cvs commit: jakarta-tomcat-connectors/jni/native/src jnilib.c ssl.c
mturk 2005/05/20 00:31:41
Modified:jni/java/org/apache/tomcat/jni SSL.java
jni/native/src jnilib.c ssl.c
Log:
Added SSL.initialize that needs to be called if SSL support is desired.
Revision ChangesPath
1.2 +14 -5
jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java
Index: SSL.java
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/java/org/apache/tomcat/jni/SSL.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SSL.java 20 May 2005 07:01:03 - 1.1
+++ SSL.java 20 May 2005 07:31:41 - 1.2
@@ -24,10 +24,19 @@
public final class SSL {
- /* Return OpenSSL version number */
-private static native int version();
+/* Return OpenSSL version number */
+public static native int version();
+
+/* Return OpenSSL version string */
+public static native String versionString();
+
+/**
+ * Initialize OpenSSL support.
+ * This function needs to be called once for the
+ * lifetime of JVM. Library.init() has to be called before.
+ * @return APR status code
+ */
+public static native int initialize();
- /* Return OpenSSL version string */
-private static native String versionString();
}
1.2 +1 -1 jakarta-tomcat-connectors/jni/native/src/jnilib.c
Index: jnilib.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/jnilib.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- jnilib.c 14 Jan 2005 13:47:58 - 1.1
+++ jnilib.c 20 May 2005 07:31:41 - 1.2
@@ -25,7 +25,7 @@
#include "tcn_version.h"
-static apr_pool_t *tcn_global_pool = NULL;
+apr_pool_t *tcn_global_pool = NULL;
static JavaVM *tcn_global_vm = NULL;
static jclassjString_class;
1.4 +70 -0 jakarta-tomcat-connectors/jni/native/src/ssl.c
Index: ssl.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ssl.c 20 May 2005 07:01:04 - 1.3
+++ ssl.c 20 May 2005 07:31:41 - 1.4
@@ -22,6 +22,9 @@
#ifdef HAVE_OPENSSL
#include "ssl_private.h"
+static int ssl_initialized = 0;
+extern apr_pool_t *tcn_global_pool;
+
TCN_IMPLEMENT_CALL(jint, SSL, version)(TCN_STDARGS)
{
UNREFERENCED_STDARGS;
@@ -34,9 +37,76 @@
return AJP_TO_JSTRING(OPENSSL_VERSION_TEXT);
}
+/*
+ * the various processing hooks
+ */
+static apr_status_t ssl_init_cleanup(void *data)
+{
+UNREFERENCED(data);
+/*
+ * Try to kill the internals of the SSL library.
+ */
+#if OPENSSL_VERSION_NUMBER >= 0x00907001
+/* Corresponds to OPENSSL_load_builtin_modules():
+ * XXX: borrowed from apps.h, but why not CONF_modules_free()
+ * which also invokes CONF_modules_finish()?
+ */
+CONF_modules_unload(1);
+#endif
+/* Corresponds to SSL_library_init: */
+EVP_cleanup();
+#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
+ENGINE_cleanup();
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x00907001
+CRYPTO_cleanup_all_ex_data();
+#endif
+ERR_remove_state(0);
+/* Don't call ERR_free_strings here; ERR_load_*_strings only
+ * actually load the error strings once per process due to static
+ * variable abuse in OpenSSL. */
+
+/*
+ * TODO: determine somewhere we can safely shove out diagnostics
+ * (when enabled) at this late stage in the game:
+ * CRYPTO_mem_leaks_fp(stderr);
+ */
+return APR_SUCCESS;
+}
+TCN_IMPLEMENT_CALL(jint, SSL, initialize)(TCN_STDARGS)
+{
+
+UNREFERENCED_STDARGS;
+if (!tcn_global_pool)
+return (jint)APR_EINVAL;
+/* Check if already initialized */
+if (ssl_initialized++)
+return (jint)APR_SUCCESS;
+/* We must register the library in full, to ensure our configuration
+ * code can successfully test the SSL environment.
+ */
+CRYPTO_malloc_init();
+ERR_load_crypto_strings();
+SSL_load_error_strings();
+SSL_library_init();
+#if HAVE_ENGINE_LOAD_BUILTIN_ENGINES
+ENGINE_load_builtin_engines();
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x00907001
+OPENSSL_load_builtin_modules();
+#endif
+
+/*
+ * Let us cleanup the ssl library when the module is unloaded
+ */
+apr_pool_cleanup_register(tcn_global_pool, NULL,
+ ssl_init_cleanup,
+ apr_pool_cleanup_null);
+return (jint)APR_SUCCESS;
+}
#else
cvs commit: jakarta-tomcat-connectors/jni/native/src jnilib.c ssl.c sslinfo.c
mturk 2005/06/16 04:39:12
Modified:jni/native/include ssl_private.h tcn.h
jni/native/src jnilib.c ssl.c sslinfo.c
Log:
Add more SSL infos.
Also change the tcn_new_string to allow the NULL to be passed.
Revision ChangesPath
1.30 +4 -1
jakarta-tomcat-connectors/jni/native/include/ssl_private.h
Index: ssl_private.h
===
RCS file:
/home/cvs/jakarta-tomcat-connectors/jni/native/include/ssl_private.h,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- ssl_private.h 15 Jun 2005 12:08:02 - 1.29
+++ ssl_private.h 16 Jun 2005 11:39:12 - 1.30
@@ -145,6 +145,9 @@
#define SSL_INFO_CIPHER (2)
#define SSL_INFO_CIPHER_USEKEYSIZE (3)
#define SSL_INFO_CIPHER_ALGKEYSIZE (4)
+#define SSL_INFO_CIPHER_VERSION (5)
+#define SSL_INFO_CIPHER_DESCRIPTION (6)
+#define SSL_INFO_PROTOCOL (7)
#define SSL_VERIFY_ERROR_IS_OPTIONAL(errnum) \
((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
1.18 +4 -2 jakarta-tomcat-connectors/jni/native/include/tcn.h
Index: tcn.h
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/include/tcn.h,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- tcn.h 12 Jun 2005 07:01:03 - 1.17
+++ tcn.h 16 Jun 2005 11:39:12 - 1.18
@@ -97,7 +97,9 @@
voidtcn_Throw(JNIEnv *, const char *, ...);
voidtcn_ThrowException(JNIEnv *, const char *);
voidtcn_ThrowAPRException(JNIEnv *, apr_status_t);
-jstring tcn_new_string(JNIEnv *, const char *, int);
+jstring tcn_new_string(JNIEnv *, const char *);
+jstring tcn_new_stringn(JNIEnv *, const char *, size_t);
+jbyteArray tcn_new_arrayb(JNIEnv *, const unsigned char *, size_t);
char *tcn_get_string(JNIEnv *, jstring);
char *tcn_strdup(JNIEnv *, jstring);
char *tcn_pstrdup(JNIEnv *, jstring, apr_pool_t *);
1.10 +23 -3 jakarta-tomcat-connectors/jni/native/src/jnilib.c
Index: jnilib.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/jnilib.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- jnilib.c 10 Jun 2005 10:30:18 - 1.9
+++ jnilib.c 16 Jun 2005 11:39:12 - 1.10
@@ -89,12 +89,14 @@
apr_terminate();
}
-jstring tcn_new_string(JNIEnv *env, const char *str, int l)
+jstring tcn_new_stringn(JNIEnv *env, const char *str, size_t l)
{
jstring result;
jbyteArray bytes = 0;
size_t len = l;
-
+
+if (!str)
+return NULL;
if ((*env)->EnsureLocalCapacity(env, 2) < 0) {
return NULL; /* out of memory error */
}
@@ -110,6 +112,24 @@
return NULL;
}
+jbyteArray tcn_new_arrayb(JNIEnv *env, const unsigned char *data, size_t len)
+{
+jbyteArray bytes = (*env)->NewByteArray(env, (jsize)len);
+if (bytes != NULL) {
+(*env)->SetByteArrayRegion(env, bytes, 0, (jint)len, (jbyte *)data);
+}
+return bytes;
+}
+
+
+jstring tcn_new_string(JNIEnv *env, const char *str)
+{
+if (!str)
+return NULL;
+else
+return (*env)->NewStringUTF(env, str);
+}
+
char *tcn_get_string(JNIEnv *env, jstring jstr)
{
jbyteArray bytes = NULL;
1.36 +3 -3 jakarta-tomcat-connectors/jni/native/src/ssl.c
Index: ssl.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/ssl.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- ssl.c 12 Jun 2005 07:33:08 - 1.35
+++ ssl.c 16 Jun 2005 11:39:12 - 1.36
@@ -599,7 +599,7 @@
JNIEnv *e = j->cb.env;
ret = (*e)->CallIntMethod(e, j->cb.obj,
j->cb.mid[2],
- tcn_new_string(e, in, -1));
+ tcn_new_string(e, in));
}
return ret;
}
@@ -775,7 +775,7 @@
char buf[256];
UNREFERENCED(o);
ERR_error_string(ERR_get_error(), buf);
-return tcn_new_string(e, buf, -1);
+return tcn_new_string(e, buf);
}
#else
1.3 +23 -6 jakarta-tomcat-connectors/jni/native/src/sslinfo.c
Index: sslinfo.c
===
RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslinfo.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sslinfo.c 15 Jun 2005 12:08:02 - 1
