[Beepcore-java-commits] CVS: beepcore-java/tls/org/beepcore/beep/profile/tls/ptls TLSProfilePureTLS.
Status: Beta
Brought to you by:
huston
Menu
▾
▴
[Beepcore-java-commits] CVS: beepcore-java/tls/org/beepcore/beep/profile/tls/ptls TLSProfilePureTLS.java,1.7,1.7.2.1
|
From: Huston F. <hu...@us...> - 2003-09-15 13:59:50
|
Update of /cvsroot/beepcore-java/beepcore-java/tls/org/beepcore/beep/profile/tls/ptls
In directory sc8-pr-cvs1:/tmp/cvs-serv1975/tls/org/beepcore/beep/profile/tls/ptls
Modified Files:
Tag: PIGGYBACKED
TLSProfilePureTLS.java
Log Message:
Cleaned up piggybacked message handling, removed references to TuningResetException.
Index: TLSProfilePureTLS.java
===================================================================
RCS file: /cvsroot/beepcore-java/beepcore-java/tls/org/beepcore/beep/profile/tls/ptls/TLSProfilePureTLS.java,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -C2 -r1.7 -r1.7.2.1
*** TLSProfilePureTLS.java 3 Jun 2003 02:50:53 -0000 1.7
--- TLSProfilePureTLS.java 15 Sep 2003 13:59:44 -0000 1.7.2.1
***************
*** 3,7 ****
*
* Copyright (c) 2001 Invisible Worlds, Inc. All rights reserved.
! * Copyright (c) 2001 Huston Franklin. All rights reserved.
*
* The contents of this file are subject to the Blocks Public License (the
--- 3,7 ----
*
* Copyright (c) 2001 Invisible Worlds, Inc. All rights reserved.
! * Copyright (c) 2003 Huston Franklin. All rights reserved.
*
* The contents of this file are subject to the Blocks Public License (the
***************
*** 36,40 ****
--- 36,42 ----
import COM.claymoresystems.cert.*;
+ import java.io.BufferedReader;
import java.io.IOException;
+ import java.io.InputStreamReader;
***************
*** 62,66 ****
*/
public class TLSProfilePureTLS extends TuningProfile
! implements StartChannelListener
{
--- 64,68 ----
*/
public class TLSProfilePureTLS extends TuningProfile
! implements StartChannelListener, RequestHandler
{
***************
*** 374,397 ****
throws StartChannelException
{
! TCPSession oldSession = (TCPSession) channel.getSession();
! // if the data is <ready/> then respond with <proceed/>
! if (data != null) {
! // If data is a ready, prepare a message of proceed to
! // send to the begin call
! if (data.equals(READY1) || data.equals(READY2)) {
! data = PROCEED2;
! }
}
! // Freeze this Peer
! // SSLDebug.setDebug( SSLDebug.DEBUG_ALL );
SSLSocket newSocket = null;
SessionCredential peerCred = null;
try {
- // Send a profile back with dat "<proceed />"
- this.begin(channel, URI, data);
-
// negotiate TLS over a new socket
context.setPolicy(policy);
--- 376,421 ----
throws StartChannelException
{
! channel.setRequestHandler(this, true);
! }
!
! /// @TODO Fix error handling in this method
! public void receiveMSG(MessageMSG msg)
! {
! Channel channel = msg.getChannel();
! InputDataStreamAdapter is = msg.getDataStream().getInputStream();
! BufferedReader reader = new BufferedReader(new InputStreamReader(is));
!
! String data;
!
! try {
! try {
! data = reader.readLine();
! } catch (IOException e) {
! msg.sendERR(BEEPError.CODE_PARAMETER_ERROR,
! "Error reading data");
! return;
! }
!
! if (data.equals(READY1) == false && data.equals(READY2) == false) {
! msg.sendERR(BEEPError.CODE_PARAMETER_INVALID,
! "Expected READY element");
}
! this.begin(channel);
!
! msg.sendRPY(new StringOutputDataStream(PROCEED2));
! } catch (BEEPException e) {
! log.error("TLS Error", e);
! channel.getSession().terminate("unable to send ERR");
! return;
! }
!
! TCPSession oldSession = (TCPSession) channel.getSession();
!
SSLSocket newSocket = null;
SessionCredential peerCred = null;
try {
// negotiate TLS over a new socket
context.setPolicy(policy);
***************
*** 403,432 ****
oldSocket.getInetAddress().getHostName(),
oldSocket.getPort(), SSLSocket.SERVER);
- } catch (BEEPException e) {
- log.error(e.getMessage());
- e.printStackTrace();
- oldSession.terminate(e.getMessage());
} catch (SSLThrewAlertException e) {
! log.error(e.getMessage());
! e.printStackTrace();
! oldSession.terminate(e.getMessage());
} catch (IOException e) {
! log.error(e.getMessage());
! e.printStackTrace();
! oldSession.terminate(e.getMessage());
}
try {
- // get the credentials of the peer
- Vector cc = null;
-
if (needPeerAuth) {
cc = newSocket.getCertificateChain();
if (cc == null) {
log.trace("No certificate chain when there should be one.");
! throw new StartChannelException(550, "No certificate " +
! "chain when there " +
"should be one. ");
}
Enumeration enum = cc.elements();
while (enum.hasMoreElements()) {
--- 427,455 ----
oldSocket.getInetAddress().getHostName(),
oldSocket.getPort(), SSLSocket.SERVER);
} catch (SSLThrewAlertException e) {
! log.error("TLS Error", e);
! channel.getSession().terminate(e.getMessage());
! return;
} catch (IOException e) {
! log.error("TLS Error", e);
! channel.getSession().terminate(e.getMessage());
! return;
}
+ // get the credentials of the peer
+ Vector cc = null;
+ int cs;
+
try {
if (needPeerAuth) {
cc = newSocket.getCertificateChain();
if (cc == null) {
log.trace("No certificate chain when there should be one.");
! msg.sendERR(BEEPError.CODE_REQUESTED_ACTION_NOT_TAKEN2,
! "No certificate chain when there " +
"should be one. ");
+ return;
}
+
Enumeration enum = cc.elements();
while (enum.hasMoreElements()) {
***************
*** 442,447 ****
}
! int cs = newSocket.getCipherSuite();
// verify that this is authenticated and authorized
if (handshakeListener != null) {
--- 465,480 ----
}
! cs = newSocket.getCipherSuite();
! } catch (BEEPException e) {
! log.error("TLS Error", e);
! channel.getSession().terminate("unable to send ERR");
! return;
! } catch (IOException e) {
! log.error("TLS Error", e);
! channel.getSession().terminate(e.getMessage());
! return;
! }
+ try {
// verify that this is authenticated and authorized
if (handshakeListener != null) {
***************
*** 450,500 ****
handshakeListener.handshakeCompleted(oldSession, cc, cs);
}
! // create the peer credential
! Hashtable ht = new Hashtable();
!
! ht.put(SessionCredential.AUTHENTICATOR, URI);
! ht.put(SessionCredential.ALGORITHM,
! SSLPolicyInt.getCipherSuiteName(cs));
! ht.put(SessionCredential.AUTHENTICATOR_TYPE, "TLS");
!
! if (cc != null) {
! ht.put(SessionCredential.REMOTE_CERTIFICATE, cc.elementAt(0));
! }
!
! peerCred = new SessionCredential(ht);
! // Consider the Profile Registry
! ProfileRegistry preg = oldSession.getProfileRegistry();
! preg.removeStartChannelListener(URI);
! if (abortSession) {
! this.abort(new BEEPError(451, ERR_TLS_NO_AUTHENTICATION),
! channel);
! } else {
! // Cause the session to be recreated and reset
! Hashtable hash = new Hashtable();
! hash.put(SessionTuningProperties.ENCRYPTION, "true");
! SessionTuningProperties tuning =
! new SessionTuningProperties(hash);
! this.complete(channel, generateCredential(), peerCred,
! tuning, preg, newSocket);
! }
! } catch (Exception x) {
! // @todo should be more detailed
! log.error(x.getMessage());
! x.printStackTrace();
! throw new StartChannelException(450, x.getMessage());
}
-
- throw new TuningResetException(URI);
}
/**
--- 483,530 ----
handshakeListener.handshakeCompleted(oldSession, cc, cs);
}
+ } catch (BEEPException e) {
+ log.error("BEEP Handshake error", e);
+ channel.getSession().terminate("BEEP Handshake error");
+ return;
+ }
! // create the peer credential
! Hashtable ht = new Hashtable();
! ht.put(SessionCredential.AUTHENTICATOR, URI);
! ht.put(SessionCredential.ALGORITHM,
! SSLPolicyInt.getCipherSuiteName(cs));
! ht.put(SessionCredential.AUTHENTICATOR_TYPE, "TLS");
! if (cc != null) {
! ht.put(SessionCredential.REMOTE_CERTIFICATE, cc.elementAt(0));
! }
! peerCred = new SessionCredential(ht);
! // Cause the session to be recreated and reset
! Hashtable hash = new Hashtable();
! hash.put(SessionTuningProperties.ENCRYPTION, "true");
! SessionTuningProperties tuning =
! new SessionTuningProperties(hash);
! // Consider the Profile Registry
! ProfileRegistry preg = oldSession.getProfileRegistry();
! preg.removeStartChannelListener(URI);
! try {
! this.complete(channel, generateCredential(), peerCred,
! tuning, preg, newSocket);
! } catch (BEEPException x) {
! BEEPError error =
! new BEEPError(BEEPError.CODE_REQUESTED_ACTION_ABORTED,
! ERR_TLS_NO_AUTHENTICATION);
! abort(error, channel);
}
}
+
/**
***************
*** 584,591 ****
} catch (SSLThrewAlertException e) {
session.terminate(e.getMessage());
! throw new BEEPException(e.getMessage());
} catch (IOException e) {
session.terminate(e.getMessage());
! throw new BEEPException(e.getMessage());
}
--- 614,621 ----
} catch (SSLThrewAlertException e) {
session.terminate(e.getMessage());
! throw new BEEPException(e);
} catch (IOException e) {
session.terminate(e.getMessage());
! throw new BEEPException(e);
}
|
