Author: markt
Date: Fri Aug 12 07:46:50 2016
New Revision: 1756097
URL: http://svn.apache.org/viewvc?rev=1756097&view=rev
Log:
Align ActionCode.REQ_SSL_ATTRIBUTE
Modified:
tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1756097&r1=1756096&r2=1756097&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Fri Aug 12
07:46:50 2016
@@ -459,45 +459,7 @@ public class AjpProcessor extends Abstra
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- if (!certificates.isNull()) {
- ByteChunk certData = certificates.getByteChunk();
- X509Certificate jsseCerts[] = null;
- ByteArrayInputStream bais =
- new ByteArrayInputStream(certData.getBytes(),
- certData.getStart(),
- certData.getLength());
- // Fill the elements.
- try {
- CertificateFactory cf;
- String clientCertProvider = getClientCertProvider();
- if (clientCertProvider == null) {
- cf = CertificateFactory.getInstance("X.509");
- } else {
- cf = CertificateFactory.getInstance("X.509",
- clientCertProvider);
- }
- while(bais.available() > 0) {
- X509Certificate cert = (X509Certificate)
- cf.generateCertificate(bais);
- if(jsseCerts == null) {
- jsseCerts = new X509Certificate[1];
- jsseCerts[0] = cert;
- } else {
- X509Certificate [] temp = new
X509Certificate[jsseCerts.length+1];
-
System.arraycopy(jsseCerts,0,temp,0,jsseCerts.length);
- temp[jsseCerts.length] = cert;
- jsseCerts = temp;
- }
- }
- } catch (java.security.cert.CertificateException e) {
- getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
- return;
- } catch (NoSuchProviderException e) {
- getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
- return;
- }
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, jsseCerts);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
@@ -1496,6 +1458,49 @@ public class AjpProcessor extends Abstra
}
}
+
+ private void populateSslRequestAttributes() {
+ if (!certificates.isNull()) {
+ ByteChunk certData = certificates.getByteChunk();
+ X509Certificate jsseCerts[] = null;
+ ByteArrayInputStream bais =
+ new ByteArrayInputStream(certData.getBytes(),
+ certData.getStart(),
+ certData.getLength());
+ // Fill the elements.
+ try {
+ CertificateFactory cf;
+ String clientCertProvider = getClientCertProvider();
+ if (clientCertProvider == null) {
+ cf = CertificateFactory.getInstance("X.509");
+ } else {
+ cf = CertificateFactory.getInstance("X.509",
+ clientCertProvider);
+ }
+ while(bais.available() > 0) {
+ X509Certificate cert = (X509Certificate)
+ cf.generateCertificate(bais);
+ if(jsseCerts == null) {
+ jsseCerts = new X509Certificate[1];
+ jsseCerts[0] = cert;
+ } else {
+ X509Certificate [] temp = new
X509Certificate[jsseCerts.length+1];
+ System.arraycopy(jsseCerts,0,temp,0,jsseCerts.length);
+ temp[jsseCerts.length] = cert;
+ jsseCerts = temp;
+ }
+ }
+ } catch (java.security.cert.CertificateException e) {
+ getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
+ return;
+ } catch (NoSuchProviderException e) {
+ getLog().error(sm.getString("ajpprocessor.certs.fail"), e);
+ return;
+ }
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, jsseCerts);
+ }
+ }
+
/**
* Read at least the specified amount of bytes, and place them
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1756097&r1=1756096&r2=1756097&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri Aug 12
07:46:50 2016
@@ -752,33 +752,7 @@ public class Http11Processor extends Abs
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CIPHER_SUITE_KEY,
sslO);
- }
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- sslO = sslSupport.getKeySize();
- if (sslO != null) {
- request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
- }
- sslO = sslSupport.getSessionId();
- if (sslO != null) {
- request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
- }
- sslO = sslSupport.getProtocol();
- if (sslO != null) {
- request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
- }
- request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
- }
- } catch (Exception e) {
- log.warn(sm.getString("http11processor.socket.ssl"), e);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
@@ -1820,6 +1794,37 @@ public class Http11Processor extends Abs
}
+ private void populateSslRequestAttributes() {
+ try {
+ if (sslSupport != null) {
+ Object sslO = sslSupport.getCipherSuite();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CIPHER_SUITE_KEY, sslO);
+ }
+ sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ sslO = sslSupport.getKeySize();
+ if (sslO != null) {
+ request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
+ }
+ sslO = sslSupport.getSessionId();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
+ }
+ sslO = sslSupport.getProtocol();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
+ }
+ request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
+ }
+ } catch (Exception e) {
+ log.warn(sm.getString("http11processor.socket.ssl"), e);
+ }
+ }
+
+
/**
* Checks to see if the keep-alive loop should be broken, performing any
* processing (e.g. sendfile handling) that may have an impact on whether
Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1756097&r1=1756096&r2=1756097&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java Fri Aug 12
07:46:50 2016
@@ -206,33 +206,7 @@ public class StreamProcessor extends Abs
// SSL request attribute support
case REQ_SSL_ATTRIBUTE: {
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CIPHER_SUITE_KEY,
sslO);
- }
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- sslO = sslSupport.getKeySize();
- if (sslO != null) {
- request.setAttribute(SSLSupport.KEY_SIZE_KEY, sslO);
- }
- sslO = sslSupport.getSessionId();
- if (sslO != null) {
- request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
- }
- sslO = sslSupport.getProtocol();
- if (sslO != null) {
- request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
- }
- request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
- }
- } catch (Exception e) {
- log.warn(sm.getString("streamProcessor.ssl.error"), e);
- }
+ populateSslRequestAttributes();
break;
}
case REQ_SSL_CERTIFICATE: {
@@ -431,6 +405,37 @@ public class StreamProcessor extends Abs
}
+ private void populateSslRequestAttributes() {
+ try {
+ if (sslSupport != null) {
+ Object sslO = sslSupport.getCipherSuite();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CIPHER_SUITE_KEY, sslO);
+ }
+ sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ sslO = sslSupport.getKeySize();
+ if (sslO != null) {
+ request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
+ }
+ sslO = sslSupport.getSessionId();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
+ }
+ sslO = sslSupport.getProtocol();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY,
sslO);
+ }
+ request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
+ }
+ } catch (Exception e) {
+ log.warn(sm.getString("http11processor.socket.ssl"), e);
+ }
+ }
+
+
@Override
public void recycle() {
// StreamProcessor instances are not re-used.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
