cvs commit: jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11 Http11Processor.java

Fri, 20 Sep 2002 22:51:04 -0700 

billbarker    2002/09/20 23:15:50

  Modified:    http11/src/java/org/apache/coyote/http11
                        Http11Processor.java
  Log:
  Actually implement support for client-certs.
  
  Revision  Changes    Path
  1.37      +15 -6     
jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java
  
  Index: Http11Processor.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/http11/Http11Processor.java,v
  retrieving revision 1.36
  retrieving revision 1.37
  diff -u -r1.36 -r1.37
  --- Http11Processor.java      19 Sep 2002 06:40:49 -0000      1.36
  +++ Http11Processor.java      21 Sep 2002 06:15:50 -0000      1.37
  @@ -540,7 +540,7 @@
                       if (sslO != null)
                           request.setAttribute
                               (SSLSupport.CIPHER_SUITE_KEY, sslO);
  -                    sslO = sslSupport.getPeerCertificateChain();
  +                    sslO = sslSupport.getPeerCertificateChain(false);
                       if (sslO != null)
                           request.setAttribute
                               (SSLSupport.CERTIFICATE_KEY, sslO);
  @@ -554,18 +554,27 @@
                               (SSLSupport.SESSION_ID_KEY, sslO);
                   }
               } catch (Exception e) {
  -                //log("Exception getting SSL attribute " + key,e,Log.WARNING);
  +                log.warn("Exception getting SSL attributes " ,e);
               }
  -
           } else if (actionCode == ActionCode.ACTION_REQ_HOST_ATTRIBUTE) {
               request.remoteAddr().setString(remoteAddr);
               if( remoteHost == null )
                   remoteHost = socket.getInetAddress().getHostName();
               request.remoteHost().setString(remoteHost);
   
  +        } else if (actionCode == ActionCode.ACTION_REQ_SSL_CERTIFICATE ) {
  +            try {
  +                Object sslO = sslSupport.getPeerCertificateChain(true);
  +                if( sslO != null) {
  +                    request.setAttribute
  +                        (SSLSupport.CERTIFICATE_KEY, sslO);
  +                }
  +            } catch (Exception e) {
  +                log.warn("Exception getting SSL Cert",e);
  +            }
           }
  -
       }
  +            
   
   
       // ------------------------------------------------------ Connector Methods
  @@ -602,9 +611,9 @@
           http11 = true;
           http09 = false;
           contentDelimitation = false;
  -        if (sslSupport != null)
  +        if (sslSupport != null) {
               request.scheme().setString("https");
  -
  +        }
           MessageBytes protocolMB = request.protocol();
           if (protocolMB.equals(Constants.HTTP_11)) {
               http11 = true;
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to