[Jboss-svn-commits] JBL Code SVN: r4535 - labs/jbossweb/trunk/src/share/classes/org/apache/catalina/servlets/php

[<jbo...@li...>]

Author: jfr...@jb...
Date: 2006-05-31 17:51:27 -0400 (Wed, 31 May 2006)
New Revision: 4535

Modified:
   labs/jbossweb/trunk/src/share/classes/org/apache/catalina/servlets/php/ScriptEnvironment.java
Log:
Fill the environmnent variables with the SSL information.


Modified: labs/jbossweb/trunk/src/share/classes/org/apache/catalina/servlets/php/ScriptEnvironment.java
===================================================================
--- labs/jbossweb/trunk/src/share/classes/org/apache/catalina/servlets/php/ScriptEnvironment.java	2006-05-31 20:49:43 UTC (rev 4534)
+++ labs/jbossweb/trunk/src/share/classes/org/apache/catalina/servlets/php/ScriptEnvironment.java	2006-05-31 21:51:27 UTC (rev 4535)
@@ -58,7 +58,7 @@
      * The Request attribute key for the client certificate chain.
      */
     private static final String CERTIFICATE_KEY = "javax.servlet.request.X509Certificate";
-    private static final String CIPHER_SUITE    = "javax.servlet.request.cipher_suite"
+    private static final String CIPHER_SUITE    = "javax.servlet.request.cipher_suite";
     private static final String SSL_SESSION     = "javax.servlet.request.ssl_session";
     private static final String KEY_SIZE        = "javax.servlet.request.key_size";
 
@@ -497,14 +497,46 @@
 
         if (req.isSecure()) {
             envp.put("HTTPS", "ON");
+            envp.put("SSL_CIPHER", req.getAttribute(CIPHER_SUITE));
+            envp.put("SSL_SESSION_ID", req.getAttribute(SSL_SESSION));
+            envp.put("SSL_CIPHER_USEKEYSIZE", req.getAttribute(KEY_SIZE));
             X509Certificate[] certs =
                 (X509Certificate[])req.getAttribute(CERTIFICATE_KEY);
             if (certs != null) {
-                for (int c = 0; c < certs.length; c++) {
-                    envp.put("CERT_ISSUER",
-                        nullsToBlanks(certs[c].getIssuerX500Principal().getName()));
-                    // TODO: Add more HTTPS params.
+                // Well use the first, normaly the client certificate.
+                envp.put("SSL_SERVER_V_START", certs[0].getNotAfter().toString());
+                envp.put("SSL_SERVER_V_END",  certs[0].getNotBefore().toString());
+                
+                envp.put("SSL_CLIENT_A_KEY",  certs[0].getSigAlgName());
+                
+                // Oops getEncoded gives a DER not PEM encoded ... envp.put("SSL_CLIENT_CERT",  certs[0].getEncoded());
+
+                envp.put("SSL_SERVER_M_SERIAL", certs[0].getSerialNumber().toString());
+                envp.put("SSL_SERVER_M_VERSION", String.valueOf(certs[0].getVersion()));
+
+                // Subject
+                envp.put("SSL_CLIENT_S_DN", certs[0].getSubjectX500Principal().getName());
+                // To fill the elements C,ST... Email
+                String pr = certs[0].getSubjectX500Principal().getName();
+                String prs[] = pr.split(", ");
+                for (int c = 0; c < prs.length; c++) {
+                    String pprs[] = prs[c].split("=");
+                    envp.put("SSL_CLIENT_S_DN_" + pprs[0], pprs[1]);
                 }
+
+                // Issuer
+                envp.put("SSL_CLIENT_I_DN", certs[0].getIssuerX500Principal().getName());
+                // To fill the elements C,ST... Email Still to TODO.
+                pr = certs[0].getSubjectX500Principal().getName();
+                prs = pr.split(", ");
+                for (int c = 0; c < prs.length; c++) {
+                    String pprs[] = prs[c].split("=");
+                    envp.put("SSL_CLIENT_I_DN_" + pprs[0], pprs[1]);
+                }
+
+
+                // envp.put("CERT_ISSUER",
+                //         nullsToBlanks(certs[c].getIssuerX500Principal().getName()));
             }
         }