Hi dims: I just cut the 1.1 bits (they're in dist/1_1) late last night, and was about to ask the folks here to give them a quick test before I announce to the world at large... should I rebuild the kits with these changes?
--Glen > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Sunday, June 08, 2003 10:24 AM > To: [EMAIL PROTECTED] > Subject: cvs commit: xml-axis/java/src/org/apache/axis/components/net > IBMJSSESocketFactory.java JSSESocketFactory.java > SunJSSESocketFactory.java > > > dims 2003/06/08 07:23:40 > > Modified: java/src/org/apache/axis/components/net > IBMJSSESocketFactory.java > JSSESocketFactory.java > SunJSSESocketFactory.java > Log: > Cleanup and tested non-default socket factories > > Revision Changes Path > 1.6 +2 -133 > xml-axis/java/src/org/apache/axis/components/net/IBMJSSESocket > Factory.java > > Index: IBMJSSESocketFactory.java > =================================================================== > RCS file: > /home/cvs/xml-axis/java/src/org/apache/axis/components/net/IBM > JSSESocketFactory.java,v > retrieving revision 1.5 > retrieving revision 1.6 > diff -u -r1.5 -r1.6 > --- IBMJSSESocketFactory.java 22 Apr 2003 19:34:11 > -0000 1.5 > +++ IBMJSSESocketFactory.java 8 Jun 2003 14:23:40 > -0000 1.6 > @@ -83,7 +83,7 @@ > * > * @author Davanum Srinivas ([EMAIL PROTECTED]) > */ > -public class IBMJSSESocketFactory extends > DefaultSocketFactory implements SecureSocketFactory { > +public class IBMJSSESocketFactory extends > JSSESocketFactory implements SecureSocketFactory { > > /** Field keystoreType */ > private String keystoreType; > @@ -103,9 +103,6 @@ > /** Field clientAuth */ > private boolean clientAuth = false; > > - /** Field sslFactory */ > - private SSLSocketFactory sslFactory = null; > - > /** Field defaultKeystoreFile */ > static String defaultKeystoreFile = > System.getProperty("user.home") + "/.keystore"; > @@ -123,134 +120,6 @@ > } > > /** > - * creates a secure socket > - * > - * @param host > - * @param port > - * @param otherHeaders > - * @param useFullURL > - * > - * @return Socket > - * @throws Exception > - */ > - public Socket create( > - String host, int port, StringBuffer > otherHeaders, BooleanHolder useFullURL) > - throws Exception { > - Socket sslSocket = null; > - if (sslFactory == null) { > - initFactory(); > - } > - if (port == -1) { > - port = 443; > - } > - > - TransportClientProperties tcp = > TransportClientPropertiesFactory.create("https"); > - > - boolean hostInNonProxyList = > isHostInNonProxyList(host, tcp.getNonProxyHosts()); > - > - if (tcp.getProxyHost().length() == 0 || > hostInNonProxyList) { > - // direct SSL connection > - sslSocket = sslFactory.createSocket(host, port); > - } else { > - > - // Default proxy port is 80, even for https > - int tunnelPort = (tcp.getProxyPort().length() != 0) > - ? Integer.parseInt(tcp.getProxyPort()) > - : 80; > - if (tunnelPort < 0) > - tunnelPort = 80; > - > - // Create the regular socket connection to the proxy > - Socket tunnel = new Socket(tcp.getProxyHost(), > tunnelPort); > - > - // The tunnel handshake method (condensed and > made reflexive) > - OutputStream tunnelOutputStream = > tunnel.getOutputStream(); > - PrintWriter out = new PrintWriter( > - new BufferedWriter(new > OutputStreamWriter(tunnelOutputStream))); > - > - // More secure version... engage later? > - // PasswordAuthentication pa = > - // Authenticator.requestPasswordAuthentication( > - // InetAddress.getByName(tunnelHost), > - // tunnelPort, "SOCK", "Proxy","HTTP"); > - // if(pa == null){ > - // printDebug("No Authenticator set."); > - // }else{ > - // printDebug("Using Authenticator."); > - // tunnelUser = pa.getUserName(); > - // tunnelPassword = new String(pa.getPassword()); > - // } > - out.print("CONNECT " + host + ":" + port + " > HTTP/1.0\r\n" > - + "User-Agent: AxisClient"); > - if (tcp.getProxyUser().length() != 0 && > - tcp.getProxyPassword().length() != 0) { > - > - // add basic authentication header for the proxy > - String encodedPassword = > XMLUtils.base64encode((tcp.getProxyUser() > - + ":" > - + tcp.getProxyPassword()).getBytes()); > - > - out.print("\nProxy-Authorization: Basic " > + encodedPassword); > - } > - out.print("\nContent-Length: 0"); > - out.print("\nPragma: no-cache"); > - out.print("\r\n\r\n"); > - out.flush(); > - InputStream tunnelInputStream = > tunnel.getInputStream(); > - > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("isNull00", > "tunnelInputStream", > - "" + (tunnelInputStream > - == null))); > - } > - String replyStr = ""; > - > - // Make sure to read all the response from the > proxy to prevent SSL negotiation failure > - // Response message terminated by two > sequential newlines > - int newlinesSeen = 0; > - boolean headerDone = false; /* Done on > first newline */ > - > - while (newlinesSeen < 2) { > - int i = tunnelInputStream.read(); > - > - if (i < 0) { > - throw new IOException("Unexpected EOF > from proxy"); > - } > - if (i == '\n') { > - headerDone = true; > - ++newlinesSeen; > - } else if (i != '\r') { > - newlinesSeen = 0; > - if (!headerDone) { > - replyStr += String.valueOf((char) i); > - } > - } > - } > - if (!replyStr.startsWith("HTTP/1.0 200") > - && !replyStr.startsWith("HTTP/1.1 200")) { > - throw new > IOException(Messages.getMessage("cantTunnel00", > - new String[]{ > - tcp.getProxyHost(), > - "" + tunnelPort, > - replyStr})); > - } > - > - // End of condensed reflective tunnel handshake method > - sslSocket = sslFactory.createSocket(tunnel, > host, port, true); > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("setupTunnel00", > - tcp.getProxyHost(), > - "" + tunnelPort)); > - } > - } > - ((SSLSocket) sslSocket).startHandshake(); > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("createdSSL00")); > - } > - return sslSocket; > - } > - > - /** > * Read the keystore, init the SSL socket factory > * > * @throws IOException > @@ -259,7 +128,7 @@ > > try { > Security.addProvider(new com.ibm.jsse.JSSEProvider()); > - Security.addProvider(new > com.ibm.crypto.provider.IBMJCA()); > + Security.addProvider(new > com.ibm.crypto.provider.IBMJCE()); > > if(attributes == null) { > //No configuration specified. Get the default. > > > > 1.12 +12 -1 > xml-axis/java/src/org/apache/axis/components/net/JSSESocketFac > tory.java > > Index: JSSESocketFactory.java > =================================================================== > RCS file: > /home/cvs/xml-axis/java/src/org/apache/axis/components/net/JSS > ESocketFactory.java,v > retrieving revision 1.11 > retrieving revision 1.12 > diff -u -r1.11 -r1.12 > --- JSSESocketFactory.java 22 Apr 2003 19:34:11 -0000 1.11 > +++ JSSESocketFactory.java 8 Jun 2003 14:23:40 -0000 1.12 > @@ -80,7 +80,7 @@ > public class JSSESocketFactory extends > DefaultSocketFactory implements SecureSocketFactory { > > /** Field sslFactory */ > - private static final SSLSocketFactory sslFactory = > (SSLSocketFactory)SSLSocketFactory.getDefault(); > + protected SSLSocketFactory sslFactory = null; > > /** > * Constructor JSSESocketFactory > @@ -92,6 +92,14 @@ > } > > /** > + * Initialize the SSLSocketFactory > + * @throws IOException > + */ > + protected void initFactory() throws IOException { > + sslFactory = > (SSLSocketFactory)SSLSocketFactory.getDefault(); > + } > + > + /** > * creates a secure socket > * > * @param host > @@ -105,6 +113,9 @@ > public Socket create( > String host, int port, StringBuffer > otherHeaders, BooleanHolder useFullURL) > throws Exception { > + if (sslFactory == null) { > + initFactory(); > + } > if (port == -1) { > port = 443; > } > > > > 1.6 +2 -133 > xml-axis/java/src/org/apache/axis/components/net/SunJSSESocket > Factory.java > > Index: SunJSSESocketFactory.java > =================================================================== > RCS file: > /home/cvs/xml-axis/java/src/org/apache/axis/components/net/Sun > JSSESocketFactory.java,v > retrieving revision 1.5 > retrieving revision 1.6 > diff -u -r1.5 -r1.6 > --- SunJSSESocketFactory.java 6 Jun 2003 20:16:44 > -0000 1.5 > +++ SunJSSESocketFactory.java 8 Jun 2003 14:23:40 > -0000 1.6 > @@ -79,7 +79,7 @@ > * > * @author Davanum Srinivas ([EMAIL PROTECTED]) > */ > -public class SunJSSESocketFactory extends > DefaultSocketFactory implements SecureSocketFactory { > +public class SunJSSESocketFactory extends > JSSESocketFactory implements SecureSocketFactory { > > /** Field keystoreType */ > private String keystoreType; > @@ -99,9 +99,6 @@ > /** Field clientAuth */ > private boolean clientAuth = false; > > - /** Field sslFactory */ > - private SSLSocketFactory sslFactory = null; > - > /** Field defaultKeystoreFile */ > static String defaultKeystoreFile = > System.getProperty("user.home") + "/.keystore"; > @@ -119,139 +116,11 @@ > } > > /** > - * creates a secure socket > - * > - * @param host > - * @param port > - * @param otherHeaders > - * @param useFullURL > - * > - * @return Socket > - * @throws Exception > - */ > - public Socket create( > - String host, int port, StringBuffer > otherHeaders, BooleanHolder useFullURL) > - throws Exception { > - Socket sslSocket = null; > - if (sslFactory == null) { > - initFactory(); > - } > - if (port == -1) { > - port = 443; > - } > - > - TransportClientProperties tcp = > TransportClientPropertiesFactory.create("https"); > - > - boolean hostInNonProxyList = > isHostInNonProxyList(host, tcp.getNonProxyHosts()); > - > - if (tcp.getProxyHost().length() == 0 || > hostInNonProxyList) { > - // direct SSL connection > - sslSocket = sslFactory.createSocket(host, port); > - } else { > - > - // Default proxy port is 80, even for https > - int tunnelPort = (tcp.getProxyPort().length() != 0) > - ? Integer.parseInt(tcp.getProxyPort()) > - : 80; > - if (tunnelPort < 0) > - tunnelPort = 80; > - > - // Create the regular socket connection to the proxy > - Socket tunnel = new Socket(tcp.getProxyHost(), > tunnelPort); > - > - // The tunnel handshake method (condensed and > made reflexive) > - OutputStream tunnelOutputStream = > tunnel.getOutputStream(); > - PrintWriter out = new PrintWriter( > - new BufferedWriter(new > OutputStreamWriter(tunnelOutputStream))); > - > - // More secure version... engage later? > - // PasswordAuthentication pa = > - // Authenticator.requestPasswordAuthentication( > - // InetAddress.getByName(tunnelHost), > - // tunnelPort, "SOCK", "Proxy","HTTP"); > - // if(pa == null){ > - // printDebug("No Authenticator set."); > - // }else{ > - // printDebug("Using Authenticator."); > - // tunnelUser = pa.getUserName(); > - // tunnelPassword = new String(pa.getPassword()); > - // } > - out.print("CONNECT " + host + ":" + port + " > HTTP/1.0\r\n" > - + "User-Agent: AxisClient"); > - if (tcp.getProxyUser().length() != 0 && > - tcp.getProxyPassword().length() != 0) { > - > - // add basic authentication header for the proxy > - String encodedPassword = > XMLUtils.base64encode((tcp.getProxyUser() > - + ":" > - + tcp.getProxyPassword()).getBytes()); > - > - out.print("\nProxy-Authorization: Basic " > + encodedPassword); > - } > - out.print("\nContent-Length: 0"); > - out.print("\nPragma: no-cache"); > - out.print("\r\n\r\n"); > - out.flush(); > - InputStream tunnelInputStream = > tunnel.getInputStream(); > - > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("isNull00", > "tunnelInputStream", > - "" + (tunnelInputStream > - == null))); > - } > - String replyStr = ""; > - > - // Make sure to read all the response from the > proxy to prevent SSL negotiation failure > - // Response message terminated by two > sequential newlines > - int newlinesSeen = 0; > - boolean headerDone = false; /* Done on > first newline */ > - > - while (newlinesSeen < 2) { > - int i = tunnelInputStream.read(); > - > - if (i < 0) { > - throw new IOException("Unexpected EOF > from proxy"); > - } > - if (i == '\n') { > - headerDone = true; > - ++newlinesSeen; > - } else if (i != '\r') { > - newlinesSeen = 0; > - if (!headerDone) { > - replyStr += String.valueOf((char) i); > - } > - } > - } > - if (!replyStr.startsWith("HTTP/1.0 200") > - && !replyStr.startsWith("HTTP/1.1 200")) { > - throw new > IOException(Messages.getMessage("cantTunnel00", > - new String[]{ > - tcp.getProxyHost(), > - "" + tunnelPort, > - replyStr})); > - } > - > - // End of condensed reflective tunnel handshake method > - sslSocket = sslFactory.createSocket(tunnel, > host, port, true); > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("setupTunnel00", > - tcp.getProxyHost(), > - "" + tunnelPort)); > - } > - } > - ((SSLSocket) sslSocket).startHandshake(); > - if (log.isDebugEnabled()) { > - log.debug(Messages.getMessage("createdSSL00")); > - } > - return sslSocket; > - } > - > - /** > * Read the keystore, init the SSL socket factory > * > * @throws IOException > */ > - private void initFactory() throws IOException { > + protected void initFactory() throws IOException { > > try { > Security.addProvider(new sun.security.provider.Sun()); > > > >
