From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Sat, 24 Mar 2012 02:27:47 -0500
Subject: Removed unnecessary pki folder.

Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.

Ticket #131
---
 .../cmscore/ldapconn/LdapJssSSLSocketFactory.java  | 109 +++++++++++++++++++++
 1 file changed, 109 insertions(+)
 create mode 100644 base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java

(limited to 'base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java')

diff --git a/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java
new file mode 100644
index 000000000..4df2fe357
--- /dev/null
+++ b/base/common/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java
@@ -0,0 +1,109 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.cmscore.ldapconn;
+
+import java.io.IOException;
+import java.net.Socket;
+import java.net.UnknownHostException;
+
+import netscape.ldap.LDAPException;
+import netscape.ldap.LDAPSSLSocketFactoryExt;
+
+import org.mozilla.jss.ssl.SSLHandshakeCompletedEvent;
+import org.mozilla.jss.ssl.SSLHandshakeCompletedListener;
+import org.mozilla.jss.ssl.SSLSocket;
+
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.logging.ILogger;
+
+/**
+ * Uses HCL ssl socket.
+ * 
+ * @author Lily Hsiao lhsiao@netscape.com
+ */
+public class LdapJssSSLSocketFactory implements LDAPSSLSocketFactoryExt {
+    private String mClientAuthCertNickname = null;
+    private boolean mClientAuth = false;
+
+    public LdapJssSSLSocketFactory() {
+    }
+
+    public LdapJssSSLSocketFactory(String certNickname) {
+        mClientAuthCertNickname = certNickname;
+    }
+
+    public Socket makeSocket(String host, int port) throws LDAPException {
+        SSLSocket s = null;
+
+        try {
+            SSLSocket.enableSSL2Default(false);
+            s = new SSLSocket(host, port);
+            s.setUseClientMode(true);
+            s.enableSSL2(false);
+            //TODO Do we really want to set the default each time?
+            SSLSocket.enableSSL2Default(false);
+            s.enableV2CompatibleHello(false);
+
+            SSLHandshakeCompletedListener listener = null;
+
+            listener = new ClientHandshakeCB(this);
+            s.addHandshakeCompletedListener(listener);
+
+            if (mClientAuthCertNickname != null) {
+                mClientAuth = true;
+                CMS.debug(
+                        "LdapJssSSLSocket set client auth cert nickname" +
+                                mClientAuthCertNickname);
+                s.setClientCertNickname(mClientAuthCertNickname);
+            }
+            s.forceHandshake();
+        } catch (UnknownHostException e) {
+            log(ILogger.LL_FAILURE,
+                    CMS.getLogMessage("CMSCORE_LDAPCONN_UNKNOWN_HOST"));
+            throw new LDAPException(
+                    "Cannot Create JSS SSL Socket - Unknown host");
+        } catch (IOException e) {
+            log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAPCONN_IO_ERROR", e.toString()));
+            throw new LDAPException("IO Error creating JSS SSL Socket");
+        }
+        return s;
+    }
+
+    public boolean isClientAuth() {
+        return mClientAuth;
+    }
+
+    public Object getCipherSuites() {
+        return null;
+    }
+
+    public void log(int level, String msg) {
+    }
+
+    class ClientHandshakeCB implements SSLHandshakeCompletedListener {
+        Object sc;
+
+        public ClientHandshakeCB(Object sc) {
+            this.sc = sc;
+        }
+
+        public void handshakeCompleted(SSLHandshakeCompletedEvent event) {
+            CMS.debug("SSL handshake happened");
+        }
+    }
+}
-- 
cgit