Attachment 24546 Details for Bug 48208 – patch_48158_c5_wildCard.txt

patch_48158_c5_wildCard.txt

patch_48158_c5_wildCard.txt (text/plain), 3.45 KB, created by Ralf Hauser on 2009-11-17 00:44:09 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Ralf Hauser

Created: 2009-11-17 00:44:09 UTC

Size: 3.45 KB

patch

obsolete

>Index: AcceptAllTrustManager.java
>===================================================================
>--- AcceptAllTrustManager.java	(revision 0)
>+++ AcceptAllTrustManager.java	(revision 0)
>@@ -0,0 +1,40 @@
>+/*
>+ * $Id$
>+ */
>+package org.apache.tomcat.util.net.jsse;
>+
>+import java.security.cert.CertificateException;
>+import java.security.cert.X509Certificate;
>+
>+import javax.net.ssl.X509TrustManager;
>+
>+
>+/**
>+ * See http://forum.java.sun.com/thread.jsp?forum=2&thread=411937 as per
>+ * 
>+ * This Trust Manager accepts any kind of certificate provided by the user 
>+ */
>+
>+public class AcceptAllTrustManager implements X509TrustManager {
>+
>+	public boolean isClientTrusted(X509Certificate[] cert) {
>+		return true;
>+	}
>+
>+	public boolean isServerTrusted(X509Certificate[] cert) {
>+		return true;
>+	}
>+
>+	public X509Certificate[] getAcceptedIssuers() {
>+		return new X509Certificate[0];
>+	}
>+
>+	public void checkClientTrusted(X509Certificate[] chain, String authType)
>+			throws CertificateException {
>+	}
>+
>+	public void checkServerTrusted(X509Certificate[] chain, String authType)
>+			throws CertificateException {
>+	}
>+
>+}
>
>Property changes on: AcceptAllTrustManager.java
>___________________________________________________________________
>Added: svn:keywords
>   + Id
>Added: svn:executable
>   + *
>
>Index: JSSE14SocketFactory.java
>===================================================================
>--- JSSE14SocketFactory.java	(revision 792102)
>+++ JSSE14SocketFactory.java	(working copy)
>@@ -65,6 +65,11 @@
>      * Flag to state that we would like client authentication.
>      */
>     protected boolean wantClientAuth    = false;
>+    
>+    /**
>+     * Flag to state that we accept any client certificate.
>+     */
>+    protected boolean acceptAllCerts = false;
> 
>     public JSSE14SocketFactory () {
>         super();
>@@ -105,6 +110,13 @@
> 	    if( trustAlgorithm == null ) {
> 		trustAlgorithm = algorithm;
> 	    }
>+    	String acceptAll = (String)attributes.get("acceptAllCerts");
>+    	if("true".equalsIgnoreCase(acceptAll) ||
>+            "yes".equalsIgnoreCase(acceptAll)) {
>+    		acceptAllCerts = true;
>+         } else {
>+        	 acceptAllCerts = false;
>+         }
>             // Create and init SSLContext
>             SSLContext context = SSLContext.getInstance(protocol); 
>             context.init(getKeyManagers(keystoreType, algorithm,
>@@ -168,17 +180,20 @@
> 
>         TrustManager[] tms = null;
> 
>-        String truststoreType = (String)attributes.get("truststoreType");
>-        if(truststoreType == null) {
>-            truststoreType = keystoreType;
>-        }
>-        KeyStore trustStore = getTrustStore(truststoreType);
>-        if (trustStore != null) {
>-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
>-            tmf.init(trustStore);
>-            tms = tmf.getTrustManagers();
>+        if(acceptAllCerts){
>+        	tms = new TrustManager[]{ new AcceptAllTrustManager() };
>+        } else {
>+	        String truststoreType = (String)attributes.get("truststoreType");
>+	        if(truststoreType == null) {
>+	            truststoreType = keystoreType;
>+	        }
>+	        KeyStore trustStore = getTrustStore(truststoreType);
>+	        if (trustStore != null) {
>+	            TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
>+	            tmf.init(trustStore);
>+	            tms = tmf.getTrustManagers();
>+	        }
>         }
>-
>         return tms;
>     }
>     protected void setEnabledProtocols(SSLServerSocket socket, String []protocols){

Actions: View

Attachments on bug 48208: 24546 | 26581 | 26732