cvs commit: jakarta-tomcat-connectors/jni/native/src jnilib.c ssl.c

Fri, 20 May 2005 00:32:06 -0700 

mturk       2005/05/20 00:31:41

  Modified:    jni/java/org/apache/tomcat/jni SSL.java
               jni/native/src jnilib.c ssl.c
  Log:
  Added SSL.initialize that needs to be called if SSL support is desired.
  
  Revision  Changes    Path
  1.2       +14 -5     
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
  
  Index: SSL.java
  ===================================================================
  RCS file: 
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- SSL.java  20 May 2005 07:01:03 -0000      1.1
  +++ SSL.java  20 May 2005 07:31:41 -0000      1.2
  @@ -24,10 +24,19 @@
   
   public final class SSL {
   
  -     /* Return OpenSSL version number */
  -    private static native int version();
  +    /* Return OpenSSL version number */
  +    public static native int version();
  +
  +    /* Return OpenSSL version string */
  +    public static native String versionString();
  +
  +    /**
  +     * Initialize OpenSSL support.
  +     * This function needs to be called once for the
  +     * lifetime of JVM. Library.init() has to be called before.
  +     * @return APR status code
  +     */
  +    public static native int initialize();
   
  -     /* Return OpenSSL version string */
  -    private static native String versionString();
   
   }
  
  
  
  1.2       +1 -1      jakarta-tomcat-connectors/jni/native/src/jnilib.c
  
  Index: jnilib.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/jnilib.c,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- jnilib.c  14 Jan 2005 13:47:58 -0000      1.1
  +++ jnilib.c  20 May 2005 07:31:41 -0000      1.2
  @@ -25,7 +25,7 @@
   #include "tcn_version.h"
   
   
  -static apr_pool_t *tcn_global_pool = NULL;
  +apr_pool_t *tcn_global_pool = NULL;
   static JavaVM     *tcn_global_vm = NULL;
   
   static jclass    jString_class;
  
  
  
  1.4       +70 -0     jakarta-tomcat-connectors/jni/native/src/ssl.c
  
  Index: ssl.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- ssl.c     20 May 2005 07:01:04 -0000      1.3
  +++ ssl.c     20 May 2005 07:31:41 -0000      1.4
  @@ -22,6 +22,9 @@
   #ifdef HAVE_OPENSSL
   #include "ssl_private.h"
   
  +static int ssl_initialized = 0;
  +extern apr_pool_t *tcn_global_pool;
  +
   TCN_IMPLEMENT_CALL(jint, SSL, version)(TCN_STDARGS)
   {
       UNREFERENCED_STDARGS;
  @@ -34,9 +37,76 @@
       return AJP_TO_JSTRING(OPENSSL_VERSION_TEXT);
   }
   
  +/*
  + *  the various processing hooks
  + */
  +static apr_status_t ssl_init_cleanup(void *data)
  +{
  +    UNREFERENCED(data);
  +    /*
  +     * Try to kill the internals of the SSL library.
  +     */
  +#if OPENSSL_VERSION_NUMBER >= 0x00907001
  +    /* Corresponds to OPENSSL_load_builtin_modules():
  +     * XXX: borrowed from apps.h, but why not CONF_modules_free()
  +     * which also invokes CONF_modules_finish()?
  +     */
  +    CONF_modules_unload(1);
  +#endif
  +    /* Corresponds to SSL_library_init: */
  +    EVP_cleanup();
  +#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
  +    ENGINE_cleanup();
  +#endif
  +#if OPENSSL_VERSION_NUMBER >= 0x00907001
  +    CRYPTO_cleanup_all_ex_data();
  +#endif
  +    ERR_remove_state(0);
   
  +    /* Don't call ERR_free_strings here; ERR_load_*_strings only
  +     * actually load the error strings once per process due to static
  +     * variable abuse in OpenSSL. */
  +
  +    /* 
  +     * TODO: determine somewhere we can safely shove out diagnostics 
  +     *       (when enabled) at this late stage in the game:
  +     * CRYPTO_mem_leaks_fp(stderr);
  +     */
  +    return APR_SUCCESS;
  +}
   
  +TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS)
  +{
  +    
  +    UNREFERENCED_STDARGS;
  +    if (!tcn_global_pool)
  +        return (jint)APR_EINVAL;
  +    /* Check if already initialized */
  +    if (ssl_initialized++)
  +        return (jint)APR_SUCCESS;
  +    /* We must register the library in full, to ensure our configuration 
  +     * code can successfully test the SSL environment.
  +     */
  +    CRYPTO_malloc_init();
  +    ERR_load_crypto_strings();
  +    SSL_load_error_strings();
  +    SSL_library_init();
  +#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
  +    ENGINE_load_builtin_engines();
  +#endif
  +#if OPENSSL_VERSION_NUMBER >= 0x00907001
  +    OPENSSL_load_builtin_modules();
  +#endif
  +
  +    /*
  +     * Let us cleanup the ssl library when the module is unloaded
  +     */
  +    apr_pool_cleanup_register(tcn_global_pool, NULL,
  +                              ssl_init_cleanup,
  +                              apr_pool_cleanup_null);
   
  +    return (jint)APR_SUCCESS;
  +}
   
   #else
   /* OpenSSL is not supported
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to