svn commit: r1686421 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AbstractJsseEndpoint.java SecureNio2Channel.java SecureNioChannel.java

Fri, 19 Jun 2015 07:18:27 -0700 

Author: markt
Date: Fri Jun 19 14:17:43 2015
New Revision: 1686421

URL: http://svn.apache.org/r1686421
Log:
Some plumbing for supporting multiple certificate types for a virtual host
Incomplete and untested

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
    tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java
    tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1686421&r1=1686420&r2=1686421&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Fri 
Jun 19 14:17:43 2015
@@ -16,11 +16,14 @@
  */
 package org.apache.tomcat.util.net;
 
+import java.util.List;
+
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLParameters;
 import javax.net.ssl.SSLSessionContext;
 
 import org.apache.tomcat.util.net.SSLHostConfig.Type;
+import org.apache.tomcat.util.net.jsse.openssl.Cipher;
 import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
 
 public abstract class AbstractJsseEndpoint<S> extends AbstractEndpoint<S> {
@@ -87,7 +90,7 @@ public abstract class AbstractJsseEndpoi
     }
 
 
-    protected SSLEngine createSSLEngine(String sniHostName) {
+    protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> 
clientRequestedCiphers) {
         SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName);
         SSLContextWrapper sslContextWrapper = (SSLContextWrapper) 
sslHostConfig.getSslContext();
         if (sslContextWrapper == null) {

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java?rev=1686421&r1=1686420&r2=1686421&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java Fri Jun 
19 14:17:43 2015
@@ -22,6 +22,7 @@ import java.nio.ByteBuffer;
 import java.nio.channels.AsynchronousSocketChannel;
 import java.nio.channels.CompletionHandler;
 import java.nio.channels.WritePendingException;
+import java.util.List;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.Future;
 import java.util.concurrent.TimeUnit;
@@ -37,6 +38,7 @@ import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.buf.ByteBufferUtils;
 import org.apache.tomcat.util.net.TLSClientHelloExtractor.ExtractorResult;
+import org.apache.tomcat.util.net.jsse.openssl.Cipher;
 import org.apache.tomcat.util.res.StringManager;
 
 /**
@@ -330,9 +332,11 @@ public class SecureNio2Channel extends N
         }
 
         String hostName = null;
+        List<Cipher> clientRequestedCiphers = null;
         switch (extractor.getResult()) {
         case COMPLETE:
             hostName = extractor.getSNIValue();
+            clientRequestedCiphers = extractor.getClientRequestedCiphers();
             break;
         case NOT_PRESENT:
             // NO-OP
@@ -353,7 +357,7 @@ public class SecureNio2Channel extends N
             log.debug(sm.getString("channel.nio.ssl.sniHostName", hostName));
         }
 
-        sslEngine = endpoint.createSSLEngine(hostName);
+        sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers);
 
         // Ensure the application buffers (which have to be created earlier) 
are
         // big enough.

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java?rev=1686421&r1=1686420&r2=1686421&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java Fri Jun 
19 14:17:43 2015
@@ -23,6 +23,7 @@ import java.nio.ByteBuffer;
 import java.nio.channels.SelectionKey;
 import java.nio.channels.Selector;
 import java.nio.channels.SocketChannel;
+import java.util.List;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
@@ -34,6 +35,7 @@ import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 import org.apache.tomcat.util.buf.ByteBufferUtils;
 import org.apache.tomcat.util.net.TLSClientHelloExtractor.ExtractorResult;
+import org.apache.tomcat.util.net.jsse.openssl.Cipher;
 import org.apache.tomcat.util.res.StringManager;
 
 /**
@@ -268,9 +270,11 @@ public class SecureNioChannel extends Ni
         }
 
         String hostName = null;
+        List<Cipher> clientRequestedCiphers = null;
         switch (extractor.getResult()) {
         case COMPLETE:
             hostName = extractor.getSNIValue();
+            clientRequestedCiphers = extractor.getClientRequestedCiphers();
             break;
         case NOT_PRESENT:
             // NO-OP
@@ -290,7 +294,7 @@ public class SecureNioChannel extends Ni
             log.debug(sm.getString("channel.nio.ssl.sniHostName", hostName));
         }
 
-        sslEngine = endpoint.createSSLEngine(hostName);
+        sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers);
 
         // Ensure the application buffers (which have to be created earlier) 
are
         // big enough.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to