Here is a patch fixing this issue. JGlobus actually ships with a tomcat7 profile, this profile triggers a patch (ssl-proxies-tomcat/src/main/patches/jglobus-tomcat7.patch) adapting the code to the Tomcat 7 API. This patch also works with Tomcat 8. The build requires the maven-patch-plugin which isn't in Debian, so I copied the patch under the debian/patches directory.
Emmanuel Bourg
diff --git a/debian/control b/debian/control index fe4e111..f9ad4c2 100644 --- a/debian/control +++ b/debian/control @@ -1,7 +1,7 @@ Source: jglobus Priority: optional Maintainer: Mattias Ellert <mattias.ell...@fysast.uu.se> -Build-Depends: debhelper (>> 5), maven-debian-helper, maven-repo-helper, libmaven-compiler-plugin-java, libmaven-clean-plugin-java, libmaven-dependency-plugin-java, libmaven-enforcer-plugin-java, libmaven-install-plugin-java, libmaven-jar-plugin-java, libmaven-javadoc-plugin-java, libmaven-resources-plugin-java, libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, libtomcat6-java, libhttpclient-java, libaxis-java, libservlet2.5-java, junit4 +Build-Depends: debhelper (>> 5), maven-debian-helper, maven-repo-helper, libmaven-compiler-plugin-java, libmaven-clean-plugin-java, libmaven-dependency-plugin-java, libmaven-enforcer-plugin-java, libmaven-install-plugin-java, libmaven-jar-plugin-java, libmaven-javadoc-plugin-java, libmaven-resources-plugin-java, libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, libtomcat8-java, libhttpclient-java, libaxis-java, libservlet3.1-java, junit4 Standards-Version: 3.9.4 Section: java Homepage: http://github.com/jglobus/ @@ -51,7 +51,7 @@ Description: Globus Java - GridFTP Package: libjglobus-ssl-proxies-tomcat-java Section: java Architecture: all -Depends: libjglobus-jsse-java (= ${binary:Version}), libtomcat6-java, ${misc:Depends} +Depends: libjglobus-jsse-java (= ${binary:Version}), libtomcat8-java, ${misc:Depends} Description: Globus Java - SSL and proxy certificate support for Tomcat Globus Java library with SSL and proxy certificate support for Tomcat @@ -72,7 +72,7 @@ Description: Globus Java - MyProxy Package: libjglobus-axisg-java Section: java Architecture: all -Depends: libjglobus-gss-java (= ${binary:Version}), libaxis-java, libservlet2.5-java, ${misc:Depends} +Depends: libjglobus-gss-java (= ${binary:Version}), libaxis-java, libservlet3.1-java, ${misc:Depends} Description: Globus Java - Apache AXIS support Globus Java library with Apache AXIS support diff --git a/debian/maven.ignoreRules b/debian/maven.ignoreRules new file mode 100644 index 0000000..06948c9 --- /dev/null +++ b/debian/maven.ignoreRules @@ -0,0 +1 @@ +org.apache.maven.plugins maven-patch-plugin * * * * diff --git a/debian/maven.rules b/debian/maven.rules index 4b0beb4..2771f26 100644 --- a/debian/maven.rules +++ b/debian/maven.rules @@ -1,8 +1,8 @@ commons-httpclient commons-httpclient * s/.*/3.x/ -javax.servlet servlet-api * s/.*/2.5/ +javax.servlet s/servlet-api/javax.servlet-api/ * s/.*/3.1/ junit junit * s/.*/4.x/ log4j log4j * s/.*/1.2.x/ -org.apache.tomcat s/tomcat-catalina/catalina/ * s/.*/debian/ -org.apache.tomcat s/tomcat-coyote/coyote/ * s/.*/debian/ +org.apache.tomcat tomcat-catalina * s/.*/8.x/ +org.apache.tomcat tomcat-coyote * s/.*/8.x/ org.bouncycastle s/bcprov-.*/bcprov/ * s/.*/debian/ org.apache.maven.plugins maven-surefire-plugin * s/.*/2.10/ diff --git a/debian/patches/jglobus-tomcat7.patch b/debian/patches/jglobus-tomcat7.patch new file mode 100644 index 0000000..8b27ea4 --- /dev/null +++ b/debian/patches/jglobus-tomcat7.patch @@ -0,0 +1,81 @@ +diff -ur jglobus-2.0.4.orig/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLImplementation.java jglobus-2.0.4/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLImplementation.java +--- jglobus-2.0.4.orig/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLImplementation.java 2011-07-29 04:41:20.000000000 +0200 ++++ jglobus-2.0.4/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLImplementation.java 2012-06-08 17:22:01.140977362 +0200 +@@ -1,6 +1,7 @@ + package org.globus.gsi.tomcat; + + ++import org.apache.tomcat.util.net.AbstractEndpoint; + import org.apache.tomcat.util.net.ServerSocketFactory; + import org.apache.tomcat.util.net.jsse.JSSEImplementation; + +@@ -14,8 +15,8 @@ + return "GlobusSSLImplementation"; + } + +- public ServerSocketFactory getServerSocketFactory() { +- return new GlobusSSLSocketFactory(); ++ public ServerSocketFactory getServerSocketFactory(AbstractEndpoint endpoint) { ++ return new GlobusSSLSocketFactory(endpoint); + } + + } +diff -ur jglobus-2.0.4.orig/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLSocketFactory.java jglobus-2.0.4/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLSocketFactory.java +--- jglobus-2.0.4.orig/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLSocketFactory.java 2011-07-29 04:41:20.000000000 +0200 ++++ jglobus-2.0.4/ssl-proxies-tomcat/src/main/java/org/globus/gsi/tomcat/GlobusSSLSocketFactory.java 2012-06-08 18:13:34.293762214 +0200 +@@ -15,6 +15,7 @@ + + package org.globus.gsi.tomcat; + ++import org.apache.tomcat.util.net.AbstractEndpoint; + import org.apache.tomcat.util.net.jsse.JSSESocketFactory; + import org.globus.gsi.X509ProxyCertPathParameters; + import org.globus.gsi.jsse.GlobusSSLHelper; +@@ -44,8 +45,17 @@ + static { + Security.addProvider(new GlobusProvider()); + } +- +- ++ ++ protected Object crlLocation; ++ protected Object signingPolicyLocation; ++ protected Object rejectLimitedProxyEntry; ++ ++ public GlobusSSLSocketFactory(AbstractEndpoint endpoint) { ++ super(endpoint); ++ crlLocation = endpoint.getAttribute("crlLocation"); ++ signingPolicyLocation = endpoint.getAttribute("signingPolicyLocation"); ++ rejectLimitedProxyEntry = endpoint.getAttribute("rejectLimitedProxy"); ++ } + + /** + * Create a Globus trust manager which supports proxy certificates. This requires that the CRL store, and +@@ -61,21 +71,21 @@ + protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm) + throws Exception { + KeyStore trustStore = getTrustStore(keystoreType, keystoreProvider); ++ + CertStore crlStore = null; +- Object crlLocation = attributes.get("crlLocation"); + if (crlLocation != null) { +- crlStore = GlobusSSLHelper.findCRLStore((String) attributes.get("crlLocation")); ++ crlStore = GlobusSSLHelper.findCRLStore((String) crlLocation); + } +- Object signingPolicyLocation = attributes.get("signingPolicyLocation"); ++ + ResourceSigningPolicyStore policyStore = null; + if (signingPolicyLocation != null) { + policyStore = new ResourceSigningPolicyStore( +- new ResourceSigningPolicyStoreParameters(attributes.get("signingPolicyLocation").toString())); ++ new ResourceSigningPolicyStoreParameters((String) signingPolicyLocation)); + } +- Object rejectLimitedProxyEntry = attributes.get("rejectLimitedProxy"); + + boolean rejectLimitedProxy = rejectLimitedProxyEntry != null && +- Boolean.parseBoolean(attributes.get("rejectLimitedProxy").toString()); ++ Boolean.parseBoolean((String) rejectLimitedProxyEntry); ++ + X509ProxyCertPathParameters parameters = new X509ProxyCertPathParameters(trustStore, crlStore, policyStore, + rejectLimitedProxy); + TrustManager trustManager = new PKITrustManager(new X509ProxyCertPathValidator(), parameters); diff --git a/debian/patches/series b/debian/patches/series index 005ccee..41f3d89 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -14,3 +14,6 @@ jglobus-doc.patch # Port to bouncycastle 1.47 - backport from upstream git jglobus-bc147.patch + +# Use the Tomcat 7 API +jglobus-tomcat7.patch diff --git a/debian/rules b/debian/rules index 474171a..5a721d4 100755 --- a/debian/rules +++ b/debian/rules @@ -78,7 +78,7 @@ build-indep: build-stamp build-stamp: configure-stamp dh_testdir - debian/mvn-debian -Ptomcat6 \ + debian/mvn-debian -Ptomcat7 \ -Dproject.build.sourceEncoding=UTF-8 -Dmaven.test.skip=true \ resources:resources compiler:compile jar:jar \ resources:testResources compiler:testCompile surefire:test \
signature.asc
Description: OpenPGP digital signature
