import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.IntrospectionUtils;
-import org.apache.tomcat.util.net.JIoEndpoint.Worker;
import org.apache.tomcat.util.net.SecureNioChannel.ApplicationBufferHandler;
-import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
+import org.apache.tomcat.util.net.jsse.NioX509KeyManager;
import org.apache.tomcat.util.res.StringManager;
/**
ks.load(new FileInputStream(getKeystoreFile()), passphrase);
KeyStore ts = null;
if (getTruststoreFile()==null) {
-// ts = KeyStore.getInstance(getKeystoreType());
-// ts.load(new FileInputStream(getKeystoreFile()), passphrase);
+ //no op, same as for BIO connector
}else {
ts = KeyStore.getInstance(ttype);
ts.load(new FileInputStream(getTruststoreFile()), tpassphrase);
}
public KeyManager[] wrap(KeyManager[] managers) {
- return managers;
-// if (managers==null) return null;
-// KeyManager[] result = new KeyManager[managers.length];
-// for (int i=0; i<result.length; i++) {
-// if (managers[i] instanceof X509KeyManager && getKeyAlias()!=null) {
-// result[i] = new JSSEKeyManager((X509KeyManager)managers[i],getKeyAlias());
-// } else {
-// result[i] = managers[i];
-// }
-// }
-// return result;
+ if (managers==null) return null;
+ KeyManager[] result = new KeyManager[managers.length];
+ for (int i=0; i<result.length; i++) {
+ if (managers[i] instanceof X509KeyManager && getKeyAlias()!=null) {
+ result[i] = new NioX509KeyManager((X509KeyManager)managers[i],getKeyAlias());
+ } else {
+ result[i] = managers[i];
+ }
+ }
+ return result;
}
--- /dev/null
+package org.apache.tomcat.util.net.jsse;
+
+import java.net.Socket;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedKeyManager;
+import javax.net.ssl.X509KeyManager;
+
+public class NioX509KeyManager extends X509ExtendedKeyManager {
+
+ private X509KeyManager delegate;
+ private String serverKeyAlias;
+
+ /**
+ * Constructor.
+ *
+ * @param mgr The X509KeyManager used as a delegate
+ * @param serverKeyAlias The alias name of the server's keypair and
+ * supporting certificate chain
+ */
+ public NioX509KeyManager(X509KeyManager mgr, String serverKeyAlias) {
+ this.delegate = mgr;
+ this.serverKeyAlias = serverKeyAlias;
+ }
+
+ public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket) {
+ return delegate.chooseClientAlias(keyType, issuers, socket);
+ }
+
+ public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
+ if (serverKeyAlias!=null) {
+ return serverKeyAlias;
+ } else {
+ return delegate.chooseServerAlias(keyType, issuers, socket);
+ }
+ }
+
+ public X509Certificate[] getCertificateChain(String alias) {
+ return delegate.getCertificateChain(alias);
+ }
+
+ public String[] getClientAliases(String keyType, Principal[] issuers) {
+ return delegate.getClientAliases(keyType, issuers);
+ }
+
+ public PrivateKey getPrivateKey(String alias) {
+ return delegate.getPrivateKey(alias);
+ }
+
+ public String[] getServerAliases(String keyType, Principal[] issuers) {
+ return delegate.getServerAliases(keyType, issuers);
+ }
+
+ @Override
+ public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine) {
+ if (serverKeyAlias!=null) {
+ return serverKeyAlias;
+ } else {
+ return super.chooseEngineServerAlias(keyType, issuers, engine);
+ }
+ }
+
+
+
+
+}
projects / tomcat7.0 / commitdiff