Link Here
|
22 |
import java.security.cert.X509Certificate; |
22 |
import java.security.cert.X509Certificate; |
23 |
|
23 |
|
24 |
import org.apache.tomcat.jni.SSL; |
24 |
import org.apache.tomcat.jni.SSL; |
25 |
import org.apache.tomcat.jni.SSLSocket; |
|
|
26 |
|
25 |
|
27 |
/** |
26 |
/** |
28 |
* Implementation of SSLSupport for APR. |
27 |
* Implementation of SSLSupport for APR. |
Link Here
|
32 |
*/ |
31 |
*/ |
33 |
public class AprSSLSupport implements SSLSupport { |
32 |
public class AprSSLSupport implements SSLSupport { |
34 |
|
33 |
|
35 |
private final SocketWrapperBase<Long> socketWrapper; |
34 |
private final AprEndpoint.AprSocketWrapper socketWrapper; |
36 |
private final String clientCertProvider; |
35 |
private final String clientCertProvider; |
37 |
|
36 |
|
38 |
|
37 |
|
39 |
public AprSSLSupport(SocketWrapperBase<Long> socketWrapper, String clientCertProvider) { |
38 |
public AprSSLSupport(AprEndpoint.AprSocketWrapper socketWrapper, String clientCertProvider) { |
40 |
this.socketWrapper = socketWrapper; |
39 |
this.socketWrapper = socketWrapper; |
41 |
this.clientCertProvider = clientCertProvider; |
40 |
this.clientCertProvider = clientCertProvider; |
42 |
} |
41 |
} |
Link Here
|
44 |
|
43 |
|
45 |
@Override |
44 |
@Override |
46 |
public String getCipherSuite() throws IOException { |
45 |
public String getCipherSuite() throws IOException { |
47 |
long socketRef = socketWrapper.getSocket().longValue(); |
|
|
48 |
if (socketRef == 0) { |
49 |
return null; |
50 |
} |
51 |
try { |
46 |
try { |
52 |
return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_CIPHER); |
47 |
return socketWrapper.getSSLInfoS(SSL.SSL_INFO_CIPHER); |
53 |
} catch (Exception e) { |
48 |
} catch (Exception e) { |
54 |
throw new IOException(e); |
49 |
throw new IOException(e); |
55 |
} |
50 |
} |
Link Here
|
58 |
|
53 |
|
59 |
@Override |
54 |
@Override |
60 |
public X509Certificate[] getPeerCertificateChain() throws IOException { |
55 |
public X509Certificate[] getPeerCertificateChain() throws IOException { |
61 |
long socketRef = socketWrapper.getSocket().longValue(); |
|
|
62 |
if (socketRef == 0) { |
63 |
return null; |
64 |
} |
65 |
|
66 |
try { |
56 |
try { |
67 |
// certLength == -1 indicates an error |
57 |
// certLength == -1 indicates an error |
68 |
int certLength = SSLSocket.getInfoI(socketRef, SSL.SSL_INFO_CLIENT_CERT_CHAIN); |
58 |
int certLength = socketWrapper.getSSLInfoI(SSL.SSL_INFO_CLIENT_CERT_CHAIN); |
69 |
byte[] clientCert = SSLSocket.getInfoB(socketRef, SSL.SSL_INFO_CLIENT_CERT); |
59 |
byte[] clientCert = socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT); |
70 |
X509Certificate[] certs = null; |
60 |
X509Certificate[] certs = null; |
71 |
if (clientCert != null && certLength > -1) { |
61 |
if (clientCert != null && certLength > -1) { |
72 |
certs = new X509Certificate[certLength + 1]; |
62 |
certs = new X509Certificate[certLength + 1]; |
Link Here
|
78 |
} |
68 |
} |
79 |
certs[0] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(clientCert)); |
69 |
certs[0] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(clientCert)); |
80 |
for (int i = 0; i < certLength; i++) { |
70 |
for (int i = 0; i < certLength; i++) { |
81 |
byte[] data = SSLSocket.getInfoB(socketRef, SSL.SSL_INFO_CLIENT_CERT_CHAIN + i); |
71 |
byte[] data = socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT_CHAIN + i); |
82 |
certs[i+1] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(data)); |
72 |
certs[i+1] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(data)); |
83 |
} |
73 |
} |
84 |
} |
74 |
} |
Link Here
|
91 |
|
81 |
|
92 |
@Override |
82 |
@Override |
93 |
public Integer getKeySize() throws IOException { |
83 |
public Integer getKeySize() throws IOException { |
94 |
long socketRef = socketWrapper.getSocket().longValue(); |
|
|
95 |
if (socketRef == 0) { |
96 |
return null; |
97 |
} |
98 |
|
99 |
try { |
84 |
try { |
100 |
return Integer.valueOf(SSLSocket.getInfoI(socketRef, SSL.SSL_INFO_CIPHER_USEKEYSIZE)); |
85 |
return Integer.valueOf(socketWrapper.getSSLInfoI(SSL.SSL_INFO_CIPHER_USEKEYSIZE)); |
101 |
} catch (Exception e) { |
86 |
} catch (Exception e) { |
102 |
throw new IOException(e); |
87 |
throw new IOException(e); |
103 |
} |
88 |
} |
Link Here
|
106 |
|
91 |
|
107 |
@Override |
92 |
@Override |
108 |
public String getSessionId() throws IOException { |
93 |
public String getSessionId() throws IOException { |
109 |
long socketRef = socketWrapper.getSocket().longValue(); |
|
|
110 |
if (socketRef == 0) { |
111 |
return null; |
112 |
} |
113 |
|
114 |
try { |
94 |
try { |
115 |
return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_SESSION_ID); |
95 |
return socketWrapper.getSSLInfoS(SSL.SSL_INFO_SESSION_ID); |
116 |
} catch (Exception e) { |
96 |
} catch (Exception e) { |
117 |
throw new IOException(e); |
97 |
throw new IOException(e); |
118 |
} |
98 |
} |
Link Here
|
120 |
|
100 |
|
121 |
@Override |
101 |
@Override |
122 |
public String getProtocol() throws IOException { |
102 |
public String getProtocol() throws IOException { |
123 |
long socketRef = socketWrapper.getSocket().longValue(); |
|
|
124 |
if (socketRef == 0) { |
125 |
return null; |
126 |
} |
127 |
|
128 |
try { |
103 |
try { |
129 |
return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_PROTOCOL); |
104 |
return socketWrapper.getSSLInfoS(SSL.SSL_INFO_PROTOCOL); |
130 |
} catch (Exception e) { |
105 |
} catch (Exception e) { |
131 |
throw new IOException(e); |
106 |
throw new IOException(e); |
132 |
} |
107 |
} |