hgomez 2002/11/22 22:34:48
Modified: jk/java/org/apache/jk/common HandlerRequest.java
jk/java/org/apache/jk/server JkCoyoteHandler.java
Log:
Fix null getRemoteHost.
Lasy extraction of ssl certs to speed up jk/ajp13 when under SSL
Revision Changes Path
1.18 +6 -24
jakarta-tomcat-connectors/jk/java/org/apache/jk/common/HandlerRequest.java
Index: HandlerRequest.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/jk/common/HandlerRequest.java,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- HandlerRequest.java 4 Oct 2002 23:26:25 -0000 1.17
+++ HandlerRequest.java 23 Nov 2002 06:34:47 -0000 1.18
@@ -62,13 +62,12 @@
import java.io.*;
import java.net.*;
import java.util.*;
-import java.security.*;
-import java.security.cert.*;
import org.apache.jk.core.*;
import org.apache.tomcat.util.http.*;
import org.apache.tomcat.util.buf.*;
+import org.apache.tomcat.util.net.SSLSupport;
import org.apache.coyote.Request;
import org.apache.coyote.*;
@@ -482,7 +481,7 @@
*/
if( attributeCode == SC_A_SSL_KEY_SIZE ) {
// Bug 1326: it's an Integer.
- req.setAttribute("javax.servlet.request.key_size",
+ req.setAttribute(SSLSupport.KEY_SIZE_KEY,
new Integer( msg.getInt()));
//Integer.toString(msg.getInt()));
}
@@ -535,38 +534,21 @@
// Transform the string into certificate.
msg.getBytes(tmpMB);
String certString = tmpMB.toString();
- byte[] certData = certString.getBytes();
- ByteArrayInputStream bais = new ByteArrayInputStream(certData);
-
- // Fill the first element.
- X509Certificate jsseCerts[] = null;
- try {
- CertificateFactory cf =
- CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate)
- cf.generateCertificate(bais);
- jsseCerts = new X509Certificate[1];
- jsseCerts[0] = cert;
- } catch(java.security.cert.CertificateException e) {
- log.error("Certificate convertion failed" + e );
- e.printStackTrace();
- }
-
- req.setAttribute("javax.servlet.request.X509Certificate",
- jsseCerts);
+ // SSL certificate extraction is costy, moved to
JkCoyoteHandler
+ req.setAttribute(SSLSupport.CERTIFICATE_KEY, certString);
break;
case SC_A_SSL_CIPHER :
req.scheme().setString( "https" );
msg.getBytes(tmpMB);
- req.setAttribute("javax.servlet.request.cipher_suite",
+ req.setAttribute(SSLSupport.CIPHER_SUITE_KEY,
tmpMB.toString());
break;
case SC_A_SSL_SESSION :
req.scheme().setString( "https" );
msg.getBytes(tmpMB);
- req.setAttribute("javax.servlet.request.ssl_session",
+ req.setAttribute(SSLSupport.SESSION_ID_KEY,
tmpMB.toString());
break;
1.31 +31 -1
jakarta-tomcat-connectors/jk/java/org/apache/jk/server/JkCoyoteHandler.java
Index: JkCoyoteHandler.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jk/java/org/apache/jk/server/JkCoyoteHandler.java,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- JkCoyoteHandler.java 13 Nov 2002 00:18:16 -0000 1.30
+++ JkCoyoteHandler.java 23 Nov 2002 06:34:47 -0000 1.31
@@ -62,6 +62,8 @@
import java.io.*;
import java.net.*;
import java.util.*;
+import java.security.*;
+import java.security.cert.*;
import org.apache.jk.core.*;
import org.apache.jk.common.*;
@@ -69,6 +71,7 @@
import org.apache.tomcat.util.buf.*;
import org.apache.tomcat.util.log.*;
import org.apache.tomcat.util.http.*;
+import org.apache.tomcat.util.net.SSLSupport;
import org.apache.coyote.*;
@@ -376,9 +379,36 @@
if( logTime.isDebugEnabled() )
logTime(res.getRequest(), res);
} else if( actionCode==ActionCode.ACTION_REQ_SSL_ATTRIBUTE ) {
-
+ org.apache.coyote.Request req=(org.apache.coyote.Request)param;
+
+ // Extract SSL certificate information (if requested)
+ String certString =
(String)req.getAttribute(SSLSupport.CERTIFICATE_KEY);
+ byte[] certData = certString.getBytes();
+ ByteArrayInputStream bais = new ByteArrayInputStream(certData);
+
+ // Fill the first element.
+ X509Certificate jsseCerts[] = null;
+ try {
+ CertificateFactory cf =
+ CertificateFactory.getInstance("X.509");
+ X509Certificate cert = (X509Certificate)
+ cf.generateCertificate(bais);
+ jsseCerts = new X509Certificate[1];
+ jsseCerts[0] = cert;
+ } catch(java.security.cert.CertificateException e) {
+ log.error("Certificate convertion failed" + e );
+ e.printStackTrace();
+ }
+
+ req.setAttribute(SSLSupport.CERTIFICATE_KEY,
+ jsseCerts);
} else if( actionCode==ActionCode.ACTION_REQ_HOST_ATTRIBUTE ) {
+ org.apache.coyote.Request req=(org.apache.coyote.Request)param;
+
+ // If remoteHost not set by JK, get it's name from
it's remoteAddr
+ if( req.remoteHost().isNull())
+
req.remoteHost().setString(InetAddress.getByName(req.remoteAddr().toString()).getHostName());
// } else if( actionCode==ActionCode.ACTION_POST_REQUEST ) {
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
