Author: markt
Date: Thu Apr 30 13:15:36 2015
New Revision: 1676978
URL: http://svn.apache.org/r1676978
Log:
Move algorithm to SSLHostConfig
Modified:
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
tomcat/trunk/webapps/docs/config/http.xml
Modified:
tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11JsseProtocol.java
Thu Apr 30 13:15:36 2015
@@ -25,9 +25,6 @@ public abstract class AbstractHttp11Jsse
super(endpoint);
}
- public String getAlgorithm() { return getEndpoint().getAlgorithm();}
- public void setAlgorithm(String s ) { getEndpoint().setAlgorithm(s);}
-
public String getClientAuth() { return getEndpoint().getClientAuth();}
public void setClientAuth(String s ) { getEndpoint().setClientAuth(s);}
Modified: tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java
(original)
+++ tomcat/trunk/java/org/apache/coyote/http11/AbstractHttp11Protocol.java Thu
Apr 30 13:15:36 2015
@@ -379,6 +379,11 @@ public abstract class AbstractHttp11Prot
defaultSSLHostConfig.setCertificateKeyFile(certificateKeyFile);
}
+ public void setAlgorithm(String certificateAlgorithm) {
+ registerDefaultSSLHostConfig();
+ defaultSSLHostConfig.setCertificateAlgorithm(certificateAlgorithm);
+ }
+
// ------------------------------------------------------------- Common
code
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Thu Apr
30 13:15:36 2015
@@ -31,8 +31,6 @@ import java.util.concurrent.ConcurrentHa
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
-import javax.net.ssl.KeyManagerFactory;
-
import org.apache.juli.logging.Log;
import org.apache.tomcat.util.IntrospectionUtils;
import org.apache.tomcat.util.net.AbstractEndpoint.Acceptor.AcceptorState;
@@ -986,10 +984,6 @@ public abstract class AbstractEndpoint<S
this.sslImplementationName = s;
}
- private String algorithm = KeyManagerFactory.getDefaultAlgorithm();
- public String getAlgorithm() { return algorithm;}
- public void setAlgorithm(String s ) { this.algorithm = s;}
-
private String clientAuth = "false";
public String getClientAuth() { return clientAuth;}
public void setClientAuth(String s ) { this.clientAuth = s;}
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Thu Apr 30
13:15:36 2015
@@ -21,6 +21,8 @@ import java.util.HashSet;
import java.util.Map;
import java.util.Set;
+import javax.net.ssl.KeyManagerFactory;
+
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.res.StringManager;
@@ -45,6 +47,7 @@ public class SSLHostConfig {
private Set<String> protocols = new HashSet<>();
// JSSE
private String keystoreFile = System.getProperty("user.home")+"/.keystore";
+ private String certificateAlgorithm =
KeyManagerFactory.getDefaultAlgorithm();
// OpenSSL
private String certificateFile;
private String certificateKeyFile;
@@ -145,6 +148,17 @@ public class SSLHostConfig {
}
+ public void setCertificateAlgorithm(String certificateAlgorithm) {
+ setProperty("certificateAlgorithm", Type.JSSE);
+ this.certificateAlgorithm = certificateAlgorithm;
+ }
+
+
+ public String getCertificateAlgorithm() {
+ return certificateAlgorithm;
+ }
+
+
// ------------------------------- OpenSSL specific configuration
properties
public void setCertificateFile(String certificateFile) {
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Thu Apr 30 13:15:36 2015
@@ -386,13 +386,8 @@ public class JSSESocketFactory implement
keystoreType = defaultKeystoreType;
}
- String algorithm = endpoint.getAlgorithm();
- if (algorithm == null) {
- algorithm = KeyManagerFactory.getDefaultAlgorithm();
- }
-
return getKeyManagers(keystoreType, endpoint.getKeystoreProvider(),
- algorithm, endpoint.getKeyAlias());
+ sslHostConfig.getCertificateAlgorithm(),
endpoint.getKeyAlias());
}
@Override
Modified: tomcat/trunk/webapps/docs/config/http.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1676978&r1=1676977&r2=1676978&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Thu Apr 30 13:15:36 2015
@@ -1051,6 +1051,14 @@
<attributes>
+ <attribute name="certificateAlgorithm" required="false">
+ <p>The certificate encoding algorithm to be used. This defaults to
+ <code>KeyManagerFactory.getDefaultAlgorithm()</code> which returns
+ <code>SunX509</code> for Sun JVMs. IBM JVMs return
+ <code>IbmX509</code>. For other vendors, consult the JVM
+ documentation for the default value.</p>
+ </attribute>
+
<attribute name="certificateFile" required="false">
<p>OpenSSL only (required).</p>
<p>Name of the file that contains the server certificate. The format is
@@ -1110,11 +1118,9 @@
<attributes>
<attribute name="algorithm" required="false">
- <p>The certificate encoding algorithm to be used. This defaults to
- <code>KeyManagerFactory.getDefaultAlgorithm()</code> which returns
- <code>SunX509</code> for Sun JVMs. IBM JVMs return
- <code>IbmX509</code>. For other vendors, consult the JVM
- documentation for the default value.</p>
+ <p>This is an alias for the <code>certificateAlgorithm</code> attribute
of the
+ default <a href="#SSL_Support_-_SSLHostConfig">SSLHostConfig</a>
+ element.</p>
</attribute>
<attribute name="useServerCipherSuitesOrder" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
