diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:08:08 -0500 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-03-26 15:10:41 -0700 |
commit | 4a7ec07c942544b7ca27718a11dac00505c4de7b (patch) | |
tree | cceeb31a92d7b8b307300305fba77e642b7a6495 /base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java | |
parent | 007bc68f666ef5658274a1e27989d75f2a681a20 (diff) | |
download | pki-4a7ec07c942544b7ca27718a11dac00505c4de7b.tar.gz pki-4a7ec07c942544b7ca27718a11dac00505c4de7b.tar.xz pki-4a7ec07c942544b7ca27718a11dac00505c4de7b.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java')
-rw-r--r-- | base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java new file mode 100644 index 000000000..b9f7d78eb --- /dev/null +++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java @@ -0,0 +1,104 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.ldapconn; + + +import java.net.*; +import java.io.*; +import netscape.ldap.*; +import org.mozilla.jss.ssl.*; +import com.netscape.certsrv.logging.*; +import com.netscape.certsrv.apps.*; +import com.netscape.certsrv.ldap.*; + + +/** + * Uses HCL ssl socket. + * @author Lily Hsiao lhsiao@netscape.com + */ +public class LdapJssSSLSocketFactory implements LDAPSSLSocketFactoryExt { + private String mClientAuthCertNickname = null; + private boolean mClientAuth = false; + + public LdapJssSSLSocketFactory() { + } + + public LdapJssSSLSocketFactory(String certNickname) { + mClientAuthCertNickname = certNickname; + } + + public Socket makeSocket(String host, int port) throws LDAPException { + SSLSocket s = null; + + try { + SSLSocket.enableSSL2Default(false); + s = new SSLSocket(host, port); + s.setUseClientMode(true); + s.enableSSL2(false); + s.enableSSL2Default(false); + s.enableV2CompatibleHello(false); + + SSLHandshakeCompletedListener listener = null; + + listener = new ClientHandshakeCB(this); + s.addHandshakeCompletedListener(listener); + + if (mClientAuthCertNickname != null) { + mClientAuth = true; + CMS.debug( + "LdapJssSSLSocket set client auth cert nickname" + + mClientAuthCertNickname); + s.setClientCertNickname(mClientAuthCertNickname); + } + s.forceHandshake(); + } catch (UnknownHostException e) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAPCONN_UNKNOWN_HOST")); + throw new LDAPException( + "Cannot Create JSS SSL Socket - Unknown host"); + } catch (IOException e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAPCONN_IO_ERROR", e.toString())); + throw new LDAPException("IO Error creating JSS SSL Socket"); + } + return s; + } + + public boolean isClientAuth() { + return mClientAuth; + } + + public Object getCipherSuites() { + return null; + } + + public void log(int level, String msg) { + } + + class ClientHandshakeCB implements SSLHandshakeCompletedListener { + Object sc; + + public ClientHandshakeCB(Object sc) { + this.sc = sc; + } + + public void handshakeCompleted(SSLHandshakeCompletedEvent event) { + CMS.debug("SSL handshake happened"); + } + } +} + |