket_t *);
tcn_ssl_conn_t *s;
+apr_status_t rv = APR_SUCCESS;
jint value = -1;
UNREFERENCED(o);
@@ -528,10 +529,26 @@
}
break;
default:
-tcn_ThrowAPRException(e, APR_EINVAL);
+rv = APR_EINVAL;
break;
}
+if (what & SSL_INFO_CLIENT_MASK) {
+X509 *xs;
+if ((xs = SSL_get_peer_certificate(s->ssl)) != NULL) {
+switch (what) {
+case SSL_INFO_CLIENT_V_REMAIN:
+value = get_days_remaining(X509_get_notAfter(xs));
+rv = APR_SUCCESS;
+break;
+default:
+rv = APR_EINVAL;
+break;
+ }
+}
+}
+if (rv != APR_SUCCESS)
+tcn_ThrowAPRException(e, rv);
return value;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:12:55
Modified:jni/native/src sslinfo.c
Log:
Remove unused value declaration.
Revision ChangesPath
1.12 +1 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- sslinfo.c 12 Jul 2005 14:56:11 - 1.11
+++ sslinfo.c 1 Aug 2005 07:12:55 - 1.12
@@ -523,7 +523,6 @@
break;
case SSL_INFO_CLIENT_CERT_CHAIN:
{
-X509 *xs;
STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl);
value = sk_X509_num(sk);
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:58:49
Modified:jni/native/src sslinfo.c
Log:
Get int param for obtaining the number of certificates in the chain,
so that we don't rely on the first exception for getting the certificate.
Revision ChangesPath
1.10 +8 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sslinfo.c 12 Jul 2005 13:43:59 - 1.9
+++ sslinfo.c 12 Jul 2005 13:58:49 - 1.10
@@ -521,6 +521,13 @@
}
}
break;
+case SSL_INFO_CLIENT_CERT_CHAIN:
+{
+X509 *xs;
+STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl);
+value = sk_X509_num(sk);
+}
+break;
default:
tcn_ThrowAPRException(e, APR_EINVAL);
break;
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:43:59
Modified:jni/native/src sslinfo.c
Log:
Throw the exception if rv != APR_SUCCESS
Revision ChangesPath
1.9 +1 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- sslinfo.c 12 Jul 2005 13:38:38 - 1.8
+++ sslinfo.c 12 Jul 2005 13:43:59 - 1.9
@@ -223,7 +223,7 @@
}
break;
default:
-tcn_ThrowAPRException(e, APR_EINVAL);
+rv = APR_EINVAL;
break;
}
if (what & SSL_INFO_CLIENT_MASK) {
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:38:38 Modified:jni/native/src sslinfo.c Log: Set the rv to APR_SUCCESS if the CERT_CHAIN is valid Revision ChangesPath 1.8 +2 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- sslinfo.c 12 Jul 2005 13:28:57 - 1.7 +++ sslinfo.c 12 Jul 2005 13:38:38 - 1.8 @@ -485,6 +485,7 @@ free(result); } } +rv = APR_SUCCESS; } if (rv != APR_SUCCESS) tcn_ThrowAPRException(e, rv); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:28:57
Modified:jni/native/src sslinfo.c
Log:
Socket used is abstract socket not the SSL opaque.
Revision ChangesPath
1.7 +11 -4 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- sslinfo.c 8 Jul 2005 07:49:56 - 1.6
+++ sslinfo.c 12 Jul 2005 13:28:57 - 1.7
@@ -203,13 +203,15 @@
TCN_IMPLEMENT_CALL(jobject, SSLSocket, getInfoB)(TCN_STDARGS, jlong sock,
jint what)
{
-tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
+tcn_socket_t *a = J2P(sock, tcn_socket_t *);
+tcn_ssl_conn_t *s;
jbyteArray array = NULL;
apr_status_t rv = APR_SUCCESS;
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
+s = (tcn_ssl_conn_t *)(a->opaque);
switch (what) {
case SSL_INFO_SESSION_ID:
{
@@ -281,13 +283,15 @@
TCN_IMPLEMENT_CALL(jstring, SSLSocket, getInfoS)(TCN_STDARGS, jlong sock,
jint what)
{
-tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
+tcn_socket_t *a = J2P(sock, tcn_socket_t *);
+tcn_ssl_conn_t *s;
jstring value = NULL;
apr_status_t rv = APR_SUCCESS;
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
+s = (tcn_ssl_conn_t *)(a->opaque);
switch (what) {
case SSL_INFO_SESSION_ID:
{
@@ -491,12 +495,15 @@
TCN_IMPLEMENT_CALL(jint, SSLSocket, getInfoI)(TCN_STDARGS, jlong sock,
jint what)
{
-tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
+tcn_socket_t *a = J2P(sock, tcn_socket_t *);
+tcn_ssl_conn_t *s;
jint value = -1;
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
+s = (tcn_ssl_conn_t *)(a->opaque);
+
switch (what) {
case SSL_INFO_CIPHER_USEKEYSIZE:
case SSL_INFO_CIPHER_ALGKEYSIZE:
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
Please send all future mails at [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/08 00:49:56
Modified:jni/native/src sslinfo.c
Log:
Add param infos in ASN1 format for server and client certificates.
Revision ChangesPath
1.6 +78 -8 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- sslinfo.c 8 Jul 2005 07:19:10 - 1.5
+++ sslinfo.c 8 Jul 2005 07:49:56 - 1.6
@@ -95,21 +95,40 @@
static char *get_cert_PEM(X509 *xs)
{
-char *result;
+char *result = NULL;
BIO *bio;
-int n;
if ((bio = BIO_new(BIO_s_mem())) == NULL)
return NULL;
-PEM_write_bio_X509(bio, xs);
-n = BIO_pending(bio);
-result = malloc(n+1);
-n = BIO_read(bio, result, n);
-result[n] = '\0';
+if (PEM_write_bio_X509(bio, xs)) {
+int n = BIO_pending(bio);
+result = malloc(n+1);
+n = BIO_read(bio, result, n);
+result[n] = '\0';
+}
+BIO_free(bio);
+return result;
+}
+
+static unsigned char *get_cert_ASN1(X509 *xs, int *len)
+{
+char *result = NULL;
+BIO *bio;
+
+*len = 0;
+if ((bio = BIO_new(BIO_s_mem())) == NULL)
+return NULL;
+if (i2d_X509_bio(bio, xs)) {
+int n = BIO_pending(bio);
+result = malloc(n);
+n = BIO_read(bio, result, n);
+*len = n;
+}
BIO_free(bio);
return result;
}
+
static char *get_cert_serial(X509 *xs)
{
char *result;
@@ -186,6 +205,7 @@
{
tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
jbyteArray array = NULL;
+apr_status_t rv = APR_SUCCESS;
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
@@ -204,6 +224,56 @@
tcn_ThrowAPRException(e, APR_EINVAL);
break;
}
+if (what & SSL_INFO_CLIENT_MASK) {
+X509 *xs;
+unsigned char *result;
+int len;
+if ((xs = SSL_get_peer_certificate(s->ssl)) != NULL) {
+switch (what) {
+case SSL_INFO_CLIENT_CERT:
+if ((result = get_cert_ASN1(xs, &len))) {
+array = tcn_new_arrayb(e, result, len);
+free(result);
+}
+break;
+}
+X509_free(xs);
+}
+rv = APR_SUCCESS;
+}
+else if (what & SSL_INFO_SERVER_MASK) {
+X509 *xs;
+unsigned char *result;
+int len;
+if ((xs = SSL_get_certificate(s->ssl)) != NULL) {
+switch (what) {
+case SSL_INFO_SERVER_CERT:
+if ((result = get_cert_ASN1(xs, &len))) {
+array = tcn_new_arrayb(e, result, len);
+free(result);
+}
+break;
+}
+/* XXX: No need to call the X509_free(xs); */
+}
+rv = APR_SUCCESS;
+}
+else if (what & SSL_INFO_CLIENT_CERT_CHAIN) {
+X509 *xs;
+unsigned char *result;
+STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl);
+int len, n = what & 0x0F;
+if (n < sk_X509_num(sk)) {
+xs = sk_X509_value(sk, n);
+if ((result = get_cert_ASN1(xs, &len))) {
+array = tcn_new_arrayb(e, result, len);
+free(result);
+}
+}
+rv = APR_SUCCESS;
+}
+if (rv != APR_SUCCESS)
+tcn_ThrowAPRException(e, rv);
return array;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
Please send all future mails at [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/08 00:19:10
Modified:jni/java/org/apache/tomcat/jni SSL.java
jni/native/include ssl_private.h
jni/native/src sslinfo.c
Log:
Add SSL_INFO_CLIENT_CERT_CHAIN param getter.
Right now the majority of info's are returned in PEM format,
meaning with :
---BEGIN XXX
---END XXX ---
We have to see how to return the actual data in byte array if desired.
Revision ChangesPath
1.21 +5 -2
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
Index: SSL.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- SSL.java 17 Jun 2005 09:41:30 - 1.20
+++ SSL.java 8 Jul 2005 07:19:10 - 1.21
@@ -203,7 +203,10 @@
public static final int SSL_INFO_SERVER_A_SIG = 0x0205;
public static final int SSL_INFO_SERVER_A_KEY = 0x0206;
public static final int SSL_INFO_SERVER_CERT = 0x0207;
-
+/* Return client certificate chain.
+ * Add certificate chain number to that flag (0 ... verify depth)
+ */
+public static final int SSL_INFO_CLIENT_CERT_CHAIN = 0x0400;
/* Return OpenSSL version number */
public static native int version();
1.33 +2 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- ssl_private.h 7 Jul 2005 08:10:08 - 1.32
+++ ssl_private.h 8 Jul 2005 07:19:10 - 1.33
@@ -188,6 +188,7 @@
#define SSL_INFO_SERVER_A_SIG (0x0205)
#define SSL_INFO_SERVER_A_KEY (0x0206)
#define SSL_INFO_SERVER_CERT(0x0207)
+#define SSL_INFO_CLIENT_CERT_CHAIN (0x0400)
#define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
1.5 +15 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sslinfo.c 17 Jun 2005 09:41:30 - 1.4
+++ sslinfo.c 8 Jul 2005 07:19:10 - 1.5
@@ -105,7 +105,7 @@
n = BIO_pending(bio);
result = malloc(n+1);
n = BIO_read(bio, result, n);
-result[n] = '\n';
+result[n] = '\0';
BIO_free(bio);
return result;
}
@@ -399,6 +399,19 @@
}
rv = APR_SUCCESS;
}
+else if (what & SSL_INFO_CLIENT_CERT_CHAIN) {
+X509 *xs;
+char *result;
+STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl);
+int n = what & 0x0F;
+if (n < sk_X509_num(sk)) {
+xs = sk_X509_value(sk, n);
+if ((result = get_cert_PEM(xs))) {
+value = tcn_new_string(e, result);
+free(result);
+}
+}
+}
if (rv != APR_SUCCESS)
tcn_ThrowAPRException(e, rv);
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/06/15 05:08:02
Modified:jni/java/org/apache/tomcat/jni SSL.java SSLSocket.java
jni/native/include ssl_private.h
jni/native/src sslinfo.c
Log:
Update sslinfo to use the indexed approach to the params instead
a name based. This way we'll keep the lower number of native functions.
Revision ChangesPath
1.19 +7 -2
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
Index: SSL.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- SSL.java 12 Jun 2005 07:33:08 - 1.18
+++ SSL.java 15 Jun 2005 12:08:02 - 1.19
@@ -158,6 +158,11 @@
public static final int SSL_SHUTDOWN_TYPE_UNCLEAN = 2;
public static final int SSL_SHUTDOWN_TYPE_ACCURATE = 3;
+public static final int SSL_INFO_SESSION_ID = 1;
+public static final int SSL_INFO_CIPHER = 2;
+public static final int SSL_INFO_CIPHER_USEKEYSIZE = 3;
+public static final int SSL_INFO_CIPHER_ALGKEYSIZE = 4;
+
/* Return OpenSSL version number */
public static native int version();
@@ -261,7 +266,7 @@
* @param file File contatining DH params.
*/
public static native boolean loadDSATempKey(int idx, String file);
-
+
/**
* Return last SSL error string
*/
1.12 +27 -4
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
Index: SSLSocket.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- SSLSocket.java14 Jun 2005 20:59:33 - 1.11
+++ SSLSocket.java15 Jun 2005 12:08:02 - 1.12
@@ -234,10 +234,33 @@
int offset, int nbytes, long timeout);
/**
- * Retrun SSL SESSION id.
+ * Retrun SSL Info parameter as byte array.
*
* @param sock The socket to read the data from.
- * @return Byte array containing session id.
+ * @param id Parameter id.
+ * @return Byte array containing info id value.
*/
-public static native byte[] getSessionId(long sock);
+public static native byte[] getInfoB(long sock, int id)
+throws Exception;
+
+/**
+ * Retrun SSL Info parameter as String.
+ *
+ * @param sock The socket to read the data from.
+ * @param id Parameter id.
+ * @return String containing info id value.
+ */
+public static native String getInfoS(long sock, int id)
+throws Exception;
+
+/**
+ * Retrun SSL Info parameter as integer.
+ *
+ * @param sock The socket to read the data from.
+ * @param id Parameter id.
+ * @return Integer containing info id value or -1 on error.
+ */
+public static native int getInfoI(long sock, int id)
+throws Exception;
+
}
1.29 +6 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- ssl_private.h 12 Jun 2005 10:31:16 - 1.28
+++ ssl_private.h 15 Jun 2005 12:08:02 - 1.29
@@ -141,6 +141,11 @@
#define SSL_TO_APR_ERROR(X) (APR_OS_START_USERERR + 1000 + X)
+#define SSL_INFO_SESSION_ID (1)
+#define SSL_INFO_CIPHER (2)
+#define SSL_INFO_CIPHER_USEKEYSIZE (3)
+#define SSL_INFO_CIPHER_ALGKEYSIZE (4)
+
#define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
|| (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \
1.2 +103 -13 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sslinfo.c 14 Jun 2005 11:55:54 - 1.1
+++ sslinfo.c 15 Jun 2005 12:08:02 - 1.2
@@ -31,27 +31,117 @@
#ifdef HAVE_OPENSSL
#include "ssl_private.h"
-TCN_IMPLEMENT_CALL(jobject, SSLSocket, getSessionId)(TCN_STDARGS, jlong sock)
+static const char *hex_basis = "0123456789ABCDEF";
+
+static char *convert_to_hex(const void *buf, size_t len)
+{
+const unsigned char *p = ( const unsigned char *)buf;
+
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/06/14 04:55:54
Modified:jni/java/org/apache/tomcat/jni SSLSocket.java
jni/native libtcnative.dsp tcnative.dsp
Added: jni/native/src sslinfo.c
Log:
Add sslinfo.c for obtaining various SSL info data.
Revision ChangesPath
1.10 +8 -1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java
Index: SSLSocket.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- SSLSocket.java13 Jun 2005 13:01:12 - 1.9
+++ SSLSocket.java14 Jun 2005 11:55:54 - 1.10
@@ -233,4 +233,11 @@
public static native int recvbt(long sock, ByteBuffer buf,
int offset, int nbytes, long timeout);
+/**
+ * Retrun SSL SESSION id.
+ *
+ * @param sock The socket to read the data from.
+ * @return Byte array containing session id.
+ */
+public static byte[] getSessionId(long sock);
}
1.12 +4 -0 jakarta-tomcat-connectors/jni/native/libtcnative.dsp
Index: libtcnative.dsp
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/libtcnative.dsp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- libtcnative.dsp 13 Jun 2005 11:14:05 - 1.11
+++ libtcnative.dsp 14 Jun 2005 11:55:54 - 1.12
@@ -152,6 +152,10 @@
# End Source File
# Begin Source File
+SOURCE=.\src\sslinfo.c
+# End Source File
+# Begin Source File
+
SOURCE=.\src\sslnetwork.c
# End Source File
# Begin Source File
1.12 +4 -0 jakarta-tomcat-connectors/jni/native/tcnative.dsp
Index: tcnative.dsp
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/tcnative.dsp,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- tcnative.dsp 13 Jun 2005 11:11:24 - 1.11
+++ tcnative.dsp 14 Jun 2005 11:55:54 - 1.12
@@ -152,6 +152,10 @@
# End Source File
# Begin Source File
+SOURCE=.\src\sslinfo.c
+# End Source File
+# Begin Source File
+
SOURCE=.\src\sslnetwork.c
# End Source File
# Begin Source File
1.1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
/* Copyright 2000-2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/** SSL info wrapper
*
* @author Mladen Turk
* @version $Revision: 1.1 $, $Date: 2005/06/14 11:55:54 $
*/
#include "apr.h"
#include "apr_pools.h"
#include "apr_file_io.h"
#include "apr_portable.h"
#include "apr_thread_mutex.h"
#include "apr_poll.h"
#include "tcn.h"
#ifdef HAVE_OPENSSL
#include "ssl_private.h"
TCN_IMPLEMENT_CALL(jobject, SSLSocket, getSessionId)(TCN_STDARGS, jlong sock)
{
tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *);
SSL_SESSION *session;
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
if ((session = SSL_get_session(s->ssl)) != NULL) {
jbyteArray array;
jsize len = (jsize)session->session_id_length;
array = (*e)->NewByteArray(e, len);
if (array) {
(*e)->SetByteArrayRegion(e, array, 0, len,
(jbyte *)(&session->session_id[0]));
}
return array;
}
else
return NULL;
}
#else
/* OpenSSL is not supported
* If someday we make OpenSSL optional
* APR_ENOTIMPL will go here
*/
#error "No OpenSSL Toolkit defined."
#endif
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
