Author: remm
Date: Fri Jun 26 08:45:09 2015
New Revision: 1687715
URL: http://svn.apache.org/r1687715
Log:
Port r1607309 and followups to add header configuration for the SSLValve.
Modified:
tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/SSLValve.java
tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml
Modified: tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/SSLValve.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/SSLValve.java?rev=1687715&r1=1687714&r2=1687715&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/SSLValve.java
(original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/catalina/valves/SSLValve.java Fri Jun
26 08:45:09 2015
@@ -64,6 +64,10 @@ public class SSLValve extends ValveBase
private static final Log log = LogFactory.getLog(SSLValve.class);
+ private String sslClientCertHeader = "ssl_client_cert";
+ private String sslCipherHeader = "ssl_cipher";
+ private String sslSessionIdHeader = "ssl_session_id";
+ private String sslCipherUserKeySizeHeader = "ssl_cipher_usekeysize";
//------------------------------------------------------ Constructor
public SSLValve() {
@@ -71,6 +75,38 @@ public class SSLValve extends ValveBase
}
+ public String getSslClientCertHeader() {
+ return sslClientCertHeader;
+ }
+
+ public void setSslClientCertHeader(String sslClientCertHeader) {
+ this.sslClientCertHeader = sslClientCertHeader;
+ }
+
+ public String getSslCipherHeader() {
+ return sslCipherHeader;
+ }
+
+ public void setSslCipherHeader(String sslCipherHeader) {
+ this.sslCipherHeader = sslCipherHeader;
+ }
+
+ public String getSslSessionIdHeader() {
+ return sslSessionIdHeader;
+ }
+
+ public void setSslSessionIdHeader(String sslSessionIdHeader) {
+ this.sslSessionIdHeader = sslSessionIdHeader;
+ }
+
+ public String getSslCipherUserKeySizeHeader() {
+ return sslCipherUserKeySizeHeader;
+ }
+
+ public void setSslCipherUserKeySizeHeader(String
sslCipherUserKeySizeHeader) {
+ this.sslCipherUserKeySizeHeader = sslCipherUserKeySizeHeader;
+ }
+
public String mygetHeader(Request request, String header) {
String strcert0 = request.getHeader(header);
@@ -88,7 +124,7 @@ public class SSLValve extends ValveBase
throws IOException, ServletException {
/* mod_header converts the '\n' into ' ' so we have to rebuild the
client certificate */
- String strcert0 = mygetHeader(request, "ssl_client_cert");
+ String strcert0 = mygetHeader(request, sslClientCertHeader);
if (strcert0 != null && strcert0.length()>28) {
String strcert1 = strcert0.replace(' ', '\n');
String strcert2 = strcert1.substring(28, strcert1.length()-26);
@@ -119,16 +155,16 @@ public class SSLValve extends ValveBase
}
request.setAttribute(Globals.CERTIFICATES_ATTR, jsseCerts);
}
- strcert0 = mygetHeader(request, "ssl_cipher");
+ strcert0 = mygetHeader(request, sslCipherHeader);
if (strcert0 != null) {
request.setAttribute(Globals.CIPHER_SUITE_ATTR, strcert0);
}
- strcert0 = mygetHeader(request, "ssl_session_id");
+ strcert0 = mygetHeader(request, sslSessionIdHeader);
if (strcert0 != null) {
request.setAttribute(Globals.SSL_SESSION_ID_ATTR, strcert0);
request.setAttribute(Globals.SSL_SESSION_ID_TOMCAT_ATTR, strcert0);
}
- strcert0 = mygetHeader(request, "ssl_cipher_usekeysize");
+ strcert0 = mygetHeader(request, sslCipherUserKeySizeHeader);
if (strcert0 != null) {
request.setAttribute(Globals.KEY_SIZE_ATTR,
Integer.valueOf(strcert0));
Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1687715&r1=1687714&r2=1687715&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Fri Jun 26 08:45:09 2015
@@ -107,6 +107,9 @@
<bug>57700</bug>: Ensure that Container event
<code>ADD_CHILD_EVENT</code> will be sent in all cases. (violetagg)
</fix>
+ <fix>
+ Add configuration fields for header names in SSLValve. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
Modified: tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml?rev=1687715&r1=1687714&r2=1687715&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/config/valve.xml Fri Jun 26 08:45:09 2015
@@ -876,6 +876,30 @@
</p>
</attribute>
+ <attribute name="sslClientCertHeader" required="false">
+ <p>Allows setting a custom name for the ssl_client_cert header.
+ If not specified, the default of <code>ssl_client_cert</code> is
+ used.</p>
+ </attribute>
+
+ <attribute name="sslCipherHeader" required="false">
+ <p>Allows setting a custom name for the ssl_cipher header.
+ If not specified, the default of <code>ssl_cipher</code> is
+ used.</p>
+ </attribute>
+
+ <attribute name="sslSessionIdHeader" required="false">
+ <p>Allows setting a custom name for the ssl_session_id header.
+ If not specified, the default of <code>ssl_session_id</code> is
+ used.</p>
+ </attribute>
+
+ <attribute name="sslCipherUserKeySizeHeader" required="false">
+ <p>Allows setting a custom name for the ssl_cipher_usekeysize header.
+ If not specified, the default of <code>ssl_cipher_usekeysize</code> is
+ used.</p>
+ </attribute>
+
</attributes>
</subsection>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
