View | Details | Raw Unified | Return to bug 39637
Collapse All | Expand All

(-)./apache-tomcat-5.5.17-src.orig/connectors/jk/java/org/apache/jk/core/MsgContext.java (-21 / +29 lines)
Lines 306-337 Link Here
306
306
307
            // Extract SSL certificate information (if requested)
307
            // Extract SSL certificate information (if requested)
308
            MessageBytes certString = (MessageBytes)req.getNote(WorkerEnv.SSL_CERT_NOTE);
308
            MessageBytes certString = (MessageBytes)req.getNote(WorkerEnv.SSL_CERT_NOTE);
309
            if( certString != null && !certString.isNull() ) {
309
310
						log.debug("certString: " + certString);
311
						
312
						if( certString != null && !certString.isNull() ) {
310
                ByteChunk certData = certString.getByteChunk();
313
                ByteChunk certData = certString.getByteChunk();
311
                ByteArrayInputStream bais = 
314
                ByteArrayInputStream bais = 
312
                    new ByteArrayInputStream(certData.getBytes(),
315
                    new ByteArrayInputStream(certData.getBytes(),
313
                                             certData.getStart(),
316
                                             certData.getStart(),
314
                                             certData.getLength());
317
                                             certData.getLength());
315
 
318
								// Fill all elements
316
                // Fill the first element.
319
								X509Certificate jsseCerts[] = null;
317
                X509Certificate jsseCerts[] = null;
320
								try {
318
                try {
321
									CertificateFactory cf = CertificateFactory.getInstance("X.509");
319
                    CertificateFactory cf =
322
									int i = 0;
320
                        CertificateFactory.getInstance("X.509");
323
                	while (bais.available() > 0) {
321
                    X509Certificate cert = (X509Certificate)
324
		              	X509Certificate cert = (X509Certificate) cf.generateCertificate(bais);		
322
                        cf.generateCertificate(bais);
325
// XXX use arraylist and convert to array when chain has been filled in
323
                    jsseCerts =  new X509Certificate[1];
326
										if (jsseCerts == null) {
324
                    jsseCerts[0] = cert;
327
											jsseCerts = new X509Certificate[1];
325
                } catch(java.security.cert.CertificateException e) {
328
										} else {
326
                    log.error("Certificate convertion failed" , e );
329
											X509Certificate tmpJsseCerts[] = new X509Certificate[jsseCerts.length + 1];
327
                    return;
330
											System.arraycopy(jsseCerts,0,tmpJsseCerts,0,jsseCerts.length);
328
                }
331
											jsseCerts = tmpJsseCerts;
329
 
332
										}	
330
                req.setAttribute(SSLSupport.CERTIFICATE_KEY, 
333
										jsseCerts[i++] = cert;
331
                                 jsseCerts);
334
                	}
332
            }
335
								} catch (java.security.cert.CertificateException e) {
333
                
336
									log.debug("Certificate conversion failed" + e);
334
        } else if( actionCode==ActionCode.ACTION_REQ_HOST_ATTRIBUTE ) {
337
						 		}
338
339
                req.setAttribute(SSLSupport.CERTIFICATE_KEY,
340
                                 jsseCerts);                
341
						}	
342
				} else if( actionCode==ActionCode.ACTION_REQ_HOST_ATTRIBUTE ) {
335
            Request req=(Request)param;
343
            Request req=(Request)param;
336
344
337
            // If remoteHost not set by JK, get it's name from it's remoteAddr
345
            // If remoteHost not set by JK, get it's name from it's remoteAddr

Return to bug 39637