costin      02/01/25 23:10:06

  Modified:    jk/native2/common jk_serialize_ajp.c
  Log:
  Added a small secret. I'll play with it here, but that should go into the
  old connector as well. The change is very simple and will not affect
  any old connector ( 3.2 will still be supported ). However it will allow
  a more secure setup for ajp, if both ends have the password set up.
  
  It'll be the same thing as in ajp12, it's the easist solution using
  ajp13 attribute.
  
  Revision  Changes    Path
  1.5       +12 -2     jakarta-tomcat-connectors/jk/native2/common/jk_serialize_ajp.c
  
  Index: jk_serialize_ajp.c
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/common/jk_serialize_ajp.c,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- jk_serialize_ajp.c        17 Dec 2001 07:17:08 -0000      1.4
  +++ jk_serialize_ajp.c        26 Jan 2002 07:10:05 -0000      1.5
  @@ -70,7 +70,6 @@
   #include "jk_env.h"
   #include "jk_requtil.h"
   #include "jk_msg.h"
  -#include "jk_ajp14.h"
   
   /*
    * Forward a request from the web server to the servlet container.
  @@ -133,6 +132,7 @@
   #define SC_A_REQ_ATTRIBUTE      (unsigned char)10
   /* only in if JkOptions +ForwardKeySize */
   #define SC_A_SSL_KEY_SIZE       (unsigned char)11            
  +#define SC_A_SECRET             (unsigned char)12
   #define SC_A_ARE_DONE           (unsigned char)0xFF
   
   
  @@ -170,7 +170,8 @@
       Was: ajp_marshal_into_msgb
    */
   int jk_serialize_request13(jk_env_t *env, jk_msg_t *msg,
  -                           jk_ws_service_t *s )
  +                           jk_ws_service_t *s,
  +                           jk_endpoint_t *ae)
   {
       unsigned char method;
       int i;
  @@ -299,6 +300,15 @@
               msg->appendInt(env, msg, (unsigned short) s->ssl_key_size)) {
               env->l->jkLog(env, env->l, JK_LOG_ERROR,
                             "handle.request() Error serializing SSL key size\n");
  +            return JK_FALSE;
  +        }
  +    }
  +
  +    if (ae->worker->secret ) {
  +        if (msg->appendByte(env, msg, SC_A_SECRET) ||
  +            msg->appendString(env, msg, ae->worker->secret )) {
  +            env->l->jkLog(env, env->l, JK_LOG_ERROR,
  +                          "handle.request() Error serializing secret\n");
               return JK_FALSE;
           }
       }
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to