connectorCiphers.jsp

markt Tue, 05 Jan 2016 13:39:16 -0800

Author: markt
Date: Tue Jan  5 21:38:58 2016
New Revision: 1723174

URL: http://svn.apache.org/viewvc?rev=1723174&view=rev
Log:
Mostly revert r1723165 and implement a better fix.


Modified:
    tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
    tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
    tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp

Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1723174&r1=1723173&r2=1723174&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Tue Jan  
5 21:38:58 2016
@@ -24,6 +24,7 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import java.util.Enumeration;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
@@ -61,7 +62,7 @@ import org.apache.tomcat.util.Diagnostic
 import org.apache.tomcat.util.ExceptionUtils;
 import org.apache.tomcat.util.modeler.Registry;
 import org.apache.tomcat.util.net.SSLHostConfig;
-import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
+import org.apache.tomcat.util.net.SSLHostConfigCertificate;
 import org.apache.tomcat.util.res.StringManager;
 
 
@@ -563,19 +564,16 @@ public class ManagerServlet extends Http
         writer.print(Diagnostics.getThreadDump(requestedLocales));
     }
 
-    protected void sslConnectorCiphers(PrintWriter writer, StringManager 
smClient) {
-        
writer.println(smClient.getString("managerServlet.sslConnectorCiphers"));
-        Map<String,Set<Cipher>> connectorCiphers = getConnectorCiphers();
-        for (Map.Entry<String,Set<Cipher>> entry : 
connectorCiphers.entrySet()) {
+    protected void sslConnectorCiphers(PrintWriter writer,
+            StringManager smClient) {
+        writer.println(smClient.getString(
+                "managerServlet.sslConnectorCiphers"));
+        Map<String,Set<String>> connectorCiphers = getConnectorCiphers();
+        for (Map.Entry<String,Set<String>> entry : 
connectorCiphers.entrySet()) {
             writer.println(entry.getKey());
-            if (entry.getValue() == null) {
+            for (String cipher : entry.getValue()) {
                 writer.print("  ");
-                
writer.println(smClient.getString("managerServlet.notSslConnector"));
-            } else {
-                for (Cipher cipher : entry.getValue()) {
-                    writer.print("  ");
-                    writer.println(cipher);
-                }
+                writer.println(cipher);
             }
         }
     }
@@ -1654,9 +1652,8 @@ public class ManagerServlet extends Http
     }
 
 
-    protected Map<String,Set<Cipher>> getConnectorCiphers() {
-        // TODO: Returned available ciphers rather than configured ciphers.
-        Map<String,Set<Cipher>> result = new HashMap<>();
+    protected Map<String,Set<String>> getConnectorCiphers() {
+        Map<String,Set<String>> result = new HashMap<>();
 
         Engine e = (Engine) host.getParent();
         Service s = e.getService();
@@ -1665,11 +1662,21 @@ public class ManagerServlet extends Http
             if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
                 SSLHostConfig[] sslHostConfigs = 
connector.getProtocolHandler().findSslHostConfigs();
                 for (SSLHostConfig sslHostConfig : sslHostConfigs) {
-                    result.put(connector.toString() + "-" + 
sslHostConfig.getHostName(),
-                            sslHostConfig.getCipherList());
+                    for (SSLHostConfigCertificate cert : 
sslHostConfig.getCertificates()) {
+                        String name = connector.toString() + "-" + 
sslHostConfig.getHostName() +
+                                "-" + cert.getType();
+                        Set<String> cipherList = new HashSet<>();
+                        String[] cipherNames = cert.getEnabledCiphers();
+                        for (String cipherName : cipherNames) {
+                            cipherList.add(cipherName);
+                        }
+                        result.put(name, cipherList);
+                    }
                 }
             } else {
-                result.put(connector.toString(), null);
+                Set<String> cipherList = new HashSet<>();
+                cipherList.add(sm.getString("managerServlet.notSslConnector"));
+                result.put(connector.toString(), cipherList);
             }
         }
         return result;

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java?rev=1723174&r1=1723173&r2=1723174&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java 
Tue Jan  5 21:38:58 2016
@@ -192,6 +192,11 @@ public class SSLHostConfigCertificate {
     }
 
 
+    public String[] getEnabledCiphers() {
+        return getSslContextWrapper().getEnabledCiphers();
+    }
+
+
     // Nested types
 
     public static enum Type {

Modified: tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp?rev=1723174&r1=1723173&r2=1723174&view=diff
==============================================================================
--- tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp Tue Jan  5 
21:38:58 2016
@@ -19,13 +19,12 @@
 <%@page import="java.util.Map" %>
 <%@page import="java.util.Map.Entry" %>
 <%@page import="java.util.Set" %>
-<%@page import="org.apache.tomcat.util.net.openssl.ciphers.Cipher" %>
 <!DOCTYPE html
      PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
 
 <html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en">
-<% Map<String,Set<Cipher>> cipherList = (Map<String,Set<Cipher>>) 
request.getAttribute("cipherList");
+<% Map<String,Set<String>> cipherList = (Map<String,Set<String>>) 
request.getAttribute("cipherList");
 %>
 <head>
     <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
@@ -44,27 +43,21 @@
     <thead>
         <tr>
             <th>Connector</th>
-            <th>Configured Ciphers</th>
+            <th>Enabled Ciphers</th>
         </tr>
     </thead>
     <tbody>
         <%
-        for (Map.Entry<String, Set<Cipher>> entry : cipherList.entrySet()) {
+        for (Map.Entry<String, Set<String>> entry : cipherList.entrySet()) {
         %>
         <tr>
             <td><%=entry.getKey()%></td>
             <td>
             <%
-            if (entry.getValue() == null) {
-                %>
-                    <p>Not an SSL connector.</p>
-                <%
-            } else {
-                for (Cipher cipher : entry.getValue()) {
-                %>
-                    <p><%=cipher%></p>
-                <%
-                }
+            for (String cipher : entry.getValue()) {
+            %>
+                <p><%=cipher%></p>
+            <%
             }
             %>
             </td>
@@ -75,10 +68,6 @@
     </tbody>
 </table>
 
-<p>Note: The actual ciphers available for clients to use will be the subset of
-those listed above that are supported by the SSL implementation configured for
-the connector.</p>
-
 <form method="get" action="<%=request.getContextPath()%>/html">
   <p style="text-align: center;">
     <input type="submit" value="Return to main page" />



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1723174 - in /tomcat/trunk: java/org/apache/catalina/manager/ManagerServlet.java java/org/apache/tomcat/util/net/SSLHostConfigCertificate.java webapps/manager/WEB-INF/jsp/connectorCiphers.jsp

Reply via email to