init

2024-11-30 19:03:49 +08:00
commit 1e6763c160
3806 changed files with 737676 additions and 0 deletions
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLSessionContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLSessionContext.java
@@ -0,0 +1,148 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomcat.util.net.openssl;
+
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
+
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSessionContext;
+
+import org.apache.tomcat.jni.SSL;
+import org.apache.tomcat.jni.SSLContext;
+import org.apache.tomcat.util.res.StringManager;
+
+/**
+ * OpenSSL specific {@link SSLSessionContext} implementation.
+ */
+public class OpenSSLSessionContext implements SSLSessionContext {
+    private static final StringManager sm = StringManager.getManager(OpenSSLSessionContext.class);
+    private static final Enumeration<byte[]> EMPTY = new EmptyEnumeration();
+
+    private final OpenSSLSessionStats stats;
+    // This is deliberately unused. The reference is retained so that a
+    // reference chain is established and maintained to the OpenSSLContext while
+    // there is a connection that is using the OpenSSLContext. Therefore, the
+    // OpenSSLContext can not be eligible for GC while it is in use.
+    @SuppressWarnings("unused")
+    private final OpenSSLContext context;
+    private final long contextID;
+
+    OpenSSLSessionContext(OpenSSLContext context) {
+        this.context = context;
+        this.contextID = context.getSSLContextID();
+        stats = new OpenSSLSessionStats(contextID);
+    }
+
+    @Override
+    public SSLSession getSession(byte[] bytes) {
+        return null;
+    }
+
+    @Override
+    public Enumeration<byte[]> getIds() {
+        return EMPTY;
+    }
+
+    /**
+     * Sets the SSL session ticket keys of this context.
+     *
+     * @param keys The session ticket keys
+     */
+    public void setTicketKeys(byte[] keys) {
+        if (keys == null) {
+            throw new IllegalArgumentException(sm.getString("sessionContext.nullTicketKeys"));
+        }
+        SSLContext.setSessionTicketKeys(contextID, keys);
+    }
+
+    /**
+     * Enable or disable caching of SSL sessions.
+     *
+     * @param enabled {@code true} to enable caching, {@code false} to disable
+     */
+    public void setSessionCacheEnabled(boolean enabled) {
+        long mode = enabled ? SSL.SSL_SESS_CACHE_SERVER : SSL.SSL_SESS_CACHE_OFF;
+        SSLContext.setSessionCacheMode(contextID, mode);
+    }
+
+    /**
+     * @return {@code true} if caching of SSL sessions is enabled, {@code false}
+     *         otherwise.
+     */
+    public boolean isSessionCacheEnabled() {
+        return SSLContext.getSessionCacheMode(contextID) == SSL.SSL_SESS_CACHE_SERVER;
+    }
+
+    /**
+     * @return The statistics for this context.
+     */
+    public OpenSSLSessionStats stats() {
+        return stats;
+    }
+
+    @Override
+    public void setSessionTimeout(int seconds) {
+        if (seconds < 0) {
+            throw new IllegalArgumentException();
+        }
+        SSLContext.setSessionCacheTimeout(contextID, seconds);
+    }
+
+    @Override
+    public int getSessionTimeout() {
+        return (int) SSLContext.getSessionCacheTimeout(contextID);
+    }
+
+    @Override
+    public void setSessionCacheSize(int size) {
+        if (size < 0) {
+            throw new IllegalArgumentException();
+        }
+        SSLContext.setSessionCacheSize(contextID, size);
+    }
+
+    @Override
+    public int getSessionCacheSize() {
+        return (int) SSLContext.getSessionCacheSize(contextID);
+    }
+
+    /**
+     * Set the context within which session be reused (server side only)
+     * See <a href="http://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html">
+     *     man SSL_CTX_set_session_id_context</a>
+     *
+     * @param sidCtx can be any kind of binary data, it is therefore possible to use e.g. the name
+     *               of the application and/or the hostname and/or service name
+     * @return {@code true} if success, {@code false} otherwise.
+     */
+    public boolean setSessionIdContext(byte[] sidCtx) {
+        return SSLContext.setSessionIdContext(contextID, sidCtx);
+    }
+
+    private static final class EmptyEnumeration implements Enumeration<byte[]> {
+        @Override
+        public boolean hasMoreElements() {
+            return false;
+        }
+
+        @Override
+        public byte[] nextElement() {
+            throw new NoSuchElementException();
+        }
+    }
+}