diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-03-17 04:48:07 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-04-07 23:02:29 +0200 |
| commit | 60f0adb9205d5c7d4d9294ca620530ff3df2000e (patch) | |
| tree | 0c5b1eb24808dc4bce8ad57225d3d19e7615eba9 | |
| parent | 10d8f53c25d8ed7907b55c247fc77e5c3900029b (diff) | |
| download | pki-60f0adb9205d5c7d4d9294ca620530ff3df2000e.tar.gz pki-60f0adb9205d5c7d4d9294ca620530ff3df2000e.tar.xz pki-60f0adb9205d5c7d4d9294ca620530ff3df2000e.zip | |
Added SSLSocketListener for PKIConnection.
To help troubleshooting the PKIConnection has been modified to
register an SSL socket listener which will display SSL alerts
that it has received or sent.
https://pagure.io/dogtagpki/issue/2625
Change-Id: I8f2e4f55a3d6bc8a7360f666c9b18e4c0d6c6d83
| -rw-r--r-- | base/common/src/com/netscape/certsrv/client/PKIConnection.java | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/client/PKIConnection.java b/base/common/src/com/netscape/certsrv/client/PKIConnection.java index c2ffd09e1..d5e4c0087 100644 --- a/base/common/src/com/netscape/certsrv/client/PKIConnection.java +++ b/base/common/src/com/netscape/certsrv/client/PKIConnection.java @@ -78,8 +78,13 @@ import org.jboss.resteasy.client.jaxrs.ResteasyWebTarget; import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.CryptoManager.NotInitializedException; +import org.mozilla.jss.ssl.SSLAlertDescription; +import org.mozilla.jss.ssl.SSLAlertEvent; +import org.mozilla.jss.ssl.SSLAlertLevel; import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; +import org.mozilla.jss.ssl.SSLHandshakeCompletedEvent; import org.mozilla.jss.ssl.SSLSocket; +import org.mozilla.jss.ssl.SSLSocketListener; import com.netscape.certsrv.base.PKIException; @@ -352,6 +357,41 @@ public class PKIConnection { socket.setClientCertNickname(certNickname); } + socket.addSocketListener(new SSLSocketListener() { + + @Override + public void alertReceived(SSLAlertEvent event) { + + int intLevel = event.getLevel(); + SSLAlertLevel level = SSLAlertLevel.valueOf(intLevel); + + int intDescription = event.getDescription(); + SSLAlertDescription description = SSLAlertDescription.valueOf(intDescription); + + if (level == SSLAlertLevel.FATAL || verbose) { + System.err.println(level + ": SSL alert received: " + description); + } + } + + @Override + public void alertSent(SSLAlertEvent event) { + + int intLevel = event.getLevel(); + SSLAlertLevel level = SSLAlertLevel.valueOf(intLevel); + + int intDescription = event.getDescription(); + SSLAlertDescription description = SSLAlertDescription.valueOf(intDescription); + + if (level == SSLAlertLevel.FATAL || verbose) { + System.err.println(level + ": SSL alert sent: " + description); + } + } + + @Override + public void handshakeCompleted(SSLHandshakeCompletedEvent event) { + } + + }); return socket; } |