- Remove pre 1.5 compatibility code, which is not used anymore as the new APIs requir...

author remm <remm@13f79535-47bb-0310-9956-ffa450edef68>

Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)

committer remm <remm@13f79535-47bb-0310-9956-ffa450edef68>

Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)
author remm <remm@13f79535-47bb-0310-9956-ffa450edef68>
Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)
committer remm <remm@13f79535-47bb-0310-9956-ffa450edef68>
Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)
diff --git a/java/org/apache/catalina/connector/Response.java b/java/org/apache/catalina/connector/Response.java

index 167ef0d..bab2729 100644 (file)
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -40,17 +40,16 @@ import javax.servlet.http.HttpServletResponse;
  import org.apache.catalina.Context;\r
  import org.apache.catalina.Session;\r
  import org.apache.catalina.Wrapper;\r
+import org.apache.catalina.security.SecurityUtil;\r
  import org.apache.catalina.util.CharsetMapper;\r
  import org.apache.catalina.util.DateTool;\r
  import org.apache.catalina.util.StringManager;\r
-import org.apache.catalina.security.SecurityUtil;\r
  import org.apache.tomcat.util.buf.CharChunk;\r
  import org.apache.tomcat.util.buf.UEncoder;\r
  import org.apache.tomcat.util.http.FastHttpDateFormat;\r
  import org.apache.tomcat.util.http.MimeHeaders;\r
  import org.apache.tomcat.util.http.ServerCookie;\r
  import org.apache.tomcat.util.net.URL;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  \r
  /**\r
   * Wrapper object for the Coyote response.\r
@@ -80,12 +79,6 @@ public class Response
  \r
  \r
      /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
-    /**\r
       * Descriptive information about this Response implementation.\r
       */\r
      protected static final String info =\r
@@ -1477,7 +1470,7 @@ public class Response
                          } catch (PrivilegedActionException pae){\r
                              IllegalArgumentException iae =\r
                                  new IllegalArgumentException(location);\r
-                            jdkCompat.chainException(iae, pae.getException());\r
+                            iae.initCause(pae.getException());\r
                              throw iae;\r
                          }\r
                      } else {\r
@@ -1490,7 +1483,7 @@ public class Response
              } catch (IOException e) {\r
                  IllegalArgumentException iae =\r
                      new IllegalArgumentException(location);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
  \r
diff --git a/java/org/apache/catalina/core/StandardContext.java b/java/org/apache/catalina/core/StandardContext.java

index c487ddc..30f74d9 100644 (file)
--- a/java/org/apache/catalina/core/StandardContext.java
+++ b/java/org/apache/catalina/core/StandardContext.java
@@ -97,7 +97,6 @@ import org.apache.naming.resources.DirContextURLStreamHandler;
  import org.apache.naming.resources.FileDirContext;\r
  import org.apache.naming.resources.ProxyDirContext;\r
  import org.apache.naming.resources.WARDirContext;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.Registry;\r
  \r
  /**\r
@@ -143,12 +142,6 @@ public class StandardContext
  \r
  \r
      /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
-    /**\r
       * Array containing the safe characters set.\r
       */\r
      protected static URLEncoder urlEncoder;\r
diff --git a/java/org/apache/catalina/loader/WebappClassLoader.java b/java/org/apache/catalina/loader/WebappClassLoader.java

index 2f24552..e4b52da 100644 (file)
--- a/java/org/apache/catalina/loader/WebappClassLoader.java
+++ b/java/org/apache/catalina/loader/WebappClassLoader.java
@@ -62,7 +62,6 @@ import org.apache.naming.JndiPermission;
  import org.apache.naming.resources.Resource;\r
  import org.apache.naming.resources.ResourceAttributes;\r
  import org.apache.tomcat.util.IntrospectionUtils;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  \r
  /**\r
   * Specialized web application class loader.\r
@@ -142,11 +141,6 @@ public class WebappClassLoader
          "javax.servlet.Servlet"                     // Servlet API\r
      };\r
  \r
-    /** \r
-     * Jdk Compatibility Support.\r
-     */\r
-    protected static JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
      /**\r
       * Set of package names which are not allowed to be loaded from a webapp\r
       * class loader without delegating first.\r
@@ -548,7 +542,7 @@ public class WebappClassLoader
          } catch (MalformedURLException e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Invalid repository: " + repository); \r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -2300,7 +2294,14 @@ public class WebappClassLoader
      protected URL getURI(File file)\r
          throws MalformedURLException {\r
  \r
-        return jdkCompat.getURI(file);\r
+        File realFile = file;\r
+        try {\r
+            realFile = realFile.getCanonicalFile();\r
+        } catch (IOException e) {\r
+            // Ignore\r
+        }\r
+\r
+        return realFile.toURI().toURL();\r
  \r
      }\r
  \r
diff --git a/java/org/apache/catalina/mbeans/DefaultContextMBean.java b/java/org/apache/catalina/mbeans/DefaultContextMBean.java

index 767c526..8743b4b 100644 (file)
--- a/java/org/apache/catalina/mbeans/DefaultContextMBean.java
+++ b/java/org/apache/catalina/mbeans/DefaultContextMBean.java
@@ -28,7 +28,6 @@ import org.apache.catalina.deploy.ContextEnvironment;
  import org.apache.catalina.deploy.ContextResource;\r
  import org.apache.catalina.deploy.ContextResourceLink;\r
  import org.apache.catalina.deploy.NamingResources;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -64,15 +63,6 @@ public class DefaultContextMBean extends BaseModelMBean {
      }\r
      \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
      \r
      \r
@@ -116,7 +106,7 @@ public class DefaultContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for environment " + envs[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -141,7 +131,7 @@ public class DefaultContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + resources[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -166,7 +156,7 @@ public class DefaultContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + links[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
diff --git a/java/org/apache/catalina/mbeans/GroupMBean.java b/java/org/apache/catalina/mbeans/GroupMBean.java

index 15b28ef..1697171 100644 (file)
--- a/java/org/apache/catalina/mbeans/GroupMBean.java
+++ b/java/org/apache/catalina/mbeans/GroupMBean.java
@@ -29,7 +29,6 @@ import javax.management.RuntimeOperationsException;
  import org.apache.catalina.Group;\r
  import org.apache.catalina.Role;\r
  import org.apache.catalina.User;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -65,15 +64,6 @@ public class GroupMBean extends BaseModelMBean {
      }\r
  \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
  \r
  \r
@@ -117,7 +107,7 @@ public class GroupMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for role " + role);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -144,7 +134,7 @@ public class GroupMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for user " + user);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
diff --git a/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java b/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java

index ce2ab05..c4a2e1a 100644 (file)
--- a/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
+++ b/java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java
@@ -19,16 +19,17 @@ package org.apache.catalina.mbeans;
  \r
  import java.util.ArrayList;\r
  import java.util.Iterator;\r
-import javax.management.MalformedObjectNameException;\r
+\r
  import javax.management.MBeanException;\r
  import javax.management.MBeanServer;\r
+import javax.management.MalformedObjectNameException;\r
  import javax.management.ObjectName;\r
  import javax.management.RuntimeOperationsException;\r
+\r
  import org.apache.catalina.Group;\r
  import org.apache.catalina.Role;\r
  import org.apache.catalina.User;\r
  import org.apache.catalina.UserDatabase;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -64,15 +65,6 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
      }\r
  \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
  \r
  \r
@@ -188,7 +180,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception creating group " + group + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
          return (findGroup(groupname));\r
@@ -211,7 +203,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception creating role " + role + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
          return (findRole(rolename));\r
@@ -236,7 +228,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception creating user " + user + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
          return (findUser(username));\r
@@ -264,7 +256,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (MalformedObjectNameException e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Cannot create object name for group " + group);\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -291,7 +283,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (MalformedObjectNameException e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Cannot create object name for role " + role);\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -318,7 +310,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (MalformedObjectNameException e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Cannot create object name for user " + user);\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -343,7 +335,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception destroying group " + group + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -368,7 +360,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception destroying role " + role + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
@@ -393,7 +385,7 @@ public class MemoryUserDatabaseMBean extends BaseModelMBean {
          } catch (Exception e) {\r
              IllegalArgumentException iae = new IllegalArgumentException\r
                  ("Exception destroying user " + user + " MBean");\r
-            jdkCompat.chainException(iae, e);\r
+            iae.initCause(e);\r
              throw iae;\r
          }\r
  \r
diff --git a/java/org/apache/catalina/mbeans/NamingResourcesMBean.java b/java/org/apache/catalina/mbeans/NamingResourcesMBean.java

index 2020509..7a3bb10 100644 (file)
--- a/java/org/apache/catalina/mbeans/NamingResourcesMBean.java
+++ b/java/org/apache/catalina/mbeans/NamingResourcesMBean.java
@@ -27,7 +27,6 @@ import org.apache.catalina.deploy.ContextEnvironment;
  import org.apache.catalina.deploy.ContextResource;\r
  import org.apache.catalina.deploy.ContextResourceLink;\r
  import org.apache.catalina.deploy.NamingResources;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -63,15 +62,6 @@ public class NamingResourcesMBean extends BaseModelMBean {
      }\r
  \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
      \r
      /**\r
@@ -105,7 +95,7 @@ public class NamingResourcesMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for environment " + envs[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -131,7 +121,7 @@ public class NamingResourcesMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + resources[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -157,7 +147,7 @@ public class NamingResourcesMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + resourceLinks[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
diff --git a/java/org/apache/catalina/mbeans/StandardContextMBean.java b/java/org/apache/catalina/mbeans/StandardContextMBean.java

index a4c4147..adbedc1 100644 (file)
--- a/java/org/apache/catalina/mbeans/StandardContextMBean.java
+++ b/java/org/apache/catalina/mbeans/StandardContextMBean.java
@@ -28,7 +28,6 @@ import org.apache.catalina.deploy.ContextEnvironment;
  import org.apache.catalina.deploy.ContextResource;\r
  import org.apache.catalina.deploy.ContextResourceLink;\r
  import org.apache.catalina.deploy.NamingResources;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -64,15 +63,6 @@ public class StandardContextMBean extends BaseModelMBean {
      }\r
      \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
      \r
      \r
@@ -125,7 +115,7 @@ public class StandardContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for environment " + envs[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -150,7 +140,7 @@ public class StandardContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + resources[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -175,7 +165,7 @@ public class StandardContextMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for resource " + links[i]);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
diff --git a/java/org/apache/catalina/mbeans/UserMBean.java b/java/org/apache/catalina/mbeans/UserMBean.java

index ee315f7..05dc484 100644 (file)
--- a/java/org/apache/catalina/mbeans/UserMBean.java
+++ b/java/org/apache/catalina/mbeans/UserMBean.java
@@ -29,7 +29,6 @@ import javax.management.RuntimeOperationsException;
  import org.apache.catalina.Group;\r
  import org.apache.catalina.Role;\r
  import org.apache.catalina.User;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.modeler.BaseModelMBean;\r
  import org.apache.tomcat.util.modeler.ManagedBean;\r
  import org.apache.tomcat.util.modeler.Registry;\r
@@ -65,15 +64,6 @@ public class UserMBean extends BaseModelMBean {
      }\r
  \r
  \r
-    // ----------------------------------------------------- Class Variables\r
-\r
-\r
-    /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
      // ----------------------------------------------------- Instance Variables\r
  \r
  \r
@@ -117,7 +107,7 @@ public class UserMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for group " + group);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
@@ -144,7 +134,7 @@ public class UserMBean extends BaseModelMBean {
              } catch (MalformedObjectNameException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      ("Cannot create object name for role " + role);\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
          }\r
diff --git a/java/org/apache/catalina/valves/ErrorReportValve.java b/java/org/apache/catalina/valves/ErrorReportValve.java

index ade583d..0e8b0db 100644 (file)
--- a/java/org/apache/catalina/valves/ErrorReportValve.java
+++ b/java/org/apache/catalina/valves/ErrorReportValve.java
@@ -33,7 +33,6 @@ import org.apache.catalina.util.RequestUtil;
  import org.apache.catalina.util.ServerInfo;\r
  import org.apache.catalina.util.StringManager;\r
  import org.apache.tomcat.util.IntrospectionUtils;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  \r
  /**\r
   * <p>Implementation of a Valve that outputs HTML error pages.</p>\r
@@ -220,8 +219,7 @@ public class ErrorReportValve
  \r
          if (throwable != null) {\r
  \r
-            String stackTrace = JdkCompat.getJdkCompat()\r
-                .getPartialServletStackTrace(throwable);\r
+            String stackTrace = getPartialServletStackTrace(throwable);\r
              sb.append("<p><b>");\r
              sb.append(sm.getString("errorReportValve.exception"));\r
              sb.append("</b> <pre>");\r
@@ -229,8 +227,7 @@ public class ErrorReportValve
              sb.append("</pre></p>");\r
  \r
              while (rootCause != null) {\r
-                stackTrace = JdkCompat.getJdkCompat()\r
-                    .getPartialServletStackTrace(rootCause);\r
+                stackTrace = getPartialServletStackTrace(rootCause);\r
                  sb.append("<p><b>");\r
                  sb.append(sm.getString("errorReportValve.rootCause"));\r
                  sb.append("</b> <pre>");\r
@@ -281,4 +278,29 @@ public class ErrorReportValve
      }\r
  \r
  \r
+    /**\r
+     * Print out a partial servlet stack trace (truncating at the last \r
+     * occurrence of javax.servlet.).\r
+     */\r
+    protected String getPartialServletStackTrace(Throwable t) {\r
+        StringBuffer trace = new StringBuffer();\r
+        trace.append(t.toString()).append('\n');\r
+        StackTraceElement[] elements = t.getStackTrace();\r
+        int pos = elements.length;\r
+        for (int i = 0; i < elements.length; i++) {\r
+            if ((elements[i].getClassName().startsWith\r
+                 ("org.apache.catalina.core.ApplicationFilterChain"))\r
+                && (elements[i].getMethodName().equals("internalDoFilter"))) {\r
+                pos = i;\r
+            }\r
+        }\r
+        for (int i = 0; i < pos; i++) {\r
+            if (!(elements[i].getClassName().startsWith\r
+                  ("org.apache.catalina.core."))) {\r
+                trace.append('\t').append(elements[i].toString()).append('\n');\r
+            }\r
+        }\r
+        return trace.toString();\r
+    }\r
+\r
  }\r
diff --git a/java/org/apache/catalina/valves/RequestFilterValve.java b/java/org/apache/catalina/valves/RequestFilterValve.java

index e1177b5..c34fb9f 100644 (file)
--- a/java/org/apache/catalina/valves/RequestFilterValve.java
+++ b/java/org/apache/catalina/valves/RequestFilterValve.java
@@ -29,7 +29,6 @@ import javax.servlet.http.HttpServletResponse;
  import org.apache.catalina.connector.Request;\r
  import org.apache.catalina.connector.Response;\r
  import org.apache.catalina.util.StringManager;\r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  \r
  /**\r
   * Implementation of a Valve that performs filtering based on comparing the\r
@@ -73,12 +72,6 @@ public abstract class RequestFilterValve
  \r
  \r
      /**\r
-     * JDK compatibility support\r
-     */\r
-    private static final JdkCompat jdkCompat = JdkCompat.getJdkCompat();\r
-\r
-\r
-    /**\r
       * The descriptive information related to this implementation.\r
       */\r
      private static final String info =\r
@@ -234,7 +227,7 @@ public abstract class RequestFilterValve
              } catch (PatternSyntaxException e) {\r
                  IllegalArgumentException iae = new IllegalArgumentException\r
                      (sm.getString("requestFilterValve.syntax", pattern));\r
-                jdkCompat.chainException(iae, e);\r
+                iae.initCause(e);\r
                  throw iae;\r
              }\r
              list = list.substring(comma + 1);\r
diff --git a/java/org/apache/tomcat/util/compat/Jdk14Compat.java b/java/org/apache/tomcat/util/compat/Jdk14Compat.java

deleted file mode 100644 (file)

index db92730..0000000
--- a/java/org/apache/tomcat/util/compat/Jdk14Compat.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.compat;\r
-\r
-import java.io.File;\r
-import java.io.IOException;\r
-import java.net.MalformedURLException;\r
-import java.net.URL;\r
-\r
-//import org.apache.commons.logging.Log;\r
-//import org.apache.commons.logging.LogFactory;\r
-\r
-\r
-/**\r
- *  See JdkCompat. This is an extension of that class for Jdk1.4 support.\r
- *\r
- * @author Tim Funk\r
- * @author Remy Maucherat\r
- */\r
-public class Jdk14Compat extends JdkCompat {\r
-    // -------------------------------------------------------------- Constants\r
-\r
-    // ------------------------------------------------------- Static Variables\r
-    //static Log logger = LogFactory.getLog(Jdk14Compat.class);\r
-\r
-    // ----------------------------------------------------------- Constructors\r
-    /**\r
-     *  Default no-arg constructor\r
-     */\r
-    protected Jdk14Compat() {\r
-    }\r
-\r
-\r
-    // --------------------------------------------------------- Public Methods\r
-\r
-    /**\r
-     *  Return the URI for the given file. Originally created for\r
-     *  o.a.c.loader.WebappClassLoader\r
-     *\r
-     * @param file The file to wrap into URI\r
-     * @return A URI as a URL\r
-     * @throws MalformedURLException Doh ;)\r
-     */\r
-    public URL getURI(File file)\r
-        throws MalformedURLException {\r
-\r
-        File realFile = file;\r
-        try {\r
-            realFile = realFile.getCanonicalFile();\r
-        } catch (IOException e) {\r
-            // Ignore\r
-        }\r
-\r
-        return realFile.toURI().toURL();\r
-    }\r
-\r
-\r
-    /**\r
-     *  Return the maximum amount of memory the JVM will attempt to use.\r
-     */\r
-    public long getMaxMemory() {\r
-        return Runtime.getRuntime().maxMemory();\r
-    }\r
-\r
-\r
-    /**\r
-     * Print out a partial servlet stack trace (truncating at the last \r
-     * occurrence of javax.servlet.).\r
-     */\r
-    public String getPartialServletStackTrace(Throwable t) {\r
-        StringBuffer trace = new StringBuffer();\r
-        trace.append(t.toString()).append('\n');\r
-        StackTraceElement[] elements = t.getStackTrace();\r
-        int pos = elements.length;\r
-        for (int i = 0; i < elements.length; i++) {\r
-            if ((elements[i].getClassName().startsWith\r
-                 ("org.apache.catalina.core.ApplicationFilterChain"))\r
-                && (elements[i].getMethodName().equals("internalDoFilter"))) {\r
-                pos = i;\r
-            }\r
-        }\r
-        for (int i = 0; i < pos; i++) {\r
-            if (!(elements[i].getClassName().startsWith\r
-                  ("org.apache.catalina.core."))) {\r
-                trace.append('\t').append(elements[i].toString()).append('\n');\r
-            }\r
-        }\r
-        return trace.toString();\r
-    }\r
-\r
-    public  String [] split(String path, String pat) {\r
-        return path.split(pat);\r
-    }\r
-\r
-\r
-    /**\r
-     * Chains the <tt>wrapped</tt> throwable to the <tt>wrapper</tt> throwable.\r
-     *\r
-     * @param wrapper The wrapper throwable \r
-     * @param wrapped The throwable to be wrapped\r
-     */\r
-    public void chainException(Throwable wrapper, Throwable wrapped) {\r
-        wrapper.initCause(wrapped);\r
-    }\r
-\r
- }\r
diff --git a/java/org/apache/tomcat/util/compat/JdkCompat.java b/java/org/apache/tomcat/util/compat/JdkCompat.java

deleted file mode 100644 (file)

index 7659ee5..0000000
--- a/java/org/apache/tomcat/util/compat/JdkCompat.java
+++ /dev/null
@@ -1,221 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.compat;\r
-\r
-import java.io.File;\r
-import java.io.IOException;\r
-import java.io.PrintWriter;\r
-import java.io.StringWriter;\r
-import java.net.MalformedURLException;\r
-import java.net.URL;\r
-import java.util.Vector;\r
-\r
-\r
-/**\r
- *  General-purpose utility to provide backward-compatibility and JDK\r
- *  independence. This allow use of JDK1.3 ( or higher ) facilities if\r
- *  available, while maintaining the code compatible with older VMs.\r
- *\r
- *  The goal is to make backward-compatiblity reasonably easy.\r
- *\r
- *  The base class supports JDK1.3 behavior.\r
- *\r
- *  @author Tim Funk\r
- */\r
-public class JdkCompat {\r
-\r
-    // ------------------------------------------------------- Static Variables\r
-\r
-    /**\r
-     * class providing java2 support\r
-     */\r
-    static final String JAVA14_SUPPORT =\r
-        "org.apache.tomcat.util.compat.Jdk14Compat";\r
-\r
-    /** Return java version as a string\r
-     */\r
-    public static String getJavaVersion() {\r
-        return javaVersion;\r
-    }\r
-\r
-    public static boolean isJava2() {\r
-        return java2;\r
-    } \r
-   \r
-    public static boolean isJava14() {\r
-        return java14;\r
-    }\r
-\r
-    public static boolean isJava15() {\r
-        return java15;\r
-    }\r
-\r
-    // -------------------- Implementation --------------------\r
-    \r
-    // from ant\r
-    public static final String JAVA_1_0 = "1.0";\r
-    public static final String JAVA_1_1 = "1.1";\r
-    public static final String JAVA_1_2 = "1.2";\r
-    public static final String JAVA_1_3 = "1.3";\r
-    public static final String JAVA_1_4 = "1.4";\r
-    public static final String JAVA_1_5 = "1.5";\r
-\r
-    static String javaVersion;\r
-    static boolean java2=false;\r
-    static boolean java14=false;\r
-    static boolean java15=false;\r
-    static JdkCompat jdkCompat;\r
-    \r
-    static {\r
-        init();\r
-    }\r
-\r
-    private static void init() {\r
-        try {\r
-            javaVersion = JAVA_1_0;\r
-            Class.forName("java.lang.Void");\r
-            javaVersion = JAVA_1_1;\r
-            Class.forName("java.lang.ThreadLocal");\r
-            java2=true;\r
-            javaVersion = JAVA_1_2;\r
-            Class.forName("java.lang.StrictMath");\r
-            javaVersion = JAVA_1_3;\r
-            Class.forName("java.lang.CharSequence");\r
-            javaVersion = JAVA_1_4;\r
-            java14=true;\r
-            Class.forName("java.lang.Appendable");\r
-            javaVersion = JAVA_1_5;\r
-            java15=true;\r
-        } catch (ClassNotFoundException cnfe) {\r
-            // swallow as we've hit the max class version that we have\r
-        }\r
-        if( java14 ) {\r
-            try {\r
-                Class c=Class.forName(JAVA14_SUPPORT);\r
-                jdkCompat=(JdkCompat)c.newInstance();\r
-            } catch( Exception ex ) {\r
-                jdkCompat=new JdkCompat();\r
-            }\r
-        } else {\r
-            jdkCompat=new JdkCompat();\r
-            // Install jar handler if none installed\r
-        }\r
-    }\r
-\r
-    // ----------------------------------------------------------- Constructors\r
-    /**\r
-     *  Default no-arg constructor\r
-     */\r
-    protected JdkCompat() {\r
-    }\r
-\r
-\r
-    // --------------------------------------------------------- Public Methods\r
-    /**\r
-     * Get a compatibiliy helper class.\r
-     */\r
-    public static JdkCompat getJdkCompat() {\r
-        return jdkCompat;\r
-    }\r
-\r
-    /**\r
-     *  Return the URI for the given file. Originally created for\r
-     *  o.a.c.loader.WebappClassLoader\r
-     *\r
-     * @param file The file to wrap into URI\r
-     * @return A URI as a URL\r
-     * @throws MalformedURLException Doh ;)\r
-     */\r
-    public URL getURI(File file)\r
-        throws MalformedURLException {\r
-\r
-        File realFile = file;\r
-        try {\r
-            realFile = realFile.getCanonicalFile();\r
-        } catch (IOException e) {\r
-            // Ignore\r
-        }\r
-\r
-        return realFile.toURL();\r
-    }\r
-\r
-\r
-    /**\r
-     *  Return the maximum amount of memory the JVM will attempt to use.\r
-     */\r
-    public long getMaxMemory() {\r
-        return (-1L);\r
-    }\r
-\r
-\r
-    /**\r
-     * Print out a partial servlet stack trace (truncating at the last \r
-     * occurrence of javax.servlet.).\r
-     */\r
-    public String getPartialServletStackTrace(Throwable t) {\r
-        StringWriter stackTrace = new StringWriter();\r
-        t.printStackTrace(new PrintWriter(stackTrace));\r
-        String st = stackTrace.toString();\r
-        int i = st.lastIndexOf\r
-            ("org.apache.catalina.core.ApplicationFilterChain.internalDoFilter");\r
-        if (i > -1) {\r
-            return st.substring(0, i - 4);\r
-        } else {\r
-            return st;\r
-        }\r
-    }\r
-\r
-    /**\r
-     * Splits a string into it's components.\r
-     * @param path String to split\r
-     * @param pat Pattern to split at\r
-     * @return the components of the path\r
-     */\r
-    public  String [] split(String path, String pat) {\r
-        Vector comps = new Vector();\r
-        int pos = path.indexOf(pat);\r
-        int start = 0;\r
-        while( pos >= 0 ) {\r
-            if(pos > start ) {\r
-                String comp = path.substring(start,pos);\r
-                comps.add(comp);\r
-            }\r
-            start = pos + pat.length();\r
-            pos = path.indexOf(pat,start);\r
-        }\r
-        if( start < path.length()) {\r
-            comps.add(path.substring(start));\r
-        }\r
-        String [] result = new String[comps.size()];\r
-        for(int i=0; i < comps.size(); i++) {\r
-            result[i] = (String)comps.elementAt(i);\r
-        }\r
-        return result;\r
-    }\r
-\r
-\r
-    /**\r
-     * Chains the <tt>wrapped</tt> throwable to the <tt>wrapper</tt> throwable.\r
-     *\r
-     * @param wrapper The wrapper throwable \r
-     * @param wrapped The throwable to be wrapped\r
-     */\r
-    public void chainException(Throwable wrapper, Throwable wrapped) {\r
-        // do nothing\r
-    }\r
-\r
- }\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE13Factory.java b/java/org/apache/tomcat/util/net/jsse/JSSE13Factory.java

deleted file mode 100644 (file)

index ae22fe3..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE13Factory.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.net.Socket;\r
-import javax.net.ssl.SSLSocket;\r
-import org.apache.tomcat.util.net.SSLSupport;\r
-import org.apache.tomcat.util.net.ServerSocketFactory;\r
-\r
-/**\r
- * Implementation class for JSSEFactory for JSSE 1.0.x (that is an extension\r
- * to the 1.3 JVM).\r
- *\r
- * @author Bill Barker\r
- */\r
-\r
-class JSSE13Factory implements JSSEFactory {\r
-\r
-    JSSE13Factory() {\r
-    }\r
-\r
-    public ServerSocketFactory getSocketFactory() {\r
-        return new JSSE13SocketFactory();\r
-    }\r
-\r
-    public SSLSupport getSSLSupport(Socket socket) {\r
-        return new JSSESupport((SSLSocket)socket);\r
-    }\r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE13SocketFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSE13SocketFactory.java

deleted file mode 100644 (file)

index 89c813f..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE13SocketFactory.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.io.IOException;\r
-import java.security.KeyStore;\r
-import java.security.SecureRandom;\r
-import java.security.Security;\r
-import java.security.Provider;\r
-\r
-import javax.net.ssl.SSLServerSocket;\r
-import javax.net.ssl.SSLSocket;\r
-\r
-/*\r
-  1. Make the JSSE's jars available, either as an installed\r
-     extension (copy them into jre/lib/ext) or by adding\r
-     them to the Tomcat classpath.\r
-  2. keytool -genkey -alias tomcat -keyalg RSA\r
-     Use "changeit" as password ( this is the default we use )\r
- */\r
-\r
-/**\r
- * SSL server socket factory. It _requires_ a valid RSA key and\r
- * JSSE. \r
- *\r
- * @author Harish Prabandham\r
- * @author Costin Manolache\r
- * @author Stefan Freyr Stefansson\r
- * @author EKR -- renamed to JSSESocketFactory\r
- * @author Bill Barker\r
- */\r
-public class JSSE13SocketFactory extends JSSESocketFactory\r
-{\r
-    /**\r
-     * Flag for client authentication\r
-     */\r
-    protected boolean clientAuth = false;\r
-\r
-    public JSSE13SocketFactory () {\r
-        super();\r
-    }\r
-\r
-    /**\r
-     * Reads the keystore and initializes the SSL socket factory.\r
-     *\r
-     * NOTE: This method is identical in functionality to the method of the\r
-     * same name in JSSE14SocketFactory, except that this method is used with\r
-     * JSSE 1.0.x (which is an extension to the 1.3 JVM), whereas the other is\r
-     * used with JSSE 1.1.x (which ships with the 1.4 JVM). Therefore, this\r
-     * method uses classes in com.sun.net.ssl, which have since moved to\r
-     * javax.net.ssl, and explicitly registers the required security providers,\r
-     * which come standard in a 1.4 JVM.\r
-     */\r
-     void init() throws IOException {\r
-        try {\r
-            try {\r
-                Class ssps = Class.forName("sun.security.provider.Sun");\r
-                Security.addProvider ((Provider)ssps.newInstance());\r
-            }catch(Exception cnfe) {\r
-                //Ignore, since this is a non-Sun JVM\r
-            }\r
-            Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());\r
-\r
-            String clientAuthStr = (String)attributes.get("clientauth");\r
-            if("true".equalsIgnoreCase(clientAuthStr) || \r
-               "yes".equalsIgnoreCase(clientAuthStr)  ||\r
-               "want".equalsIgnoreCase(clientAuthStr)) {\r
-                clientAuth = true;\r
-            }\r
-            \r
-            // SSL protocol variant (e.g., TLS, SSL v3, etc.)\r
-            String protocol = (String)attributes.get("protocol");\r
-            if (protocol == null) protocol = defaultProtocol;\r
-            \r
-            // Certificate encoding algorithm (e.g., SunX509)\r
-            String algorithm = (String)attributes.get("algorithm");\r
-            if (algorithm == null) algorithm = defaultAlgorithm;\r
-\r
-            // Set up KeyManager, which will extract server key\r
-            com.sun.net.ssl.KeyManagerFactory kmf = \r
-                com.sun.net.ssl.KeyManagerFactory.getInstance(algorithm);\r
-            String keystoreType = (String)attributes.get("keystoreType");\r
-            if (keystoreType == null) {\r
-                keystoreType = defaultKeystoreType;\r
-            }\r
-            String keystorePass = getKeystorePassword();\r
-            kmf.init(getKeystore(keystoreType, keystorePass),\r
-                     keystorePass.toCharArray());\r
-\r
-            // Set up TrustManager\r
-            com.sun.net.ssl.TrustManager[] tm = null;\r
-            String truststoreType = (String)attributes.get("truststoreType");\r
-            if(truststoreType == null) {\r
-                truststoreType = keystoreType;\r
-            }\r
-            KeyStore trustStore = getTrustStore(truststoreType);\r
-            if (trustStore != null) {\r
-                com.sun.net.ssl.TrustManagerFactory tmf =\r
-                    com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509");\r
-                tmf.init(trustStore);\r
-                tm = tmf.getTrustManagers();\r
-            }\r
-\r
-            // Create and init SSLContext\r
-            com.sun.net.ssl.SSLContext context = \r
-                com.sun.net.ssl.SSLContext.getInstance(protocol); \r
-            context.init(kmf.getKeyManagers(), tm, new SecureRandom());\r
-\r
-            // Create proxy\r
-            sslProxy = context.getServerSocketFactory();\r
-\r
-            // Determine which cipher suites to enable\r
-            String requestedCiphers = (String)attributes.get("ciphers");\r
-            enabledCiphers = getEnabledCiphers(requestedCiphers,\r
-                     sslProxy.getSupportedCipherSuites());\r
-\r
-        } catch(Exception e) {\r
-            if( e instanceof IOException )\r
-                throw (IOException)e;\r
-            throw new IOException(e.getMessage());\r
-        }\r
-    }\r
-    protected String[] getEnabledProtocols(SSLServerSocket socket,\r
-                                           String requestedProtocols){\r
-        return null;\r
-    }\r
-    protected void setEnabledProtocols(SSLServerSocket socket, \r
-                                             String [] protocols){\r
-    }\r
-\r
-    protected void configureClientAuth(SSLServerSocket socket){\r
-        socket.setNeedClientAuth(clientAuth);\r
-    }\r
-\r
-    protected void configureClientAuth(SSLSocket socket){\r
-        // In JSSE 1.0.2 docs it does not explicitly\r
-        // state whether SSLSockets returned from \r
-        // SSLServerSocket.accept() inherit this setting.\r
-        socket.setNeedClientAuth(clientAuth);\r
-    }\r
-\r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE14Factory.java b/java/org/apache/tomcat/util/net/jsse/JSSE14Factory.java

deleted file mode 100644 (file)

index 83cc2af..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE14Factory.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.net.Socket;\r
-import javax.net.ssl.SSLSocket;\r
-import org.apache.tomcat.util.net.SSLSupport;\r
-import org.apache.tomcat.util.net.ServerSocketFactory;\r
-\r
-/**\r
- * Implementation class for JSSEFactory for JSSE 1.1.x (that ships with the\r
- * 1.4 JVM).\r
- *\r
- * @author Bill Barker\r
- */\r
-\r
-class JSSE14Factory implements JSSEFactory {\r
-\r
-    JSSE14Factory() {\r
-    }\r
-\r
-    public ServerSocketFactory getSocketFactory() {\r
-       return new JSSE14SocketFactory();\r
-    }\r
-\r
-    public SSLSupport getSSLSupport(Socket socket) {\r
-       return new JSSE14Support((SSLSocket)socket);\r
-    }\r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java

deleted file mode 100644 (file)

index 4e69cf9..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java
+++ /dev/null
@@ -1,267 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.io.IOException;\r
-import java.security.KeyStore;\r
-import java.security.SecureRandom;\r
-import java.util.Vector;\r
-\r
-import javax.net.ssl.KeyManager;\r
-import javax.net.ssl.KeyManagerFactory;\r
-import javax.net.ssl.SSLContext;\r
-import javax.net.ssl.SSLServerSocket;\r
-import javax.net.ssl.SSLSocket;\r
-import javax.net.ssl.TrustManager;\r
-import javax.net.ssl.TrustManagerFactory;\r
-import javax.net.ssl.X509KeyManager;\r
-\r
-import org.apache.tomcat.util.res.StringManager;\r
-\r
-/*\r
-  1. Make the JSSE's jars available, either as an installed\r
-     extension (copy them into jre/lib/ext) or by adding\r
-     them to the Tomcat classpath.\r
-  2. keytool -genkey -alias tomcat -keyalg RSA\r
-     Use "changeit" as password ( this is the default we use )\r
- */\r
-\r
-/**\r
- * SSL server socket factory. It _requires_ a valid RSA key and\r
- * JSSE. \r
- *\r
- * @author Harish Prabandham\r
- * @author Costin Manolache\r
- * @author Stefan Freyr Stefansson\r
- * @author EKR -- renamed to JSSESocketFactory\r
- * @author Jan Luehe\r
- */\r
-public class JSSE14SocketFactory  extends JSSESocketFactory {\r
-\r
-    private static StringManager sm =\r
-        StringManager.getManager("org.apache.tomcat.util.net.jsse.res");\r
-\r
-    /**\r
-     * Flag to state that we require client authentication.\r
-     */\r
-    protected boolean requireClientAuth = false;\r
-\r
-    /**\r
-     * Flag to state that we would like client authentication.\r
-     */\r
-    protected boolean wantClientAuth    = false;\r
-\r
-    public JSSE14SocketFactory () {\r
-        super();\r
-    }\r
-\r
-    /**\r
-     * Reads the keystore and initializes the SSL socket factory.\r
-     */\r
-    void init() throws IOException {\r
-        try {\r
-\r
-            String clientAuthStr = (String) attributes.get("clientauth");\r
-            if("true".equalsIgnoreCase(clientAuthStr) ||\r
-               "yes".equalsIgnoreCase(clientAuthStr)) {\r
-                requireClientAuth = true;\r
-            } else if("want".equalsIgnoreCase(clientAuthStr)) {\r
-                wantClientAuth = true;\r
-            }\r
-\r
-            // SSL protocol variant (e.g., TLS, SSL v3, etc.)\r
-            String protocol = (String) attributes.get("protocol");\r
-            if (protocol == null) {\r
-                protocol = defaultProtocol;\r
-            }\r
-\r
-            // Certificate encoding algorithm (e.g., SunX509)\r
-            String algorithm = (String) attributes.get("algorithm");\r
-            if (algorithm == null) {\r
-                algorithm = defaultAlgorithm;\r
-            }\r
-\r
-            String keystoreType = (String) attributes.get("keystoreType");\r
-            if (keystoreType == null) {\r
-                keystoreType = defaultKeystoreType;\r
-            }\r
-\r
-           String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");\r
-           if( trustAlgorithm == null ) {\r
-               trustAlgorithm = algorithm;\r
-           }\r
-            // Create and init SSLContext\r
-            SSLContext context = SSLContext.getInstance(protocol); \r
-            context.init(getKeyManagers(keystoreType, algorithm,\r
-                                        (String) attributes.get("keyAlias")),\r
-                         getTrustManagers(keystoreType, trustAlgorithm),\r
-                         new SecureRandom());\r
-\r
-            // create proxy\r
-            sslProxy = context.getServerSocketFactory();\r
-\r
-            // Determine which cipher suites to enable\r
-            String requestedCiphers = (String)attributes.get("ciphers");\r
-            enabledCiphers = getEnabledCiphers(requestedCiphers,\r
-                                               sslProxy.getSupportedCipherSuites());\r
-\r
-        } catch(Exception e) {\r
-            if( e instanceof IOException )\r
-                throw (IOException)e;\r
-            throw new IOException(e.getMessage());\r
-        }\r
-    }\r
-\r
-    /**\r
-     * Gets the initialized key managers.\r
-     */\r
-    protected KeyManager[] getKeyManagers(String keystoreType,\r
-                                          String algorithm,\r
-                                          String keyAlias)\r
-                throws Exception {\r
-\r
-        KeyManager[] kms = null;\r
-\r
-        String keystorePass = getKeystorePassword();\r
-\r
-        KeyStore ks = getKeystore(keystoreType, keystorePass);\r
-        if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {\r
-            throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));\r
-        }\r
-\r
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);\r
-        kmf.init(ks, keystorePass.toCharArray());\r
-\r
-        kms = kmf.getKeyManagers();\r
-        if (keyAlias != null) {\r
-            if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) {\r
-                keyAlias = keyAlias.toLowerCase();\r
-            }\r
-            for(int i=0; i<kms.length; i++) {\r
-                kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], keyAlias);\r
-            }\r
-        }\r
-\r
-        return kms;\r
-    }\r
-\r
-    /**\r
-     * Gets the intialized trust managers.\r
-     */\r
-    protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)\r
-                throws Exception {\r
-\r
-        TrustManager[] tms = null;\r
-\r
-        String truststoreType = (String)attributes.get("truststoreType");\r
-        if(truststoreType == null) {\r
-            truststoreType = keystoreType;\r
-        }\r
-        KeyStore trustStore = getTrustStore(truststoreType);\r
-        if (trustStore != null) {\r
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);\r
-            tmf.init(trustStore);\r
-            tms = tmf.getTrustManagers();\r
-        }\r
-\r
-        return tms;\r
-    }\r
-    protected void setEnabledProtocols(SSLServerSocket socket, String []protocols){\r
-        if (protocols != null) {\r
-            socket.setEnabledProtocols(protocols);\r
-        }\r
-    }\r
-\r
-    protected String[] getEnabledProtocols(SSLServerSocket socket,\r
-                                           String requestedProtocols){\r
-        String[] supportedProtocols = socket.getSupportedProtocols();\r
-\r
-        String[] enabledProtocols = null;\r
-\r
-        if (requestedProtocols != null) {\r
-            Vector vec = null;\r
-            String protocol = requestedProtocols;\r
-            int index = requestedProtocols.indexOf(',');\r
-            if (index != -1) {\r
-                int fromIndex = 0;\r
-                while (index != -1) {\r
-                    protocol = requestedProtocols.substring(fromIndex, index).trim();\r
-                    if (protocol.length() > 0) {\r
-                        /*\r
-                         * Check to see if the requested protocol is among the\r
-                         * supported protocols, i.e., may be enabled\r
-                         */\r
-                        for (int i=0; supportedProtocols != null\r
-                                     && i<supportedProtocols.length; i++) {\r
-                            if (supportedProtocols[i].equals(protocol)) {\r
-                                if (vec == null) {\r
-                                    vec = new Vector();\r
-                                }\r
-                                vec.addElement(protocol);\r
-                                break;\r
-                            }\r
-                        }\r
-                    }\r
-                    fromIndex = index+1;\r
-                    index = requestedProtocols.indexOf(',', fromIndex);\r
-                } // while\r
-                protocol = requestedProtocols.substring(fromIndex);\r
-            }\r
-\r
-            if (protocol != null) {\r
-                protocol = protocol.trim();\r
-                if (protocol.length() > 0) {\r
-                    /*\r
-                     * Check to see if the requested protocol is among the\r
-                     * supported protocols, i.e., may be enabled\r
-                     */\r
-                    for (int i=0; supportedProtocols != null\r
-                                 && i<supportedProtocols.length; i++) {\r
-                        if (supportedProtocols[i].equals(protocol)) {\r
-                            if (vec == null) {\r
-                                vec = new Vector();\r
-                            }\r
-                            vec.addElement(protocol);\r
-                            break;\r
-                        }\r
-                    }\r
-                }\r
-            }           \r
-\r
-            if (vec != null) {\r
-                enabledProtocols = new String[vec.size()];\r
-                vec.copyInto(enabledProtocols);\r
-            }\r
-        }\r
-\r
-        return enabledProtocols;\r
-    }\r
-\r
-    protected void configureClientAuth(SSLServerSocket socket){\r
-        if (wantClientAuth){\r
-            socket.setWantClientAuth(wantClientAuth);\r
-        } else {\r
-            socket.setNeedClientAuth(requireClientAuth);\r
-        }\r
-    }\r
-\r
-    protected void configureClientAuth(SSLSocket socket){\r
-        // Per JavaDocs: SSLSockets returned from \r
-        // SSLServerSocket.accept() inherit this setting.\r
-    }\r
-    \r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE14Support.java b/java/org/apache/tomcat/util/net/jsse/JSSE14Support.java

deleted file mode 100644 (file)

index 1bc164b..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE14Support.java
+++ /dev/null
@@ -1,158 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.io.ByteArrayInputStream;\r
-import java.io.IOException;\r
-import java.io.InputStream;\r
-import java.net.SocketException;\r
-import java.security.cert.Certificate;\r
-import java.security.cert.CertificateFactory;\r
-import java.security.cert.X509Certificate;\r
-\r
-import javax.net.ssl.HandshakeCompletedEvent;\r
-import javax.net.ssl.HandshakeCompletedListener;\r
-import javax.net.ssl.SSLException;\r
-import javax.net.ssl.SSLSession;\r
-import javax.net.ssl.SSLSocket;\r
-\r
-\r
-/* JSSESupport\r
-\r
-   Concrete implementation class for JSSE\r
-   Support classes.\r
-\r
-   This will only work with JDK 1.2 and up since it\r
-   depends on JDK 1.2's certificate support\r
-\r
-   @author EKR\r
-   @author Craig R. McClanahan\r
-   Parts cribbed from JSSECertCompat       \r
-   Parts cribbed from CertificatesValve\r
-*/\r
-\r
-class JSSE14Support extends JSSESupport {\r
-\r
-    private static org.apache.commons.logging.Log logger =\r
-        org.apache.commons.logging.LogFactory.getLog(JSSE14Support.class);\r
-\r
-    Listener listener = new Listener();\r
-\r
-    public JSSE14Support(SSLSocket sock){\r
-        super(sock);\r
-        sock.addHandshakeCompletedListener(listener);\r
-    }\r
-\r
-    protected void handShake() throws IOException {\r
-        if( ssl.getWantClientAuth() ) {\r
-            logger.debug("No client cert sent for want");\r
-        } else {\r
-            ssl.setNeedClientAuth(true);\r
-        }\r
-        synchronousHandshake(ssl);\r
-    }\r
-\r
-    /**\r
-     * JSSE in JDK 1.4 has an issue/feature that requires us to do a\r
-     * read() to get the client-cert.  As suggested by Andreas\r
-     * Sterbenz\r
-     */\r
-    private  void synchronousHandshake(SSLSocket socket) \r
-        throws IOException {\r
-        InputStream in = socket.getInputStream();\r
-        int oldTimeout = socket.getSoTimeout();\r
-        socket.setSoTimeout(1000);\r
-        byte[] b = new byte[0];\r
-        listener.reset();\r
-        socket.startHandshake();\r
-        int maxTries = 60; // 60 * 1000 = example 1 minute time out\r
-        for (int i = 0; i < maxTries; i++) {\r
-           if(logger.isTraceEnabled())\r
-               logger.trace("Reading for try #" +i);\r
-            try {\r
-                int x = in.read(b);\r
-            } catch(SSLException sslex) {\r
-                logger.info("SSL Error getting client Certs",sslex);\r
-                throw sslex;\r
-            } catch (IOException e) {\r
-                // ignore - presumably the timeout\r
-            }\r
-            if (listener.completed) {\r
-                break;\r
-            }\r
-        }\r
-        socket.setSoTimeout(oldTimeout);\r
-        if (listener.completed == false) {\r
-            throw new SocketException("SSL Cert handshake timeout");\r
-        }\r
-    }\r
-\r
-    /** Return the X509certificates or null if we can't get them.\r
-     *  XXX We should allow unverified certificates \r
-     */ \r
-    protected X509Certificate [] getX509Certificates(SSLSession session) \r
-       throws IOException \r
-    {\r
-        Certificate [] certs=null;\r
-        try {\r
-           certs = session.getPeerCertificates();\r
-        } catch( Throwable t ) {\r
-            logger.debug("Error getting client certs",t);\r
-            return null;\r
-        }\r
-        if( certs==null ) return null;\r
-        \r
-        X509Certificate [] x509Certs = new X509Certificate[certs.length];\r
-       for(int i=0; i < certs.length; i++) {\r
-           if( certs[i] instanceof X509Certificate ) {\r
-               // always currently true with the JSSE 1.1.x\r
-               x509Certs[i] = (X509Certificate)certs[i];\r
-           } else {\r
-               try {\r
-                   byte [] buffer = certs[i].getEncoded();\r
-                   CertificateFactory cf =\r
-                       CertificateFactory.getInstance("X.509");\r
-                   ByteArrayInputStream stream =\r
-                       new ByteArrayInputStream(buffer);\r
-                   x509Certs[i] = (X509Certificate)\r
-                       cf.generateCertificate(stream);\r
-               } catch(Exception ex) { \r
-                   logger.info("Error translating cert " + certs[i], ex);\r
-                   return null;\r
-               }\r
-           }\r
-           if(logger.isTraceEnabled())\r
-               logger.trace("Cert #" + i + " = " + x509Certs[i]);\r
-       }\r
-       if(x509Certs.length < 1)\r
-           return null;\r
-       return x509Certs;\r
-    }\r
-\r
-\r
-    private static class Listener implements HandshakeCompletedListener {\r
-        volatile boolean completed = false;\r
-        public void handshakeCompleted(HandshakeCompletedEvent event) {\r
-            completed = true;\r
-        }\r
-        void reset() {\r
-            completed = false;\r
-        }\r
-    }\r
-\r
-}\r
-\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE15Factory.java b/java/org/apache/tomcat/util/net/jsse/JSSE15Factory.java

deleted file mode 100644 (file)

index bf4fc57..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE15Factory.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.net.Socket;\r
-import javax.net.ssl.SSLSocket;\r
-import org.apache.tomcat.util.net.SSLSupport;\r
-import org.apache.tomcat.util.net.ServerSocketFactory;\r
-\r
-/**\r
- * Implementation class for JSSEFactory for JSSE 1.1.x (that ships with the\r
- * 1.5 JVM).\r
- *\r
- * @author Bill Barker\r
- */\r
-\r
-class JSSE15Factory extends JSSE14Factory {\r
-\r
-    JSSE15Factory() {\r
-        super();\r
-    }\r
-\r
-    public ServerSocketFactory getSocketFactory() {\r
-        return new JSSE15SocketFactory();\r
-    }\r
-\r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSE15SocketFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSE15SocketFactory.java

deleted file mode 100644 (file)

index ef24a41..0000000
--- a/java/org/apache/tomcat/util/net/jsse/JSSE15SocketFactory.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/*\r
- *  Copyright 1999-2004 The Apache Software Foundation\r
- *\r
- *  Licensed under the Apache License, Version 2.0 (the "License");\r
- *  you may not use this file except in compliance with the License.\r
- *  You may obtain a copy of the License at\r
- *\r
- *      http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- *  Unless required by applicable law or agreed to in writing, software\r
- *  distributed under the License is distributed on an "AS IS" BASIS,\r
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- *  See the License for the specific language governing permissions and\r
- *  limitations under the License.\r
- */\r
-\r
-package org.apache.tomcat.util.net.jsse;\r
-\r
-import java.io.IOException;\r
-import java.io.File;\r
-import java.io.FileInputStream;\r
-import java.io.InputStream;\r
-import java.util.Collection;\r
-import java.security.KeyStore;\r
-import java.security.cert.PKIXBuilderParameters;\r
-import java.security.cert.X509CertSelector;\r
-import java.security.cert.CRL;\r
-import java.security.cert.CollectionCertStoreParameters;\r
-import java.security.cert.CertStoreParameters;\r
-import java.security.cert.CertPathParameters;\r
-import java.security.cert.CertStore;\r
-import java.security.cert.CertificateFactory;\r
-import java.security.cert.CRLException;\r
-import java.security.cert.CertificateException;\r
-\r
-import javax.net.ssl.TrustManager;\r
-import javax.net.ssl.TrustManagerFactory;\r
-import javax.net.ssl.X509KeyManager;\r
-import javax.net.ssl.ManagerFactoryParameters;\r
-import javax.net.ssl.CertPathTrustManagerParameters;\r
-\r
-/**\r
- * SSL Socket Factory for JDK 1.5\r
- *\r
- * @author Bill Barker\r
- */\r
-public class JSSE15SocketFactory  extends JSSE14SocketFactory {\r
-\r
-    private static org.apache.commons.logging.Log log =\r
-        org.apache.commons.logging.LogFactory.getLog(JSSE15SocketFactory.class);\r
-\r
-    public JSSE15SocketFactory() {\r
-        super();\r
-    }\r
-\r
-\r
-    /**\r
-     * Gets the intialized trust managers.\r
-     */\r
-    protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)\r
-        throws Exception {\r
-        if(attributes.get("truststoreAlgorithm") == null) {\r
-            // in 1.5, the Trust default isn't the same as the Key default.\r
-            algorithm = TrustManagerFactory.getDefaultAlgorithm();\r
-        }\r
-        String crlf = (String)attributes.get("crlFile");\r
-        if(crlf == null) {\r
-            return super.getTrustManagers(keystoreType, algorithm);\r
-        }\r
-\r
-        TrustManager[] tms = null;\r
-\r
-        String truststoreType = (String)attributes.get("truststoreType");\r
-        if(truststoreType == null) {\r
-            truststoreType = keystoreType;\r
-        }\r
-        KeyStore trustStore = getTrustStore(truststoreType);\r
-        if (trustStore != null) {\r
-            TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);\r
-            CertPathParameters params = getParameters(algorithm, crlf, trustStore);\r
-            ManagerFactoryParameters mfp = new CertPathTrustManagerParameters(params);\r
-            tmf.init(mfp);\r
-            tms = tmf.getTrustManagers();\r
-        }\r
-\r
-        return tms;\r
-    }\r
-\r
-\r
-    /**\r
-     * Return the initialization parameters for the TrustManager.\r
-     * Currently, only the default <code>PKIX</code> is supported.\r
-     * \r
-     * @param algorithm The algorithm to get parameters for.\r
-     * @param crlf The path to the CRL file.\r
-     * @param trustStore The configured TrustStore.\r
-     * @return The parameters including the CRLs and TrustStore.\r
-     */\r
-    protected CertPathParameters getParameters(String algorithm, \r
-                                                String crlf, \r
-                                                KeyStore trustStore)\r
-        throws Exception {\r
-        CertPathParameters params = null;\r
-        if("PKIX".equalsIgnoreCase(algorithm)) {\r
-            PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, \r
-                                                                     new X509CertSelector());\r
-            Collection crls = getCRLs(crlf);\r
-            CertStoreParameters csp = new CollectionCertStoreParameters(crls);\r
-            CertStore store = CertStore.getInstance("Collection", csp);\r
-            xparams.addCertStore(store);\r
-            xparams.setRevocationEnabled(true);\r
-            String trustLength = (String)attributes.get("trustMaxCertLength");\r
-            if(trustLength != null) {\r
-                try {\r
-                    xparams.setMaxPathLength(Integer.parseInt(trustLength));\r
-                } catch(Exception ex) {\r
-                    log.warn("Bad maxCertLength: "+trustLength);\r
-                }\r
-            }\r
-\r
-            params = xparams;\r
-        } else {\r
-            throw new CRLException("CRLs not supported for type: "+algorithm);\r
-        }\r
-        return params;\r
-    }\r
-\r
-\r
-    /**\r
-     * Load the collection of CRLs.\r
-     * \r
-     */\r
-    protected Collection<? extends CRL> getCRLs(String crlf) \r
-        throws IOException, CRLException, CertificateException {\r
-\r
-        File crlFile = new File(crlf);\r
-        if( !crlFile.isAbsolute() ) {\r
-            crlFile = new File(System.getProperty("catalina.base"), crlf);\r
-        }\r
-        Collection<? extends CRL> crls = null;\r
-        InputStream is = null;\r
-        try {\r
-            CertificateFactory cf = CertificateFactory.getInstance("X.509");\r
-            is = new FileInputStream(crlFile);\r
-            crls = cf.generateCRLs(is);\r
-        } catch(IOException iex) {\r
-            throw iex;\r
-        } catch(CRLException crle) {\r
-            throw crle;\r
-        } catch(CertificateException ce) {\r
-            throw ce;\r
-        } finally { \r
-            if(is != null) {\r
-                try{\r
-                    is.close();\r
-                } catch(Exception ex) {\r
-                }\r
-            }\r
-        }\r
-        return crls;\r
-    }\r
-\r
-}\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSEFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSEFactory.java

index e19f623..1d8aaf7 100644 (file)
--- a/java/org/apache/tomcat/util/net/jsse/JSSEFactory.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSEFactory.java
@@ -17,6 +17,9 @@
  package org.apache.tomcat.util.net.jsse;\r
  \r
  import java.net.Socket;\r
+\r
+import javax.net.ssl.SSLSocket;\r
+\r
  import org.apache.tomcat.util.net.SSLSupport;\r
  import org.apache.tomcat.util.net.ServerSocketFactory;\r
  \r
@@ -27,16 +30,20 @@ import org.apache.tomcat.util.net.ServerSocketFactory;
   * @author Bill Barker\r
   */\r
  \r
-interface JSSEFactory {\r
+public class JSSEFactory {\r
  \r
      /**\r
       * Returns the ServerSocketFactory to use.\r
       */\r
-    public ServerSocketFactory getSocketFactory();\r
+    public ServerSocketFactory getSocketFactory() {\r
+        return new JSSESocketFactory();\r
+    }\r
  \r
      /**\r
       * returns the SSLSupport attached to this socket.\r
       */\r
-    public SSLSupport getSSLSupport(Socket socket);\r
+    public SSLSupport getSSLSupport(Socket socket) {\r
+        return new JSSESupport((SSLSocket)socket);\r
+    }\r
  \r
  };\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java b/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java

index 9ee643d..1102ab4 100644 (file)
--- a/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java
@@ -18,7 +18,6 @@ package org.apache.tomcat.util.net.jsse;
  \r
  import java.net.Socket;\r
  \r
-import org.apache.tomcat.util.compat.JdkCompat;\r
  import org.apache.tomcat.util.net.SSLImplementation;\r
  import org.apache.tomcat.util.net.SSLSupport;\r
  import org.apache.tomcat.util.net.ServerSocketFactory;\r
@@ -32,12 +31,6 @@ import org.apache.tomcat.util.net.ServerSocketFactory;
          \r
  public class JSSEImplementation extends SSLImplementation\r
  {\r
-    static final String JSSE15Factory =\r
-       "org.apache.tomcat.util.net.jsse.JSSE15Factory";\r
-    static final String JSSE14Factory = \r
-        "org.apache.tomcat.util.net.jsse.JSSE14Factory";\r
-    static final String JSSE13Factory = \r
-        "org.apache.tomcat.util.net.jsse.JSSE13Support";\r
      static final String SSLSocketClass = "javax.net.ssl.SSLSocket";\r
  \r
      static org.apache.commons.logging.Log logger = \r
@@ -48,27 +41,7 @@ public class JSSEImplementation extends SSLImplementation
      public JSSEImplementation() throws ClassNotFoundException {\r
          // Check to see if JSSE is floating around somewhere\r
          Class.forName(SSLSocketClass);\r
-        if( JdkCompat.isJava15() ) {\r
-            try {\r
-                Class factcl = Class.forName(JSSE15Factory);\r
-                factory = (JSSEFactory)factcl.newInstance();\r
-            } catch(Exception ex) {\r
-                if(logger.isDebugEnabled())\r
-                    logger.debug("Error getting factory: " + JSSE15Factory, ex);\r
-            }\r
-        }\r
-        if(factory == null && JdkCompat.isJava14() ) {\r
-            try {\r
-                Class factcl = Class.forName(JSSE14Factory);\r
-                factory = (JSSEFactory)factcl.newInstance();\r
-            } catch(Exception ex) {\r
-                if(logger.isDebugEnabled()) {\r
-                    logger.debug("Error getting factory: " + JSSE14Factory, ex);\r
-                }\r
-            }\r
-        } if(factory == null) {\r
-            factory = new JSSE13Factory();\r
-        }\r
+        factory = new JSSEFactory();\r
      }\r
  \r
  \r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

index 8bef00f..0d317df 100644 (file)
--- a/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
@@ -26,12 +26,34 @@ import java.net.ServerSocket;
  import java.net.Socket;\r
  import java.net.SocketException;\r
  import java.security.KeyStore;\r
+import java.security.SecureRandom;\r
+import java.security.cert.CRL;\r
+import java.security.cert.CRLException;\r
+import java.security.cert.CertPathParameters;\r
+import java.security.cert.CertStore;\r
+import java.security.cert.CertStoreParameters;\r
+import java.security.cert.CertificateException;\r
+import java.security.cert.CertificateFactory;\r
+import java.security.cert.CollectionCertStoreParameters;\r
+import java.security.cert.PKIXBuilderParameters;\r
+import java.security.cert.X509CertSelector;\r
+import java.util.Collection;\r
  import java.util.Vector;\r
  \r
+import javax.net.ssl.CertPathTrustManagerParameters;\r
+import javax.net.ssl.KeyManager;\r
+import javax.net.ssl.KeyManagerFactory;\r
+import javax.net.ssl.ManagerFactoryParameters;\r
+import javax.net.ssl.SSLContext;\r
  import javax.net.ssl.SSLException;\r
  import javax.net.ssl.SSLServerSocket;\r
  import javax.net.ssl.SSLServerSocketFactory;\r
  import javax.net.ssl.SSLSocket;\r
+import javax.net.ssl.TrustManager;\r
+import javax.net.ssl.TrustManagerFactory;\r
+import javax.net.ssl.X509KeyManager;\r
+\r
+import org.apache.tomcat.util.res.StringManager;\r
  \r
  /*\r
    1. Make the JSSE's jars available, either as an installed\r
@@ -49,10 +71,15 @@ import javax.net.ssl.SSLSocket;
   * @author Costin Manolache\r
   * @author Stefan Freyr Stefansson\r
   * @author EKR -- renamed to JSSESocketFactory\r
+ * @author Jan Luehe\r
+ * @author Bill Barker\r
   */\r
-public abstract class JSSESocketFactory\r
-    extends org.apache.tomcat.util.net.ServerSocketFactory\r
-{\r
+public class JSSESocketFactory\r
+    extends org.apache.tomcat.util.net.ServerSocketFactory {\r
+\r
+    private static StringManager sm =\r
+        StringManager.getManager("org.apache.tomcat.util.net.jsse.res");\r
+\r
      // defaults\r
      static String defaultProtocol = "TLS";\r
      static String defaultAlgorithm = "SunX509";\r
@@ -68,7 +95,17 @@ public abstract class JSSESocketFactory
      protected String clientAuth = "false";\r
      protected SSLServerSocketFactory sslProxy = null;\r
      protected String[] enabledCiphers;\r
-   \r
+\r
+    /**\r
+     * Flag to state that we require client authentication.\r
+     */\r
+    protected boolean requireClientAuth = false;\r
+\r
+    /**\r
+     * Flag to state that we would like client authentication.\r
+     */\r
+    protected boolean wantClientAuth    = false;\r
+\r
  \r
      public JSSESocketFactory () {\r
      }\r
@@ -303,12 +340,214 @@ public abstract class JSSESocketFactory
  \r
      /**\r
       * Reads the keystore and initializes the SSL socket factory.\r
-     *\r
-     * Place holder method to initialize the KeyStore, etc.\r
       */\r
-    abstract void init() throws IOException ;\r
+    void init() throws IOException {\r
+        try {\r
  \r
-    /*\r
+            String clientAuthStr = (String) attributes.get("clientauth");\r
+            if("true".equalsIgnoreCase(clientAuthStr) ||\r
+               "yes".equalsIgnoreCase(clientAuthStr)) {\r
+                requireClientAuth = true;\r
+            } else if("want".equalsIgnoreCase(clientAuthStr)) {\r
+                wantClientAuth = true;\r
+            }\r
+\r
+            // SSL protocol variant (e.g., TLS, SSL v3, etc.)\r
+            String protocol = (String) attributes.get("protocol");\r
+            if (protocol == null) {\r
+                protocol = defaultProtocol;\r
+            }\r
+\r
+            // Certificate encoding algorithm (e.g., SunX509)\r
+            String algorithm = (String) attributes.get("algorithm");\r
+            if (algorithm == null) {\r
+                algorithm = defaultAlgorithm;\r
+            }\r
+\r
+            String keystoreType = (String) attributes.get("keystoreType");\r
+            if (keystoreType == null) {\r
+                keystoreType = defaultKeystoreType;\r
+            }\r
+\r
+        String trustAlgorithm = (String)attributes.get("truststoreAlgorithm");\r
+        if( trustAlgorithm == null ) {\r
+        trustAlgorithm = algorithm;\r
+        }\r
+            // Create and init SSLContext\r
+            SSLContext context = SSLContext.getInstance(protocol); \r
+            context.init(getKeyManagers(keystoreType, algorithm,\r
+                                        (String) attributes.get("keyAlias")),\r
+                         getTrustManagers(keystoreType, trustAlgorithm),\r
+                         new SecureRandom());\r
+\r
+            // create proxy\r
+            sslProxy = context.getServerSocketFactory();\r
+\r
+            // Determine which cipher suites to enable\r
+            String requestedCiphers = (String)attributes.get("ciphers");\r
+            enabledCiphers = getEnabledCiphers(requestedCiphers,\r
+                                               sslProxy.getSupportedCipherSuites());\r
+\r
+        } catch(Exception e) {\r
+            if( e instanceof IOException )\r
+                throw (IOException)e;\r
+            throw new IOException(e.getMessage());\r
+        }\r
+    }\r
+\r
+    /**\r
+     * Gets the initialized key managers.\r
+     */\r
+    protected KeyManager[] getKeyManagers(String keystoreType,\r
+                                          String algorithm,\r
+                                          String keyAlias)\r
+                throws Exception {\r
+\r
+        KeyManager[] kms = null;\r
+\r
+        String keystorePass = getKeystorePassword();\r
+\r
+        KeyStore ks = getKeystore(keystoreType, keystorePass);\r
+        if (keyAlias != null && !ks.isKeyEntry(keyAlias)) {\r
+            throw new IOException(sm.getString("jsse.alias_no_key_entry", keyAlias));\r
+        }\r
+\r
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);\r
+        kmf.init(ks, keystorePass.toCharArray());\r
+\r
+        kms = kmf.getKeyManagers();\r
+        if (keyAlias != null) {\r
+            if (JSSESocketFactory.defaultKeystoreType.equals(keystoreType)) {\r
+                keyAlias = keyAlias.toLowerCase();\r
+            }\r
+            for(int i=0; i<kms.length; i++) {\r
+                kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], keyAlias);\r
+            }\r
+        }\r
+\r
+        return kms;\r
+    }\r
+\r
+    /**\r
+     * Gets the intialized trust managers.\r
+     */\r
+    protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)\r
+        throws Exception {\r
+        if (attributes.get("truststoreAlgorithm") == null) {\r
+            // in 1.5, the Trust default isn't the same as the Key default.\r
+            algorithm = TrustManagerFactory.getDefaultAlgorithm();\r
+        }\r
+        String crlf = (String) attributes.get("crlFile");\r
+        \r
+        TrustManager[] tms = null;\r
+        \r
+        String truststoreType = (String) attributes.get("truststoreType");\r
+        if (truststoreType == null) {\r
+            truststoreType = keystoreType;\r
+        }\r
+        KeyStore trustStore = getTrustStore(truststoreType);\r
+        if (trustStore != null) {\r
+            if (crlf == null) {\r
+                TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);\r
+                tmf.init(trustStore);\r
+                tms = tmf.getTrustManagers();\r
+            } else {\r
+                TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);\r
+                CertPathParameters params = getParameters(algorithm, crlf, trustStore);\r
+                ManagerFactoryParameters mfp = new CertPathTrustManagerParameters(params);\r
+                tmf.init(mfp);\r
+                tms = tmf.getTrustManagers();\r
+            }\r
+        }\r
+        \r
+        return tms;\r
+    }\r
+    \r
+    /**\r
+     * Return the initialization parameters for the TrustManager.\r
+     * Currently, only the default <code>PKIX</code> is supported.\r
+     * \r
+     * @param algorithm The algorithm to get parameters for.\r
+     * @param crlf The path to the CRL file.\r
+     * @param trustStore The configured TrustStore.\r
+     * @return The parameters including the CRLs and TrustStore.\r
+     */\r
+    protected CertPathParameters getParameters(String algorithm, \r
+                                                String crlf, \r
+                                                KeyStore trustStore)\r
+        throws Exception {\r
+        CertPathParameters params = null;\r
+        if("PKIX".equalsIgnoreCase(algorithm)) {\r
+            PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, \r
+                                                                     new X509CertSelector());\r
+            Collection crls = getCRLs(crlf);\r
+            CertStoreParameters csp = new CollectionCertStoreParameters(crls);\r
+            CertStore store = CertStore.getInstance("Collection", csp);\r
+            xparams.addCertStore(store);\r
+            xparams.setRevocationEnabled(true);\r
+            String trustLength = (String)attributes.get("trustMaxCertLength");\r
+            if(trustLength != null) {\r
+                try {\r
+                    xparams.setMaxPathLength(Integer.parseInt(trustLength));\r
+                } catch(Exception ex) {\r
+                    log.warn("Bad maxCertLength: "+trustLength);\r
+                }\r
+            }\r
+\r
+            params = xparams;\r
+        } else {\r
+            throw new CRLException("CRLs not supported for type: "+algorithm);\r
+        }\r
+        return params;\r
+    }\r
+\r
+\r
+    /**\r
+     * Load the collection of CRLs.\r
+     * \r
+     */\r
+    protected Collection<? extends CRL> getCRLs(String crlf) \r
+        throws IOException, CRLException, CertificateException {\r
+\r
+        File crlFile = new File(crlf);\r
+        if( !crlFile.isAbsolute() ) {\r
+            crlFile = new File(System.getProperty("catalina.base"), crlf);\r
+        }\r
+        Collection<? extends CRL> crls = null;\r
+        InputStream is = null;\r
+        try {\r
+            CertificateFactory cf = CertificateFactory.getInstance("X.509");\r
+            is = new FileInputStream(crlFile);\r
+            crls = cf.generateCRLs(is);\r
+        } catch(IOException iex) {\r
+            throw iex;\r
+        } catch(CRLException crle) {\r
+            throw crle;\r
+        } catch(CertificateException ce) {\r
+            throw ce;\r
+        } finally { \r
+            if(is != null) {\r
+                try{\r
+                    is.close();\r
+                } catch(Exception ex) {\r
+                }\r
+            }\r
+        }\r
+        return crls;\r
+    }\r
+\r
+    /**\r
+     * Set the SSL protocol variants to be enabled.\r
+     * @param socket the SSLServerSocket.\r
+     * @param protocols the protocols to use.\r
+     */\r
+    protected void setEnabledProtocols(SSLServerSocket socket, String []protocols){\r
+        if (protocols != null) {\r
+            socket.setEnabledProtocols(protocols);\r
+        }\r
+    }\r
+\r
+    /**\r
       * Determines the SSL protocol variants to be enabled.\r
       *\r
       * @param socket The socket to get supported list from.\r
@@ -318,16 +557,70 @@ public abstract class JSSESocketFactory
       * @return Array of SSL protocol variants to be enabled, or null if none of\r
       * the requested protocol variants are supported\r
       */\r
-    abstract protected String[] getEnabledProtocols(SSLServerSocket socket,\r
-                                                    String requestedProtocols);\r
+    protected String[] getEnabledProtocols(SSLServerSocket socket,\r
+                                           String requestedProtocols){\r
+        String[] supportedProtocols = socket.getSupportedProtocols();\r
  \r
-    /**\r
-     * Set the SSL protocol variants to be enabled.\r
-     * @param socket the SSLServerSocket.\r
-     * @param protocols the protocols to use.\r
-     */\r
-    abstract protected void setEnabledProtocols(SSLServerSocket socket, \r
-                                            String [] protocols);\r
+        String[] enabledProtocols = null;\r
+\r
+        if (requestedProtocols != null) {\r
+            Vector vec = null;\r
+            String protocol = requestedProtocols;\r
+            int index = requestedProtocols.indexOf(',');\r
+            if (index != -1) {\r
+                int fromIndex = 0;\r
+                while (index != -1) {\r
+                    protocol = requestedProtocols.substring(fromIndex, index).trim();\r
+                    if (protocol.length() > 0) {\r
+                        /*\r
+                         * Check to see if the requested protocol is among the\r
+                         * supported protocols, i.e., may be enabled\r
+                         */\r
+                        for (int i=0; supportedProtocols != null\r
+                                     && i<supportedProtocols.length; i++) {\r
+                            if (supportedProtocols[i].equals(protocol)) {\r
+                                if (vec == null) {\r
+                                    vec = new Vector();\r
+                                }\r
+                                vec.addElement(protocol);\r
+                                break;\r
+                            }\r
+                        }\r
+                    }\r
+                    fromIndex = index+1;\r
+                    index = requestedProtocols.indexOf(',', fromIndex);\r
+                } // while\r
+                protocol = requestedProtocols.substring(fromIndex);\r
+            }\r
+\r
+            if (protocol != null) {\r
+                protocol = protocol.trim();\r
+                if (protocol.length() > 0) {\r
+                    /*\r
+                     * Check to see if the requested protocol is among the\r
+                     * supported protocols, i.e., may be enabled\r
+                     */\r
+                    for (int i=0; supportedProtocols != null\r
+                                 && i<supportedProtocols.length; i++) {\r
+                        if (supportedProtocols[i].equals(protocol)) {\r
+                            if (vec == null) {\r
+                                vec = new Vector();\r
+                            }\r
+                            vec.addElement(protocol);\r
+                            break;\r
+                        }\r
+                    }\r
+                }\r
+            }           \r
+\r
+            if (vec != null) {\r
+                enabledProtocols = new String[vec.size()];\r
+                vec.copyInto(enabledProtocols);\r
+            }\r
+        }\r
+\r
+        return enabledProtocols;\r
+    }\r
  \r
      /**\r
       * Configure Client authentication for this version of JSSE.  The\r
@@ -335,7 +628,13 @@ public abstract class JSSESocketFactory
       * versions of JSSE will treat 'want' as 'false'.\r
       * @param socket the SSLServerSocket\r
       */\r
-    abstract protected void configureClientAuth(SSLServerSocket socket);\r
+    protected void configureClientAuth(SSLServerSocket socket){\r
+        if (wantClientAuth){\r
+            socket.setWantClientAuth(wantClientAuth);\r
+        } else {\r
+            socket.setNeedClientAuth(requireClientAuth);\r
+        }\r
+    }\r
  \r
      /**\r
       * Configure Client authentication for this version of JSSE.  The\r
@@ -343,7 +642,10 @@ public abstract class JSSESocketFactory
       * versions of JSSE will treat 'want' as 'false'.\r
       * @param socket the SSLSocket\r
       */\r
-    abstract protected void configureClientAuth(SSLSocket socket);\r
+    protected void configureClientAuth(SSLSocket socket){\r
+        // Per JavaDocs: SSLSockets returned from \r
+        // SSLServerSocket.accept() inherit this setting.\r
+    }\r
      \r
      /**\r
       * Configures the given SSL server socket with the requested cipher suites,\r
diff --git a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java

index 5fe724e..762b772 100644 (file)
--- a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java
@@ -18,8 +18,14 @@ package org.apache.tomcat.util.net.jsse;
  \r
  import java.io.ByteArrayInputStream;\r
  import java.io.IOException;\r
+import java.io.InputStream;\r
+import java.net.SocketException;\r
+import java.security.cert.Certificate;\r
  import java.security.cert.CertificateFactory;\r
  \r
+import javax.net.ssl.HandshakeCompletedEvent;\r
+import javax.net.ssl.HandshakeCompletedListener;\r
+import javax.net.ssl.SSLException;\r
  import javax.net.ssl.SSLSession;\r
  import javax.net.ssl.SSLSocket;\r
  import javax.security.cert.X509Certificate;\r
@@ -41,14 +47,17 @@ import org.apache.tomcat.util.net.SSLSupport;
  */\r
  \r
  class JSSESupport implements SSLSupport {\r
+    \r
      private static org.apache.commons.logging.Log log =\r
-       org.apache.commons.logging.LogFactory.getLog(JSSESupport.class);\r
+        org.apache.commons.logging.LogFactory.getLog(JSSESupport.class);\r
  \r
      protected SSLSocket ssl;\r
  \r
+    Listener listener = new Listener();\r
  \r
      JSSESupport(SSLSocket sock){\r
          ssl=sock;\r
+        sock.addHandshakeCompletedListener(listener);\r
      }\r
  \r
      public String getCipherSuite() throws IOException {\r
@@ -64,41 +73,44 @@ class JSSESupport implements SSLSupport {
          return getPeerCertificateChain(false);\r
      }\r
  \r
-    protected java.security.cert.X509Certificate [] \r
-       getX509Certificates(SSLSession session) throws IOException {\r
-        X509Certificate jsseCerts[] = null;\r
-    try{\r
-           jsseCerts = session.getPeerCertificateChain();\r
-    } catch (Throwable ex){\r
-       // Get rid of the warning in the logs when no Client-Cert is\r
-       // available\r
+    protected java.security.cert.X509Certificate [] getX509Certificates(SSLSession session) \r
+        throws IOException {\r
+        Certificate [] certs=null;\r
+        try {\r
+            certs = session.getPeerCertificates();\r
+        } catch( Throwable t ) {\r
+            log.debug("Error getting client certs",t);\r
+            return null;\r
+        }\r
+        if( certs==null ) return null;\r
+        \r
+        java.security.cert.X509Certificate [] x509Certs = \r
+            new java.security.cert.X509Certificate[certs.length];\r
+        for(int i=0; i < certs.length; i++) {\r
+            if (certs[i] instanceof java.security.cert.X509Certificate ) {\r
+                // always currently true with the JSSE 1.1.x\r
+                x509Certs[i] = (java.security.cert.X509Certificate) certs[i];\r
+            } else {\r
+                try {\r
+                    byte [] buffer = certs[i].getEncoded();\r
+                    CertificateFactory cf =\r
+                        CertificateFactory.getInstance("X.509");\r
+                    ByteArrayInputStream stream =\r
+                        new ByteArrayInputStream(buffer);\r
+                    x509Certs[i] = (java.security.cert.X509Certificate) cf.generateCertificate(stream);\r
+                } catch(Exception ex) { \r
+                    log.info("Error translating cert " + certs[i], ex);\r
+                    return null;\r
+                }\r
+            }\r
+            if(log.isTraceEnabled())\r
+                log.trace("Cert #" + i + " = " + x509Certs[i]);\r
+        }\r
+        if(x509Certs.length < 1)\r
+            return null;\r
+        return x509Certs;\r
      }\r
  \r
-       if(jsseCerts == null)\r
-           jsseCerts = new X509Certificate[0];\r
-       java.security.cert.X509Certificate [] x509Certs =\r
-           new java.security.cert.X509Certificate[jsseCerts.length];\r
-       for (int i = 0; i < x509Certs.length; i++) {\r
-           try {\r
-               byte buffer[] = jsseCerts[i].getEncoded();\r
-               CertificateFactory cf =\r
-                   CertificateFactory.getInstance("X.509");\r
-               ByteArrayInputStream stream =\r
-                   new ByteArrayInputStream(buffer);\r
-               x509Certs[i] = (java.security.cert.X509Certificate)\r
-                   cf.generateCertificate(stream);\r
-               if(log.isTraceEnabled())\r
-                   log.trace("Cert #" + i + " = " + x509Certs[i]);\r
-           } catch(Exception ex) {\r
-               log.info("Error translating " + jsseCerts[i], ex);\r
-               return null;\r
-           }\r
-       }\r
-       \r
-       if ( x509Certs.length < 1 )\r
-           return null;\r
-       return x509Certs;\r
-    }\r
      public Object[] getPeerCertificateChain(boolean force)\r
          throws IOException {\r
          // Look up the current SSLSession\r
@@ -124,9 +136,41 @@ class JSSESupport implements SSLSupport {
      }\r
  \r
      protected void handShake() throws IOException {\r
-        ssl.setNeedClientAuth(true);\r
+        if( ssl.getWantClientAuth() ) {\r
+            log.debug("No client cert sent for want");\r
+        } else {\r
+            ssl.setNeedClientAuth(true);\r
+        }\r
+\r
+        InputStream in = ssl.getInputStream();\r
+        int oldTimeout = ssl.getSoTimeout();\r
+        ssl.setSoTimeout(1000);\r
+        byte[] b = new byte[0];\r
+        listener.reset();\r
          ssl.startHandshake();\r
+        int maxTries = 60; // 60 * 1000 = example 1 minute time out\r
+        for (int i = 0; i < maxTries; i++) {\r
+        if(log.isTraceEnabled())\r
+            log.trace("Reading for try #" +i);\r
+            try {\r
+                int x = in.read(b);\r
+            } catch(SSLException sslex) {\r
+                log.info("SSL Error getting client Certs",sslex);\r
+                throw sslex;\r
+            } catch (IOException e) {\r
+                // ignore - presumably the timeout\r
+            }\r
+            if (listener.completed) {\r
+                break;\r
+            }\r
+        }\r
+        ssl.setSoTimeout(oldTimeout);\r
+        if (listener.completed == false) {\r
+            throw new SocketException("SSL Cert handshake timeout");\r
+        }\r
+\r
      }\r
+\r
      /**\r
       * Copied from <code>org.apache.catalina.valves.CertificateValve</code>\r
       */\r
@@ -174,5 +218,15 @@ class JSSESupport implements SSLSupport {
      }\r
  \r
  \r
+    private static class Listener implements HandshakeCompletedListener {\r
+        volatile boolean completed = false;\r
+        public void handshakeCompleted(HandshakeCompletedEvent event) {\r
+            completed = true;\r
+        }\r
+        void reset() {\r
+            completed = false;\r
+        }\r
+    }\r
+\r
  }\r
  \r
author	remm <remm@13f79535-47bb-0310-9956-ffa450edef68>
	Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)
committer	remm <remm@13f79535-47bb-0310-9956-ffa450edef68>
	Fri, 21 Apr 2006 11:04:05 +0000 (11:04 +0000)
java/org/apache/catalina/connector/Response.java		patch \| blob \| history
java/org/apache/catalina/core/StandardContext.java		patch \| blob \| history
java/org/apache/catalina/loader/WebappClassLoader.java		patch \| blob \| history
java/org/apache/catalina/mbeans/DefaultContextMBean.java		patch \| blob \| history
java/org/apache/catalina/mbeans/GroupMBean.java		patch \| blob \| history
java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java		patch \| blob \| history
java/org/apache/catalina/mbeans/NamingResourcesMBean.java		patch \| blob \| history
java/org/apache/catalina/mbeans/StandardContextMBean.java		patch \| blob \| history
java/org/apache/catalina/mbeans/UserMBean.java		patch \| blob \| history
java/org/apache/catalina/valves/ErrorReportValve.java		patch \| blob \| history
java/org/apache/catalina/valves/RequestFilterValve.java		patch \| blob \| history
java/org/apache/tomcat/util/compat/Jdk14Compat.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/compat/JdkCompat.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE13Factory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE13SocketFactory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE14Factory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE14Support.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE15Factory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSE15SocketFactory.java	[deleted file]	patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSEFactory.java		patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSEImplementation.java		patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java		patch \| blob \| history
java/org/apache/tomcat/util/net/jsse/JSSESupport.java		patch \| blob \| history