jfclere 2005/06/08 09:52:58
Modified: jni/examples/org/apache/tomcat/jni SSLServer.java
jni/java/org/apache/tomcat/jni BIOCallback.java SSL.java
SSLContext.java
jni/native/src ssl.c sslcontext.c
Log:
Change the BIOCallback interface to use write(byte[] buf) and
read(byte[] buf);
Add SSL_accept to do the client handshake.
Arrange the corresponding example.
Revision Changes Path
1.3 +52 -1
jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java
Index: SSLServer.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/examples/org/apache/tomcat/jni/SSLServer.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- SSLServer.java 7 Jun 2005 09:16:59 -0000 1.2
+++ SSLServer.java 8 Jun 2005 16:52:57 -0000 1.3
@@ -47,6 +47,27 @@
}
}
+ private class CallBack implements BIOCallback {
+ long clientSock = 0;
+ public int write(byte [] buf) {
+ return(Socket.send(clientSock, buf, 0, buf.length));
+ }
+ public int read(byte [] buf) {
+ return(Socket.recv(clientSock, buf, 0, buf.length));
+ }
+ public int puts(String data) {
+ System.out.println("CallBack.puts");
+ return -1;
+ }
+ public String gets(int len) {
+ System.out.println("CallBack.gets");
+ return "";
+ }
+ public void setsock(long sock) {
+ clientSock = sock;
+ }
+ }
+
public SSLServer()
{
int i;
@@ -60,6 +81,36 @@
SSLContext.setCertificate(serverCtx, serverCert, serverKey,
serverPassword, SSL.SSL_AIDX_RSA);
SSLContext.setVerifyDepth(serverCtx, 10);
SSLContext.setVerifyClient(serverCtx, SSL.SSL_CVERIFY_REQUIRE);
+
+ CallBack SSLCallBack = new CallBack();
+ long callback = SSL.newBIO(serverPool, SSLCallBack);
+ /*
+ SSLContext.setBIO(serverCtx, callback, 1);
+ SSLContext.setBIO(serverCtx, callback, 0);
+ */
+ long serverSSL = SSL.make(serverCtx, callback, callback);
+
+ long serverSock = Socket.create(Socket.APR_INET,
Socket.SOCK_STREAM,
+ Socket.APR_PROTO_TCP,
serverPool);
+ long inetAddress = Address.info(SSLServer.serverAddr,
Socket.APR_INET, SSLServer.serverPort, 0, serverPool);
+ int rc = Socket.bind(serverSock, inetAddress);
+ if (rc != 0) {
+ throw(new Exception("Can't bind: " + Error.strerror(rc)));
+ }
+ Socket.listen(serverSock, 5);
+ long clientSock = Socket.accept(serverSock, serverPool);
+ long sa = Address.get(Socket.APR_REMOTE, clientSock);
+ Sockaddr raddr = new Sockaddr();
+ if (Address.fill(raddr, sa)) {
+ System.out.println("Remote Host: " + Address.getnameinfo(sa,
0));
+ System.out.println("Remote IP: " + Address.getip(sa) +
+ ":" + raddr.port);
+ }
+ SSLCallBack.setsock(clientSock);
+ int retcode = SSL.accept(serverSSL);
+ if (retcode<=0) {
+ throw(new Exception("Can't SSL accept: " +
SSLContext.geterror(serverCtx, retcode)));
+ }
} catch (Exception e) {
e.printStackTrace();
1.2 +7 -7
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/BIOCallback.java
Index: BIOCallback.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/BIOCallback.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- BIOCallback.java 1 Jun 2005 08:20:43 -0000 1.1
+++ BIOCallback.java 8 Jun 2005 16:52:58 -0000 1.2
@@ -26,17 +26,17 @@
/**
* Write data
- * @param data String to write
- * @return Number of characters written
+ * @param buf containg the bytes to write.
+ * @return Number of characters written.
*/
- public int write(String data);
+ public int write(byte [] buf);
/**
* Read data
- * @param len Maximum number of characters to read
- * @return String with up to len bytes readed
+ * @param buf buffer to store the read bytes.
+ * @return number of bytes read.
*/
- public String read(int len);
+ public int read(byte [] buf);
/**
* Puts string
1.14 +16 -1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
Index: SSL.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- SSL.java 7 Jun 2005 18:38:48 -0000 1.13
+++ SSL.java 8 Jun 2005 16:52:58 -0000 1.14
@@ -258,4 +258,19 @@
*/
public static native boolean loadDSATempKey(int idx, String file);
+ /**
+ * Create a new SSL structure for a Client connection
+ * @param ctx Client context to accept.
+ * @param bior BIO for read.
+ * @param biow BIO for read.
+ * @return pointer to the created SSL structure.
+ */
+ public static native int make(long ctx, long bior, long biow);
+
+ /**
+ * Do the TLS/SSL handshake with a Client
+ * @param ssl Client communication channel to accept.
+ * @return Status code.
+ */
+ public static native int accept(long ssl);
}
1.14 +14 -1
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java
Index: SSLContext.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSLContext.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- SSLContext.java 6 Jun 2005 06:54:19 -0000 1.13
+++ SSLContext.java 8 Jun 2005 16:52:58 -0000 1.14
@@ -47,6 +47,19 @@
throws Exception;
/**
+ * Do the TLS/SSL handshake with a Client
+ * @param ctx Client context to accept.
+ * @return Status code.
+ */
+ public static native int accept(long ctx);
+
+ /**
+ * Return the error code for openssl.
+ * @return Status code.
+ */
+ public static native int geterror(long ctx, int retcode);
+
+ /**
* Free the resources used by the Context
* @param ctx Server or Client context to free.
* @return APR Status code.
1.27 +50 -17 jakarta-tomcat-connectors/jni/native/src/ssl.c
Index: ssl.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- ssl.c 7 Jun 2005 18:46:09 -0000 1.26
+++ ssl.c 8 Jun 2005 16:52:58 -0000 1.27
@@ -434,6 +434,37 @@
return (jint)APR_SUCCESS;
}
+TCN_IMPLEMENT_CALL(jint, SSL, accept)(TCN_STDARGS, jlong ctx)
+{
+ tcn_ssl_conn_t *c = J2P(ctx, tcn_ssl_conn_t *);
+ UNREFERENCED_STDARGS;
+ TCN_ASSERT(ctx != 0);
+ return SSL_accept(c->ssl);
+}
+
+TCN_IMPLEMENT_CALL(jint, SSL, make)(TCN_STDARGS, jlong ctx, jlong bior,
jlong biow)
+{
+ tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
+ BIO *bio_handler = J2P(bior, BIO *);
+ BIO *bio_handlew = J2P(biow, BIO *);
+ SSL *ssl;
+ tcn_ssl_conn_t *cssl = NULL;
+
+ UNREFERENCED_STDARGS;
+ TCN_ASSERT(ctx != 0);
+
+ ssl=SSL_new(c->ctx);
+ SSL_set_bio(ssl, bio_handler, bio_handlew);
+ if ((cssl = apr_pcalloc(c->pool, sizeof(tcn_ssl_conn_t))) == NULL) {
+ goto make_failed;
+ }
+ cssl->ctx=c;
+ cssl->ssl=ssl;
+ return P2J(cssl);
+make_failed:
+ return 0;
+}
+
TCN_IMPLEMENT_CALL(jboolean, SSL, randLoad)(TCN_STDARGS, jstring file)
{
TCN_ALLOC_CSTRING(file);
@@ -551,10 +582,12 @@
if (b->init && in != NULL) {
BIO_JAVA *j = (BIO_JAVA *)b->ptr;
JNIEnv *e = j->cb.env;
- if ((*e)->CallIntMethod(e, j->cb.obj,
- j->cb.mid[0],
- tcn_new_string(e, in, inl)))
- ret = inl;
+ jbyteArray jb = (*e)->NewByteArray(e, inl);
+ (*e)->SetByteArrayRegion(e, jb, 0, inl, (jbyte *)in);
+ jint o = (*e)->CallIntMethod(e, j->cb.obj,
+ j->cb.mid[0], jb);
+ (*e)->ReleaseByteArrayElements(e, jb, (jbyte *)in, 0);
+ ret = o;
}
return ret;
}
@@ -565,16 +598,16 @@
if (b->init && out != NULL) {
BIO_JAVA *j = (BIO_JAVA *)b->ptr;
JNIEnv *e = j->cb.env;
- jobject o;
- if ((o = (*e)->CallObjectMethod(e, j->cb.obj,
- j->cb.mid[1], (jint)(outl - 1)))) {
- TCN_ALLOC_CSTRING(o);
- if (J2S(o)) {
- int l = (int)strlen(J2S(o));
- ret = TCN_MIN(outl, l);
- memcpy(out, J2S(o), ret);
- }
- TCN_FREE_CSTRING(o);
+ jbyteArray jb = (*e)->NewByteArray(e, outl);
+
+ jint o = (*e)->CallObjectMethod(e, j->cb.obj,
+ j->cb.mid[1], jb);
+ if (o>=0) {
+ int i;
+ jbyte *jout = (*e)->GetByteArrayElements(e, jb, 0);
+ memcpy(out, jout, o);
+ (*e)->ReleaseByteArrayElements(e, jb, jout, 0);
+ ret = o;
}
}
return ret;
@@ -666,8 +699,8 @@
cls = (*e)->GetObjectClass(e, callback);
j->cb.env = e;
- j->cb.mid[0] = (*e)->GetMethodID(e, cls, "write",
"(Ljava/lang/String;)I");
- j->cb.mid[1] = (*e)->GetMethodID(e, cls, "read",
"(I)Ljava/lang/String;");
+ j->cb.mid[0] = (*e)->GetMethodID(e, cls, "write", "([B)I");
+ j->cb.mid[1] = (*e)->GetMethodID(e, cls, "read", "([B)I");
j->cb.mid[2] = (*e)->GetMethodID(e, cls, "puts",
"(Ljava/lang/String;)I");
j->cb.mid[3] = (*e)->GetMethodID(e, cls, "gets",
"(I)Ljava/lang/String;");
/* TODO: Check if method id's are valid */
1.28 +9 -1 jakarta-tomcat-connectors/jni/native/src/sslcontext.c
Index: sslcontext.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslcontext.c,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- sslcontext.c 7 Jun 2005 11:05:07 -0000 1.27
+++ sslcontext.c 8 Jun 2005 16:52:58 -0000 1.28
@@ -174,6 +174,14 @@
return 0;
}
+TCN_IMPLEMENT_CALL(jint, SSLContext, geterror)(TCN_STDARGS, jlong ctx, jint
retcode)
+{
+ tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
+ UNREFERENCED_STDARGS;
+ TCN_ASSERT(ctx != 0);
+ return SSL_get_error(c->ctx, retcode);
+}
+
TCN_IMPLEMENT_CALL(jint, SSLContext, free)(TCN_STDARGS, jlong ctx)
{
tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
