[Beepcore-java-commits] CVS: beepcore-java/tls/org/beepcore/beep/profile/tls/jsse TLSProfileJSSE.jav
Status: Beta
Brought to you by:
huston
Menu
▾
▴
[Beepcore-java-commits] CVS: beepcore-java/tls/org/beepcore/beep/profile/tls/jsse TLSProfileJSSE.java,1.8,1.9
|
From: Huston F. <hu...@us...> - 2003-09-15 15:23:37
|
Update of /cvsroot/beepcore-java/beepcore-java/tls/org/beepcore/beep/profile/tls/jsse
In directory sc8-pr-cvs1:/tmp/cvs-serv21224/tls/org/beepcore/beep/profile/tls/jsse
Modified Files:
TLSProfileJSSE.java
Log Message:
Merge from PIGGYBACK branch
Index: TLSProfileJSSE.java
===================================================================
RCS file: /cvsroot/beepcore-java/beepcore-java/tls/org/beepcore/beep/profile/tls/jsse/TLSProfileJSSE.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** TLSProfileJSSE.java 3 Jun 2003 02:43:43 -0000 1.8
--- TLSProfileJSSE.java 15 Sep 2003 15:23:32 -0000 1.9
***************
*** 33,37 ****
--- 33,40 ----
import java.security.KeyStore;
+ import java.io.BufferedReader;
import java.io.FileInputStream;
+ import java.io.InputStreamReader;
+ import java.io.IOException;
import org.apache.commons.logging.Log;
***************
*** 52,56 ****
*/
public class TLSProfileJSSE extends TLSProfile
! implements Profile, StartChannelListener {
// Constants
--- 55,59 ----
*/
public class TLSProfileJSSE extends TLSProfile
! implements Profile, StartChannelListener, RequestHandler {
// Constants
***************
*** 178,181 ****
--- 181,255 ----
}
+ class BeepListenerHCL implements HandshakeCompletedListener {
+
+ Channel channel;
+ boolean notifiedHandshake = false;
+ boolean waitingForHandshake = false;
+
+ BeepListenerHCL(Channel tuningChannel)
+ {
+ this.channel = tuningChannel;
+ }
+
+ public void handshakeCompleted(HandshakeCompletedEvent event)
+ {
+ Session oldSession = channel.getSession();
+
+ log.debug("HandshakeCompleted");
+ synchronized (handshakeListeners) {
+ Iterator i = TLSProfileJSSE.handshakeListeners.iterator();
+
+ while (i.hasNext()) {
+ TLSProfileJSSEHandshakeCompletedListener l =
+ (TLSProfileJSSEHandshakeCompletedListener) i.next();
+
+ if (l.handshakeCompleted(oldSession, event) == false) {
+ BEEPError e =
+ new BEEPError(BEEPError.CODE_REQUESTED_ACTION_ABORTED,
+ ERR_TLS_NO_AUTHENTICATION);
+ TLSProfileJSSE.this.abort(e, channel);
+
+ return;
+ }
+ }
+ }
+
+ Hashtable h = new Hashtable();
+
+ try {
+ h.put(SessionCredential.AUTHENTICATOR,
+ event.getPeerCertificateChain()[0].getSubjectDN().getName());
+ h.put(SessionCredential.REMOTE_CERTIFICATE,
+ event.getPeerCertificateChain());
+ } catch (SSLPeerUnverifiedException e) {
+ h.put(SessionCredential.AUTHENTICATOR, "");
+ h.put(SessionCredential.REMOTE_CERTIFICATE, "");
+ }
+
+ ProfileRegistry preg = oldSession.getProfileRegistry();
+
+ preg.removeStartChannelListener(uri);
+
+ Hashtable hash = new Hashtable();
+
+ hash.put(SessionTuningProperties.ENCRYPTION, "true");
+
+ SessionTuningProperties tuning =
+ new SessionTuningProperties(hash);
+
+ // Cause the session to be recreated and reset
+ try {
+ TLSProfileJSSE.this.complete(channel, generateCredential(),
+ new SessionCredential(h), tuning,
+ preg, event.getSocket());
+ } catch (BEEPException e) {
+ BEEPError error =
+ new BEEPError(BEEPError.CODE_REQUESTED_ACTION_ABORTED,
+ ERR_TLS_NO_AUTHENTICATION);
+ TLSProfileJSSE.this.abort(error, channel);
+ }
+ }
+ }
+
/**
* TLS provides encryption and optionally authentication for a session
***************
*** 459,481 ****
throws StartChannelException
{
! try {
! TCPSession oldSession = (TCPSession) channel.getSession();
! // if the data is <ready/> then respond with <proceed/>
! if (data != null) {
! // If data is a ready, prepare a message of proceed to
! // send to the begin call
! if (data.equals(READY1) || data.equals(READY2)) {
! data = PROCEED2;
! }
}
! // Freeze this Peer
! // Send a profile back with data in the 3rd argument
! this.begin(channel, uri, data);
! // Negotiate TLS with the Socket
! Socket oldSocket = oldSession.getSocket();
SSLSocket newSocket =
(SSLSocket) socketFactory.createSocket(oldSocket,
--- 533,574 ----
throws StartChannelException
{
! channel.setRequestHandler(this, true);
! }
! public void receiveMSG(MessageMSG msg)
! {
! Channel channel = msg.getChannel();
! InputDataStreamAdapter is = msg.getDataStream().getInputStream();
!
! BufferedReader reader = new BufferedReader(new InputStreamReader(is));
!
! String data;
!
! try {
! try {
! data = reader.readLine();
! } catch (IOException e) {
! msg.sendERR(BEEPError.CODE_PARAMETER_ERROR,
! "Error reading data");
! return;
! }
!
! if (data.equals(READY1) == false && data.equals(READY2) == false) {
! msg.sendERR(BEEPError.CODE_PARAMETER_INVALID,
! "Expected READY element");
}
! this.begin(channel);
!
! msg.sendRPY(new StringOutputDataStream(PROCEED2));
! } catch (BEEPException e1) {
! channel.getSession().terminate("unable to send ERR");
! return;
! }
! try {
! Socket oldSocket = ((TCPSession) channel.getSession()).getSocket();
! /** @TODO add support for serverName */
SSLSocket newSocket =
(SSLSocket) socketFactory.createSocket(oldSocket,
***************
*** 483,487 ****
oldSocket.getPort(),
true);
! TLSHandshake l = new TLSHandshake();
newSocket.addHandshakeCompletedListener(l);
--- 576,581 ----
oldSocket.getPort(),
true);
!
! BeepListenerHCL l = new BeepListenerHCL(channel);
newSocket.addHandshakeCompletedListener(l);
***************
*** 490,538 ****
newSocket.setEnabledCipherSuites(newSocket.getSupportedCipherSuites());
- l.session = channel.getSession();
-
newSocket.startHandshake();
!
! synchronized (l) {
! if (!l.notifiedHandshake) {
! l.waitingForHandshake = true;
!
! l.wait();
!
! l.waitingForHandshake = false;
! }
! }
!
! // Consider the Profile Registry
! ProfileRegistry preg = oldSession.getProfileRegistry();
!
! preg.removeStartChannelListener(uri);
!
! if (abortSession) {
! this.abort(new BEEPError(451, ERR_TLS_NO_AUTHENTICATION),
! channel);
! } else {
! Hashtable hash = new Hashtable();
!
! hash.put(SessionTuningProperties.ENCRYPTION, "true");
!
! SessionTuningProperties tuning =
! new SessionTuningProperties(hash);
!
! // Cause the session to be recreated and reset
! this.complete(channel, generateCredential(), l.cred, tuning,
! preg, newSocket);
! }
! } catch (Exception x) {
!
! // @todo should be more detailed
! log.error(x.getMessage());
!
! throw new StartChannelException(450, x.getMessage());
}
-
- throw new TuningResetException(uri);
}
!
/**
* Called when the underlying BEEP framework receives
--- 584,594 ----
newSocket.setEnabledCipherSuites(newSocket.getSupportedCipherSuites());
newSocket.startHandshake();
! } catch (IOException e) {
! channel.getSession().terminate("TLS error: " + e.getMessage());
! return;
}
}
!
/**
* Called when the underlying BEEP framework receives
|
