cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:27:59 Modified:jni/native/src sslinfo.c Log: Release X509 certificate to supress the mem leak. Revision ChangesPath 1.14 +2 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- sslinfo.c 1 Aug 2005 07:23:09 - 1.13 +++ sslinfo.c 1 Aug 2005 07:27:59 - 1.14 @@ -544,6 +544,7 @@ rv = APR_EINVAL; break; } + X509_free(xs); } } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:23:10 Modified:jni/java/org/apache/tomcat/jni SSL.java jni/native/include ssl_private.h jni/native/src sslinfo.c Log: Implement SSL_INFO_CLIENT_V_REMAIN cert info flag and call. Revision ChangesPath 1.23 +2 -1 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java Index: SSL.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v retrieving revision 1.22 retrieving revision 1.23 diff -u -r1.22 -r1.23 --- SSL.java 12 Jul 2005 14:56:09 - 1.22 +++ SSL.java 1 Aug 2005 07:23:09 - 1.23 @@ -195,6 +195,7 @@ public static final int SSL_INFO_CLIENT_A_SIG = 0x0105; public static final int SSL_INFO_CLIENT_A_KEY = 0x0106; public static final int SSL_INFO_CLIENT_CERT = 0x0107; +public static final int SSL_INFO_CLIENT_V_REMAIN = 0x0108; public static final int SSL_INFO_SERVER_M_VERSION = 0x0201; public static final int SSL_INFO_SERVER_M_SERIAL = 0x0202; 1.35 +2 -1 jakarta-tomcat-connectors/jni/native/include/ssl_private.h Index: ssl_private.h === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- ssl_private.h 12 Jul 2005 14:56:10 - 1.34 +++ ssl_private.h 1 Aug 2005 07:23:09 - 1.35 @@ -178,6 +178,7 @@ #define SSL_INFO_CLIENT_A_SIG (0x0105) #define SSL_INFO_CLIENT_A_KEY (0x0106) #define SSL_INFO_CLIENT_CERT(0x0107) +#define SSL_INFO_CLIENT_V_REMAIN(0x0108) #define SSL_INFO_SERVER_MASK(0x0200) 1.13 +19 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- sslinfo.c 1 Aug 2005 07:12:55 - 1.12 +++ sslinfo.c 1 Aug 2005 07:23:09 - 1.13 @@ -498,6 +498,7 @@ { tcn_socket_t *a = J2P(sock, tcn_socket_t *); tcn_ssl_conn_t *s; +apr_status_t rv = APR_SUCCESS; jint value = -1; UNREFERENCED(o); @@ -528,10 +529,26 @@ } break; default: -tcn_ThrowAPRException(e, APR_EINVAL); +rv = APR_EINVAL; break; } +if (what & SSL_INFO_CLIENT_MASK) { +X509 *xs; +if ((xs = SSL_get_peer_certificate(s->ssl)) != NULL) { +switch (what) { +case SSL_INFO_CLIENT_V_REMAIN: +value = get_days_remaining(X509_get_notAfter(xs)); +rv = APR_SUCCESS; +break; +default: +rv = APR_EINVAL; +break; + } +} +} +if (rv != APR_SUCCESS) +tcn_ThrowAPRException(e, rv); return value; } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/08/01 00:12:55 Modified:jni/native/src sslinfo.c Log: Remove unused value declaration. Revision ChangesPath 1.12 +1 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- sslinfo.c 12 Jul 2005 14:56:11 - 1.11 +++ sslinfo.c 1 Aug 2005 07:12:55 - 1.12 @@ -523,7 +523,6 @@ break; case SSL_INFO_CLIENT_CERT_CHAIN: { -X509 *xs; STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl); value = sk_X509_num(sk); } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:58:49 Modified:jni/native/src sslinfo.c Log: Get int param for obtaining the number of certificates in the chain, so that we don't rely on the first exception for getting the certificate. Revision ChangesPath 1.10 +8 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- sslinfo.c 12 Jul 2005 13:43:59 - 1.9 +++ sslinfo.c 12 Jul 2005 13:58:49 - 1.10 @@ -521,6 +521,13 @@ } } break; +case SSL_INFO_CLIENT_CERT_CHAIN: +{ +X509 *xs; +STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl); +value = sk_X509_num(sk); +} +break; default: tcn_ThrowAPRException(e, APR_EINVAL); break; - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:43:59 Modified:jni/native/src sslinfo.c Log: Throw the exception if rv != APR_SUCCESS Revision ChangesPath 1.9 +1 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- sslinfo.c 12 Jul 2005 13:38:38 - 1.8 +++ sslinfo.c 12 Jul 2005 13:43:59 - 1.9 @@ -223,7 +223,7 @@ } break; default: -tcn_ThrowAPRException(e, APR_EINVAL); +rv = APR_EINVAL; break; } if (what & SSL_INFO_CLIENT_MASK) { - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:38:38 Modified:jni/native/src sslinfo.c Log: Set the rv to APR_SUCCESS if the CERT_CHAIN is valid Revision ChangesPath 1.8 +2 -1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- sslinfo.c 12 Jul 2005 13:28:57 - 1.7 +++ sslinfo.c 12 Jul 2005 13:38:38 - 1.8 @@ -485,6 +485,7 @@ free(result); } } +rv = APR_SUCCESS; } if (rv != APR_SUCCESS) tcn_ThrowAPRException(e, rv); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/12 06:28:57 Modified:jni/native/src sslinfo.c Log: Socket used is abstract socket not the SSL opaque. Revision ChangesPath 1.7 +11 -4 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- sslinfo.c 8 Jul 2005 07:49:56 - 1.6 +++ sslinfo.c 12 Jul 2005 13:28:57 - 1.7 @@ -203,13 +203,15 @@ TCN_IMPLEMENT_CALL(jobject, SSLSocket, getInfoB)(TCN_STDARGS, jlong sock, jint what) { -tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *); +tcn_socket_t *a = J2P(sock, tcn_socket_t *); +tcn_ssl_conn_t *s; jbyteArray array = NULL; apr_status_t rv = APR_SUCCESS; UNREFERENCED(o); TCN_ASSERT(sock != 0); +s = (tcn_ssl_conn_t *)(a->opaque); switch (what) { case SSL_INFO_SESSION_ID: { @@ -281,13 +283,15 @@ TCN_IMPLEMENT_CALL(jstring, SSLSocket, getInfoS)(TCN_STDARGS, jlong sock, jint what) { -tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *); +tcn_socket_t *a = J2P(sock, tcn_socket_t *); +tcn_ssl_conn_t *s; jstring value = NULL; apr_status_t rv = APR_SUCCESS; UNREFERENCED(o); TCN_ASSERT(sock != 0); +s = (tcn_ssl_conn_t *)(a->opaque); switch (what) { case SSL_INFO_SESSION_ID: { @@ -491,12 +495,15 @@ TCN_IMPLEMENT_CALL(jint, SSLSocket, getInfoI)(TCN_STDARGS, jlong sock, jint what) { -tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *); +tcn_socket_t *a = J2P(sock, tcn_socket_t *); +tcn_ssl_conn_t *s; jint value = -1; UNREFERENCED(o); TCN_ASSERT(sock != 0); +s = (tcn_ssl_conn_t *)(a->opaque); + switch (what) { case SSL_INFO_CIPHER_USEKEYSIZE: case SSL_INFO_CIPHER_ALGKEYSIZE: - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
Please send all future mails at [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/08 00:49:56 Modified:jni/native/src sslinfo.c Log: Add param infos in ASN1 format for server and client certificates. Revision ChangesPath 1.6 +78 -8 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- sslinfo.c 8 Jul 2005 07:19:10 - 1.5 +++ sslinfo.c 8 Jul 2005 07:49:56 - 1.6 @@ -95,21 +95,40 @@ static char *get_cert_PEM(X509 *xs) { -char *result; +char *result = NULL; BIO *bio; -int n; if ((bio = BIO_new(BIO_s_mem())) == NULL) return NULL; -PEM_write_bio_X509(bio, xs); -n = BIO_pending(bio); -result = malloc(n+1); -n = BIO_read(bio, result, n); -result[n] = '\0'; +if (PEM_write_bio_X509(bio, xs)) { +int n = BIO_pending(bio); +result = malloc(n+1); +n = BIO_read(bio, result, n); +result[n] = '\0'; +} +BIO_free(bio); +return result; +} + +static unsigned char *get_cert_ASN1(X509 *xs, int *len) +{ +char *result = NULL; +BIO *bio; + +*len = 0; +if ((bio = BIO_new(BIO_s_mem())) == NULL) +return NULL; +if (i2d_X509_bio(bio, xs)) { +int n = BIO_pending(bio); +result = malloc(n); +n = BIO_read(bio, result, n); +*len = n; +} BIO_free(bio); return result; } + static char *get_cert_serial(X509 *xs) { char *result; @@ -186,6 +205,7 @@ { tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *); jbyteArray array = NULL; +apr_status_t rv = APR_SUCCESS; UNREFERENCED(o); TCN_ASSERT(sock != 0); @@ -204,6 +224,56 @@ tcn_ThrowAPRException(e, APR_EINVAL); break; } +if (what & SSL_INFO_CLIENT_MASK) { +X509 *xs; +unsigned char *result; +int len; +if ((xs = SSL_get_peer_certificate(s->ssl)) != NULL) { +switch (what) { +case SSL_INFO_CLIENT_CERT: +if ((result = get_cert_ASN1(xs, &len))) { +array = tcn_new_arrayb(e, result, len); +free(result); +} +break; +} +X509_free(xs); +} +rv = APR_SUCCESS; +} +else if (what & SSL_INFO_SERVER_MASK) { +X509 *xs; +unsigned char *result; +int len; +if ((xs = SSL_get_certificate(s->ssl)) != NULL) { +switch (what) { +case SSL_INFO_SERVER_CERT: +if ((result = get_cert_ASN1(xs, &len))) { +array = tcn_new_arrayb(e, result, len); +free(result); +} +break; +} +/* XXX: No need to call the X509_free(xs); */ +} +rv = APR_SUCCESS; +} +else if (what & SSL_INFO_CLIENT_CERT_CHAIN) { +X509 *xs; +unsigned char *result; +STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl); +int len, n = what & 0x0F; +if (n < sk_X509_num(sk)) { +xs = sk_X509_value(sk, n); +if ((result = get_cert_ASN1(xs, &len))) { +array = tcn_new_arrayb(e, result, len); +free(result); +} +} +rv = APR_SUCCESS; +} +if (rv != APR_SUCCESS) +tcn_ThrowAPRException(e, rv); return array; } - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
Please send all future mails at [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/07/08 00:19:10 Modified:jni/java/org/apache/tomcat/jni SSL.java jni/native/include ssl_private.h jni/native/src sslinfo.c Log: Add SSL_INFO_CLIENT_CERT_CHAIN param getter. Right now the majority of info's are returned in PEM format, meaning with : ---BEGIN XXX ---END XXX --- We have to see how to return the actual data in byte array if desired. Revision ChangesPath 1.21 +5 -2 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java Index: SSL.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v retrieving revision 1.20 retrieving revision 1.21 diff -u -r1.20 -r1.21 --- SSL.java 17 Jun 2005 09:41:30 - 1.20 +++ SSL.java 8 Jul 2005 07:19:10 - 1.21 @@ -203,7 +203,10 @@ public static final int SSL_INFO_SERVER_A_SIG = 0x0205; public static final int SSL_INFO_SERVER_A_KEY = 0x0206; public static final int SSL_INFO_SERVER_CERT = 0x0207; - +/* Return client certificate chain. + * Add certificate chain number to that flag (0 ... verify depth) + */ +public static final int SSL_INFO_CLIENT_CERT_CHAIN = 0x0400; /* Return OpenSSL version number */ public static native int version(); 1.33 +2 -1 jakarta-tomcat-connectors/jni/native/include/ssl_private.h Index: ssl_private.h === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- ssl_private.h 7 Jul 2005 08:10:08 - 1.32 +++ ssl_private.h 8 Jul 2005 07:19:10 - 1.33 @@ -188,6 +188,7 @@ #define SSL_INFO_SERVER_A_SIG (0x0205) #define SSL_INFO_SERVER_A_KEY (0x0206) #define SSL_INFO_SERVER_CERT(0x0207) +#define SSL_INFO_CLIENT_CERT_CHAIN (0x0400) #define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \ ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \ 1.5 +15 -2 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- sslinfo.c 17 Jun 2005 09:41:30 - 1.4 +++ sslinfo.c 8 Jul 2005 07:19:10 - 1.5 @@ -105,7 +105,7 @@ n = BIO_pending(bio); result = malloc(n+1); n = BIO_read(bio, result, n); -result[n] = '\n'; +result[n] = '\0'; BIO_free(bio); return result; } @@ -399,6 +399,19 @@ } rv = APR_SUCCESS; } +else if (what & SSL_INFO_CLIENT_CERT_CHAIN) { +X509 *xs; +char *result; +STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s->ssl); +int n = what & 0x0F; +if (n < sk_X509_num(sk)) { +xs = sk_X509_value(sk, n); +if ((result = get_cert_PEM(xs))) { +value = tcn_new_string(e, result); +free(result); +} +} +} if (rv != APR_SUCCESS) tcn_ThrowAPRException(e, rv); - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/06/15 05:08:02 Modified:jni/java/org/apache/tomcat/jni SSL.java SSLSocket.java jni/native/include ssl_private.h jni/native/src sslinfo.c Log: Update sslinfo to use the indexed approach to the params instead a name based. This way we'll keep the lower number of native functions. Revision ChangesPath 1.19 +7 -2 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java Index: SSL.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- SSL.java 12 Jun 2005 07:33:08 - 1.18 +++ SSL.java 15 Jun 2005 12:08:02 - 1.19 @@ -158,6 +158,11 @@ public static final int SSL_SHUTDOWN_TYPE_UNCLEAN = 2; public static final int SSL_SHUTDOWN_TYPE_ACCURATE = 3; +public static final int SSL_INFO_SESSION_ID = 1; +public static final int SSL_INFO_CIPHER = 2; +public static final int SSL_INFO_CIPHER_USEKEYSIZE = 3; +public static final int SSL_INFO_CIPHER_ALGKEYSIZE = 4; + /* Return OpenSSL version number */ public static native int version(); @@ -261,7 +266,7 @@ * @param file File contatining DH params. */ public static native boolean loadDSATempKey(int idx, String file); - + /** * Return last SSL error string */ 1.12 +27 -4 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java Index: SSLSocket.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- SSLSocket.java14 Jun 2005 20:59:33 - 1.11 +++ SSLSocket.java15 Jun 2005 12:08:02 - 1.12 @@ -234,10 +234,33 @@ int offset, int nbytes, long timeout); /** - * Retrun SSL SESSION id. + * Retrun SSL Info parameter as byte array. * * @param sock The socket to read the data from. - * @return Byte array containing session id. + * @param id Parameter id. + * @return Byte array containing info id value. */ -public static native byte[] getSessionId(long sock); +public static native byte[] getInfoB(long sock, int id) +throws Exception; + +/** + * Retrun SSL Info parameter as String. + * + * @param sock The socket to read the data from. + * @param id Parameter id. + * @return String containing info id value. + */ +public static native String getInfoS(long sock, int id) +throws Exception; + +/** + * Retrun SSL Info parameter as integer. + * + * @param sock The socket to read the data from. + * @param id Parameter id. + * @return Integer containing info id value or -1 on error. + */ +public static native int getInfoI(long sock, int id) +throws Exception; + } 1.29 +6 -1 jakarta-tomcat-connectors/jni/native/include/ssl_private.h Index: ssl_private.h === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v retrieving revision 1.28 retrieving revision 1.29 diff -u -r1.28 -r1.29 --- ssl_private.h 12 Jun 2005 10:31:16 - 1.28 +++ ssl_private.h 15 Jun 2005 12:08:02 - 1.29 @@ -141,6 +141,11 @@ #define SSL_TO_APR_ERROR(X) (APR_OS_START_USERERR + 1000 + X) +#define SSL_INFO_SESSION_ID (1) +#define SSL_INFO_CIPHER (2) +#define SSL_INFO_CIPHER_USEKEYSIZE (3) +#define SSL_INFO_CIPHER_ALGKEYSIZE (4) + #define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \ ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \ || (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \ 1.2 +103 -13 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- sslinfo.c 14 Jun 2005 11:55:54 - 1.1 +++ sslinfo.c 15 Jun 2005 12:08:02 - 1.2 @@ -31,27 +31,117 @@ #ifdef HAVE_OPENSSL #include "ssl_private.h" -TCN_IMPLEMENT_CALL(jobject, SSLSocket, getSessionId)(TCN_STDARGS, jlong sock) +static const char *hex_basis = "0123456789ABCDEF"; + +static char *convert_to_hex(const void *buf, size_t len) +{ +const unsigned char *p = ( const unsigned char *)buf; +
cvs commit: jakarta-tomcat-connectors/jni/native/src sslinfo.c
mturk 2005/06/14 04:55:54 Modified:jni/java/org/apache/tomcat/jni SSLSocket.java jni/native libtcnative.dsp tcnative.dsp Added: jni/native/src sslinfo.c Log: Add sslinfo.c for obtaining various SSL info data. Revision ChangesPath 1.10 +8 -1 jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java Index: SSLSocket.java === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLSocket.java,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- SSLSocket.java13 Jun 2005 13:01:12 - 1.9 +++ SSLSocket.java14 Jun 2005 11:55:54 - 1.10 @@ -233,4 +233,11 @@ public static native int recvbt(long sock, ByteBuffer buf, int offset, int nbytes, long timeout); +/** + * Retrun SSL SESSION id. + * + * @param sock The socket to read the data from. + * @return Byte array containing session id. + */ +public static byte[] getSessionId(long sock); } 1.12 +4 -0 jakarta-tomcat-connectors/jni/native/libtcnative.dsp Index: libtcnative.dsp === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/libtcnative.dsp,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- libtcnative.dsp 13 Jun 2005 11:14:05 - 1.11 +++ libtcnative.dsp 14 Jun 2005 11:55:54 - 1.12 @@ -152,6 +152,10 @@ # End Source File # Begin Source File +SOURCE=.\src\sslinfo.c +# End Source File +# Begin Source File + SOURCE=.\src\sslnetwork.c # End Source File # Begin Source File 1.12 +4 -0 jakarta-tomcat-connectors/jni/native/tcnative.dsp Index: tcnative.dsp === RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/tcnative.dsp,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- tcnative.dsp 13 Jun 2005 11:11:24 - 1.11 +++ tcnative.dsp 14 Jun 2005 11:55:54 - 1.12 @@ -152,6 +152,10 @@ # End Source File # Begin Source File +SOURCE=.\src\sslinfo.c +# End Source File +# Begin Source File + SOURCE=.\src\sslnetwork.c # End Source File # Begin Source File 1.1 jakarta-tomcat-connectors/jni/native/src/sslinfo.c Index: sslinfo.c === /* Copyright 2000-2004 The Apache Software Foundation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /** SSL info wrapper * * @author Mladen Turk * @version $Revision: 1.1 $, $Date: 2005/06/14 11:55:54 $ */ #include "apr.h" #include "apr_pools.h" #include "apr_file_io.h" #include "apr_portable.h" #include "apr_thread_mutex.h" #include "apr_poll.h" #include "tcn.h" #ifdef HAVE_OPENSSL #include "ssl_private.h" TCN_IMPLEMENT_CALL(jobject, SSLSocket, getSessionId)(TCN_STDARGS, jlong sock) { tcn_ssl_conn_t *s = J2P(sock, tcn_ssl_conn_t *); SSL_SESSION *session; UNREFERENCED(o); TCN_ASSERT(sock != 0); if ((session = SSL_get_session(s->ssl)) != NULL) { jbyteArray array; jsize len = (jsize)session->session_id_length; array = (*e)->NewByteArray(e, len); if (array) { (*e)->SetByteArrayRegion(e, array, 0, len, (jbyte *)(&session->session_id[0])); } return array; } else return NULL; } #else /* OpenSSL is not supported * If someday we make OpenSSL optional * APR_ENOTIMPL will go here */ #error "No OpenSSL Toolkit defined." #endif - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]