Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Proc.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Proc.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Proc.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Proc.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,210 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** Proc
+ *
+ * @author Mladen Turk
+ * @version $Id: Proc.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class Proc {
+
+ /*
+ * apr_cmdtype_e enum
+ */
+ public static final int APR_SHELLCM = 0; /** use the shell to invoke the program */
+ public static final int APR_PROGRAM = 1; /** invoke the program directly, no copied env */
+ public static final int APR_PROGRAM_ENV = 2; /** invoke the program, replicating our environment */
+ public static final int APR_PROGRAM_PATH = 3; /** find program on PATH, use our environment */
+ public static final int APR_SHELLCMD_ENV = 4; /** use the shell to invoke the program,
+ * replicating our environment
+ */
+
+ /*
+ * apr_wait_how_e enum
+ */
+ public static final int APR_WAIT = 0; /** wait for the specified process to finish */
+ public static final int APR_NOWAIT = 1; /** do not wait -- just see if it has finished */
+
+ /*
+ * apr_exit_why_e enum
+ */
+ public static final int APR_PROC_EXIT = 1; /** process exited normally */
+ public static final int APR_PROC_SIGNAL = 2; /** process exited due to a signal */
+ public static final int APR_PROC_SIGNAL_CORE = 4; /** process exited and dumped a core file */
+
+ public static final int APR_NO_PIPE = 0;
+ public static final int APR_FULL_BLOCK = 1;
+ public static final int APR_FULL_NONBLOCK = 2;
+ public static final int APR_PARENT_BLOCK = 3;
+ public static final int APR_CHILD_BLOCK = 4;
+
+ public static final int APR_LIMIT_CPU = 0;
+ public static final int APR_LIMIT_MEM = 1;
+ public static final int APR_LIMIT_NPROC = 2;
+ public static final int APR_LIMIT_NOFILE = 3;
+
+
+ /** child has died, caller must call unregister still */
+ public static final int APR_OC_REASON_DEATH = 0;
+ /** write_fd is unwritable */
+ public static final int APR_OC_REASON_UNWRITABLE = 1;
+ /** a restart is occuring, perform any necessary cleanup (including
+ * sending a special signal to child)
+ */
+ public static final int APR_OC_REASON_RESTART = 2;
+ /** unregister has been called, do whatever is necessary (including
+ * kill the child)
+ */
+ public static final int APR_OC_REASON_UNREGISTER = 3;
+ /** somehow the child exited without us knowing ... buggy os? */
+ public static final int APR_OC_REASON_LOST = 4;
+ /** a health check is occuring, for most maintainence functions
+ * this is a no-op.
+ */
+ public static final int APR_OC_REASON_RUNNING = 5;
+
+ /* apr_kill_conditions_e enumeration */
+ /** process is never sent any signals */
+ public static final int APR_KILL_NEVER = 0;
+ /** process is sent SIGKILL on apr_pool_t cleanup */
+ public static final int APR_KILL_ALWAYS = 1;
+ /** SIGTERM, wait 3 seconds, SIGKILL */
+ public static final int APR_KILL_AFTER_TIMEOUT = 2;
+ /** wait forever for the process to complete */
+ public static final int APR_JUST_WAIT = 3;
+ /** send SIGTERM and then wait */
+ public static final int APR_KILL_ONLY_ONCE = 4;
+
+ public static final int APR_PROC_DETACH_FOREGROUND = 0; /** Do not detach */
+ public static final int APR_PROC_DETACH_DAEMONIZE = 1; /** Detach */
+
+ /* Maximum number of arguments for create process call */
+ public static final int MAX_ARGS_SIZE = 1024;
+ /* Maximum number of environment variables for create process call */
+ public static final int MAX_ENV_SIZE = 1024;
+
+ /**
+ * Allocate apr_proc_t stucture from pool
+ * This is not an apr function.
+ * @param cont The pool to use.
+ */
+ public static native long alloc(long cont);
+
+ /**
+ * This is currently the only non-portable call in APR. This executes
+ * a standard unix fork.
+ * @param proc The resulting process handle.
+ * @param cont The pool to use.
+ * @return APR_INCHILD for the child, and APR_INPARENT for the parent
+ * or an error.
+ */
+ public static native int fork(long [] proc, long cont);
+
+ /**
+ * Create a new process and execute a new program within that process.
+ * This function returns without waiting for the new process to terminate;
+ * use apr_proc_wait for that.
+ * @param progname The program to run
+ * @param args The arguments to pass to the new program. The first
+ * one should be the program name.
+ * @param env The new environment table for the new process. This
+ * should be a list of NULL-terminated strings. This argument
+ * is ignored for APR_PROGRAM_ENV, APR_PROGRAM_PATH, and
+ * APR_SHELLCMD_ENV types of commands.
+ * @param attr The procattr we should use to determine how to create the new
+ * process
+ * @param pool The pool to use.
+ * @return The resulting process handle.
+ */
+ public static native int create(long proc, String progname,
+ String [] args, String [] env,
+ long attr, long pool);
+
+ /**
+ * Wait for a child process to die
+ * @param proc The process handle that corresponds to the desired child process
+ * @param exit exit[0] The returned exit status of the child, if a child process
+ * dies, or the signal that caused the child to die.
+ * On platforms that don't support obtaining this information,
+ * the status parameter will be returned as APR_ENOTIMPL.
+ * exit[1] Why the child died, the bitwise or of:
+ * <PRE>
+ * APR_PROC_EXIT -- process terminated normally
+ * APR_PROC_SIGNAL -- process was killed by a signal
+ * APR_PROC_SIGNAL_CORE -- process was killed by a signal, and
+ * generated a core dump.
+ * </PRE>
+ * @param waithow How should we wait. One of:
+ * <PRE>
+ * APR_WAIT -- block until the child process dies.
+ * APR_NOWAIT -- return immediately regardless of if the
+ * child is dead or not.
+ * </PRE>
+ * @return The childs status is in the return code to this process. It is one of:
+ * <PRE>
+ * APR_CHILD_DONE -- child is no longer running.
+ * APR_CHILD_NOTDONE -- child is still running.
+ * </PRE>
+ */
+ public static native int wait(long proc, int [] exit, int waithow);
+
+ /**
+ * Wait for any current child process to die and return information
+ * about that child.
+ * @param proc Pointer to NULL on entry, will be filled out with child's
+ * information
+ * @param exit exit[0] The returned exit status of the child, if a child process
+ * dies, or the signal that caused the child to die.
+ * On platforms that don't support obtaining this information,
+ * the status parameter will be returned as APR_ENOTIMPL.
+ * exit[1] Why the child died, the bitwise or of:
+ * <PRE>
+ * APR_PROC_EXIT -- process terminated normally
+ * APR_PROC_SIGNAL -- process was killed by a signal
+ * APR_PROC_SIGNAL_CORE -- process was killed by a signal, and
+ * generated a core dump.
+ * </PRE>
+ * @param waithow How should we wait. One of:
+ * <PRE>
+ * APR_WAIT -- block until the child process dies.
+ * APR_NOWAIT -- return immediately regardless of if the
+ * child is dead or not.
+ * </PRE>
+ * @param pool Pool to allocate child information out of.
+ */
+ public static native int waitAllProcs(long proc, int [] exit,
+ int waithow, long pool);
+
+ /**
+ * Detach the process from the controlling terminal.
+ * @param daemonize set to non-zero if the process should daemonize
+ * and become a background process, else it will
+ * stay in the foreground.
+ */
+ public static native int detach(int daemonize);
+
+ /**
+ * Terminate a process.
+ * @param proc The process to terminate.
+ * @param sig How to kill the process.
+ */
+ public static native int kill(long proc, int sig);
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/ProcErrorCallback.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/ProcErrorCallback.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/ProcErrorCallback.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/ProcErrorCallback.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** ProcErrorCallback Interface
+ *
+ * @author Mladen Turk
+ * @version $Id: ProcErrorCallback.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public interface ProcErrorCallback {
+
+ /**
+ * Called in the child process if APR encounters an error
+ * in the child prior to running the specified program.
+ * @param pool Pool associated with the apr_proc_t. If your child
+ * error function needs user data, associate it with this
+ * pool.
+ * @param err APR error code describing the error
+ * @param description Text description of type of processing which failed
+ */
+ public void callback(long pool, int err, String description);
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Procattr.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Procattr.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Procattr.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Procattr.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,172 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** Procattr
+ *
+ * @author Mladen Turk
+ * @version $Id: Procattr.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class Procattr {
+
+ /**
+ * Create and initialize a new procattr variable
+ * @param cont The pool to use
+ * @return The newly created procattr.
+ */
+ public static native long create(long cont)
+ throws Error;
+
+ /**
+ * Determine if any of stdin, stdout, or stderr should be linked to pipes
+ * when starting a child process.
+ * @param attr The procattr we care about.
+ * @param in Should stdin be a pipe back to the parent?
+ * @param out Should stdout be a pipe back to the parent?
+ * @param err Should stderr be a pipe back to the parent?
+ */
+ public static native int ioSet(long attr, int in, int out, int err);
+ /**
+ * Set the child_in and/or parent_in values to existing apr_file_t values.
+ * <br />
+ * This is NOT a required initializer function. This is
+ * useful if you have already opened a pipe (or multiple files)
+ * that you wish to use, perhaps persistently across multiple
+ * process invocations - such as a log file. You can save some
+ * extra function calls by not creating your own pipe since this
+ * creates one in the process space for you.
+ * @param attr The procattr we care about.
+ * @param in apr_file_t value to use as child_in. Must be a valid file.
+ * @param parent apr_file_t value to use as parent_in. Must be a valid file.
+ */
+ public static native int childInSet(long attr, long in, long parent);
+
+ /**
+ * Set the child_out and parent_out values to existing apr_file_t values.
+ * <br />
+ * This is NOT a required initializer function. This is
+ * useful if you have already opened a pipe (or multiple files)
+ * that you wish to use, perhaps persistently across multiple
+ * process invocations - such as a log file.
+ * @param attr The procattr we care about.
+ * @param out apr_file_t value to use as child_out. Must be a valid file.
+ * @param parent apr_file_t value to use as parent_out. Must be a valid file.
+ */
+ public static native int childOutSet(long attr, long out, long parent);
+
+ /**
+ * Set the child_err and parent_err values to existing apr_file_t values.
+ * <br />
+ * This is NOT a required initializer function. This is
+ * useful if you have already opened a pipe (or multiple files)
+ * that you wish to use, perhaps persistently across multiple
+ * process invocations - such as a log file.
+ * @param attr The procattr we care about.
+ * @param err apr_file_t value to use as child_err. Must be a valid file.
+ * @param parent apr_file_t value to use as parent_err. Must be a valid file.
+ */
+ public static native int childErrSet(long attr, long err, long parent);
+
+ /**
+ * Set which directory the child process should start executing in.
+ * @param attr The procattr we care about.
+ * @param dir Which dir to start in. By default, this is the same dir as
+ * the parent currently resides in, when the createprocess call
+ * is made.
+ */
+ public static native int dirSet(long attr, String dir);
+
+ /**
+ * Set what type of command the child process will call.
+ * @param attr The procattr we care about.
+ * @param cmd The type of command. One of:
+ * <PRE>
+ * APR_SHELLCMD -- Anything that the shell can handle
+ * APR_PROGRAM -- Executable program (default)
+ * APR_PROGRAM_ENV -- Executable program, copy environment
+ * APR_PROGRAM_PATH -- Executable program on PATH, copy env
+ * </PRE>
+ */
+ public static native int cmdtypeSet(long attr, int cmd);
+
+ /**
+ * Determine if the child should start in detached state.
+ * @param attr The procattr we care about.
+ * @param detach Should the child start in detached state? Default is no.
+ */
+ public static native int detachSet(long attr, int detach);
+
+ /**
+ * Specify that apr_proc_create() should do whatever it can to report
+ * failures to the caller of apr_proc_create(), rather than find out in
+ * the child.
+ * @param attr The procattr describing the child process to be created.
+ * @param chk Flag to indicate whether or not extra work should be done
+ * to try to report failures to the caller.
+ * <br />
+ * This flag only affects apr_proc_create() on platforms where
+ * fork() is used. This leads to extra overhead in the calling
+ * process, but that may help the application handle such
+ * errors more gracefully.
+ */
+ public static native int errorCheckSet(long attr, int chk);
+
+ /**
+ * Determine if the child should start in its own address space or using the
+ * current one from its parent
+ * @param attr The procattr we care about.
+ * @param addrspace Should the child start in its own address space? Default
+ * is no on NetWare and yes on other platforms.
+ */
+ public static native int addrspaceSet(long attr, int addrspace);
+
+ /**
+ * Specify an error function to be called in the child process if APR
+ * encounters an error in the child prior to running the specified program.
+ * @param attr The procattr describing the child process to be created.
+ * @param pool The the pool to use.
+ * @param o The Object to call in the child process.
+ * <br />
+ * At the present time, it will only be called from apr_proc_create()
+ * on platforms where fork() is used. It will never be called on other
+ * platforms, on those platforms apr_proc_create() will return the error
+ * in the parent process rather than invoke the callback in the now-forked
+ * child process.
+ */
+ public static native void errfnSet(long attr, long pool, Object o);
+
+ /**
+ * Set the username used for running process
+ * @param attr The procattr we care about.
+ * @param username The username used
+ * @param password User password if needed. Password is needed on WIN32
+ * or any other platform having
+ * APR_PROCATTR_USER_SET_REQUIRES_PASSWORD set.
+ */
+ public static native int userSet(long attr, String username, String password);
+
+ /**
+ * Set the group used for running process
+ * @param attr The procattr we care about.
+ * @param groupname The group name used
+ */
+ public static native int groupSet(long attr, String groupname);
+
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Registry.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Registry.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Registry.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Registry.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,235 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** Windows Registy support
+ *
+ * @author Mladen Turk
+ * @version $Id: Registry.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class Registry {
+
+ /* Registry Enums */
+ public static final int HKEY_CLASSES_ROOT = 1;
+ public static final int HKEY_CURRENT_CONFIG = 2;
+ public static final int HKEY_CURRENT_USER = 3;
+ public static final int HKEY_LOCAL_MACHINE = 4;
+ public static final int HKEY_USERS = 5;
+
+ public static final int KEY_ALL_ACCESS = 0x0001;
+ public static final int KEY_CREATE_LINK = 0x0002;
+ public static final int KEY_CREATE_SUB_KEY = 0x0004;
+ public static final int KEY_ENUMERATE_SUB_KEYS = 0x0008;
+ public static final int KEY_EXECUTE = 0x0010;
+ public static final int KEY_NOTIFY = 0x0020;
+ public static final int KEY_QUERY_VALUE = 0x0040;
+ public static final int KEY_READ = 0x0080;
+ public static final int KEY_SET_VALUE = 0x0100;
+ public static final int KEY_WOW64_64KEY = 0x0200;
+ public static final int KEY_WOW64_32KEY = 0x0400;
+ public static final int KEY_WRITE = 0x0800;
+
+ public static final int REG_BINARY = 1;
+ public static final int REG_DWORD = 2;
+ public static final int REG_EXPAND_SZ = 3;
+ public static final int REG_MULTI_SZ = 4;
+ public static final int REG_QWORD = 5;
+ public static final int REG_SZ = 6;
+
+ /**
+ * Create or open a Registry Key.
+ * @param name Registry Subkey to open
+ * @param root Root key, one of HKEY_*
+ * @param sam Access mask that specifies the access rights for the key.
+ * @param pool Pool used for native memory allocation
+ * @return Opened Registry key
+ */
+ public static native long create(int root, String name, int sam, long pool)
+ throws Error;
+
+ /**
+ * Opens the specified Registry Key.
+ * @param name Registry Subkey to open
+ * @param root Root key, one of HKEY_*
+ * @param sam Access mask that specifies the access rights for the key.
+ * @param pool Pool used for native memory allocation
+ * @return Opened Registry key
+ */
+ public static native long open(int root, String name, int sam, long pool)
+ throws Error;
+
+ /**
+ * Close the specified Registry key.
+ * @param key The Registry key descriptor to close.
+ */
+ public static native int close(long key);
+
+ /**
+ * Get the Registry key type.
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Value type or negative error value
+ */
+ public static native int getType(long key, String name);
+
+ /**
+ * Get the Registry value for REG_DWORD
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Registry key value
+ */
+ public static native int getValueI(long key, String name)
+ throws Error;
+
+ /**
+ * Get the Registry value for REG_QWORD or REG_DWORD
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Registry key value
+ */
+ public static native long getValueJ(long key, String name)
+ throws Error;
+
+ /**
+ * Get the Registry key length.
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Value size or negative error value
+ */
+ public static native int getSize(long key, String name);
+
+ /**
+ * Get the Registry value for REG_SZ or REG_EXPAND_SZ
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Registry key value
+ */
+ public static native String getValueS(long key, String name)
+ throws Error;
+
+ /**
+ * Get the Registry value for REG_MULTI_SZ
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Registry key value
+ */
+ public static native String[] getValueA(long key, String name)
+ throws Error;
+
+ /**
+ * Get the Registry value for REG_BINARY
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to query
+ * @return Registry key value
+ */
+ public static native byte[] getValueB(long key, String name)
+ throws Error;
+
+
+ /**
+ * Set the Registry value for REG_DWORD
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueI(long key, String name, int val);
+
+ /**
+ * Set the Registry value for REG_QWORD
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueJ(long key, String name, long val);
+
+ /**
+ * Set the Registry value for REG_SZ
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueS(long key, String name, String val);
+
+ /**
+ * Set the Registry value for REG_EXPAND_SZ
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueE(long key, String name, String val);
+
+ /**
+ * Set the Registry value for REG_MULTI_SZ
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueA(long key, String name, String[] val);
+
+ /**
+ * Set the Registry value for REG_BINARY
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to set
+ * @param val The the value to set
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int setValueB(long key, String name, byte[] val);
+
+ /**
+ * Enumerate the Registry subkeys
+ * @param key The Registry key descriptor to use.
+ * @return Array of all subkey names
+ */
+ public static native String[] enumKeys(long key)
+ throws Error;
+
+ /**
+ * Enumerate the Registry values
+ * @param key The Registry key descriptor to use.
+ * @return Array of all value names
+ */
+ public static native String[] enumValues(long key)
+ throws Error;
+
+ /**
+ * Delete the Registry value
+ * @param key The Registry key descriptor to use.
+ * @param name The name of the value to delete
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int deleteValue(long key, String name);
+
+ /**
+ * Delete the Registry subkey
+ * @param root Root key, one of HKEY_*
+ * @param name Subkey to delete
+ * @param onlyIfEmpty If true will not delete a key if
+ * it contains any subkeys or values
+ * @return If the function succeeds, the return value is 0
+ */
+ public static native int deleteKey(int root, String name,
+ boolean onlyIfEmpty);
+
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSL.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSL.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSL.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSL.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,326 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** SSL
+ *
+ * @author Mladen Turk
+ * @version $Id: SSL.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public final class SSL {
+
+ /*
+ * Type definitions mostly from mod_ssl
+ */
+ public static final int UNSET = -1;
+ /*
+ * Define the certificate algorithm types
+ */
+ public static final int SSL_ALGO_UNKNOWN = 0;
+ public static final int SSL_ALGO_RSA = (1<<0);
+ public static final int SSL_ALGO_DSA = (1<<1);
+ public static final int SSL_ALGO_ALL = (SSL_ALGO_RSA|SSL_ALGO_DSA);
+
+ public static final int SSL_AIDX_RSA = 0;
+ public static final int SSL_AIDX_DSA = 1;
+ public static final int SSL_AIDX_MAX = 2;
+ /*
+ * Define IDs for the temporary RSA keys and DH params
+ */
+
+ public static final int SSL_TMP_KEY_RSA_512 = 0;
+ public static final int SSL_TMP_KEY_RSA_1024 = 1;
+ public static final int SSL_TMP_KEY_RSA_2048 = 2;
+ public static final int SSL_TMP_KEY_RSA_4096 = 3;
+ public static final int SSL_TMP_KEY_DH_512 = 4;
+ public static final int SSL_TMP_KEY_DH_1024 = 5;
+ public static final int SSL_TMP_KEY_DH_2048 = 6;
+ public static final int SSL_TMP_KEY_DH_4096 = 7;
+ public static final int SSL_TMP_KEY_MAX = 8;
+
+ /*
+ * Define the SSL options
+ */
+ public static final int SSL_OPT_NONE = 0;
+ public static final int SSL_OPT_RELSET = (1<<0);
+ public static final int SSL_OPT_STDENVVARS = (1<<1);
+ public static final int SSL_OPT_EXPORTCERTDATA = (1<<3);
+ public static final int SSL_OPT_FAKEBASICAUTH = (1<<4);
+ public static final int SSL_OPT_STRICTREQUIRE = (1<<5);
+ public static final int SSL_OPT_OPTRENEGOTIATE = (1<<6);
+ public static final int SSL_OPT_ALL = (SSL_OPT_STDENVVARS|SSL_OPT_EXPORTCERTDATA|SSL_OPT_FAKEBASICAUTH|SSL_OPT_STRICTREQUIRE|SSL_OPT_OPTRENEGOTIATE);
+
+ /*
+ * Define the SSL Protocol options
+ */
+ public static final int SSL_PROTOCOL_NONE = 0;
+ public static final int SSL_PROTOCOL_SSLV2 = (1<<0);
+ public static final int SSL_PROTOCOL_SSLV3 = (1<<1);
+ public static final int SSL_PROTOCOL_TLSV1 = (1<<2);
+ public static final int SSL_PROTOCOL_ALL = (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1);
+
+ /*
+ * Define the SSL verify levels
+ */
+ public static final int SSL_CVERIFY_UNSET = UNSET;
+ public static final int SSL_CVERIFY_NONE = 0;
+ public static final int SSL_CVERIFY_OPTIONAL = 1;
+ public static final int SSL_CVERIFY_REQUIRE = 2;
+ public static final int SSL_CVERIFY_OPTIONAL_NO_CA = 3;
+
+ /* Use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
+ * are 'ored' with SSL_VERIFY_PEER if they are desired
+ */
+ public static final int SSL_VERIFY_NONE = 0;
+ public static final int SSL_VERIFY_PEER = 1;
+ public static final int SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2;
+ public static final int SSL_VERIFY_CLIENT_ONCE = 4;
+ public static final int SSL_VERIFY_PEER_STRICT = (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+
+ public static final int SSL_OP_MICROSOFT_SESS_ID_BUG = 0x00000001;
+ public static final int SSL_OP_NETSCAPE_CHALLENGE_BUG = 0x00000002;
+ public static final int SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 0x00000008;
+ public static final int SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 0x00000010;
+ public static final int SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 0x00000020;
+ public static final int SSL_OP_MSIE_SSLV2_RSA_PADDING = 0x00000040;
+ public static final int SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 0x00000080;
+ public static final int SSL_OP_TLS_D5_BUG = 0x00000100;
+ public static final int SSL_OP_TLS_BLOCK_PADDING_BUG = 0x00000200;
+
+ /* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
+ * in OpenSSL 0.9.6d. Usually (depending on the application protocol)
+ * the workaround is not needed. Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include
+ * it in SSL_OP_ALL. */
+ public static final int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00000800;
+
+ /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
+ * This used to be 0x000FFFFFL before 0.9.7. */
+ public static final int SSL_OP_ALL = 0x00000FFF;
+
+ /* As server, disallow session resumption on renegotiation */
+ public static final int SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00010000;
+ /* If set, always create a new key when using tmp_dh parameters */
+ public static final int SSL_OP_SINGLE_DH_USE = 0x00100000;
+ /* Set to always use the tmp_rsa key when doing RSA operations,
+ * even when this violates protocol specs */
+ public static final int SSL_OP_EPHEMERAL_RSA = 0x00200000;
+ /* Set on servers to choose the cipher according to the server's
+ * preferences */
+ public static final int SSL_OP_CIPHER_SERVER_PREFERENCE = 0x00400000;
+ /* If set, a server will allow a client to issue a SSLv3.0 version number
+ * as latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks. */
+ public static final int SSL_OP_TLS_ROLLBACK_BUG = 0x00800000;
+
+ public static final int SSL_OP_NO_SSLv2 = 0x01000000;
+ public static final int SSL_OP_NO_SSLv3 = 0x02000000;
+ public static final int SSL_OP_NO_TLSv1 = 0x04000000;
+
+ /* The next flag deliberately changes the ciphertest, this is a check
+ * for the PKCS#1 attack */
+ public static final int SSL_OP_PKCS1_CHECK_1 = 0x08000000;
+ public static final int SSL_OP_PKCS1_CHECK_2 = 0x10000000;
+ public static final int SSL_OP_NETSCAPE_CA_DN_BUG = 0x20000000;
+ public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 0x40000000;
+
+ public static final int SSL_CRT_FORMAT_UNDEF = 0;
+ public static final int SSL_CRT_FORMAT_ASN1 = 1;
+ public static final int SSL_CRT_FORMAT_TEXT = 2;
+ public static final int SSL_CRT_FORMAT_PEM = 3;
+ public static final int SSL_CRT_FORMAT_NETSCAPE = 4;
+ public static final int SSL_CRT_FORMAT_PKCS12 = 5;
+ public static final int SSL_CRT_FORMAT_SMIME = 6;
+ public static final int SSL_CRT_FORMAT_ENGINE = 7;
+
+ public static final int SSL_MODE_CLIENT = 0;
+ public static final int SSL_MODE_SERVER = 1;
+ public static final int SSL_MODE_COMBINED = 2;
+
+ public static final int SSL_SHUTDOWN_TYPE_UNSET = 0;
+ public static final int SSL_SHUTDOWN_TYPE_STANDARD = 1;
+ public static final int SSL_SHUTDOWN_TYPE_UNCLEAN = 2;
+ public static final int SSL_SHUTDOWN_TYPE_ACCURATE = 3;
+
+ public static final int SSL_INFO_SESSION_ID = 0x0001;
+ public static final int SSL_INFO_CIPHER = 0x0002;
+ public static final int SSL_INFO_CIPHER_USEKEYSIZE = 0x0003;
+ public static final int SSL_INFO_CIPHER_ALGKEYSIZE = 0x0004;
+ public static final int SSL_INFO_CIPHER_VERSION = 0x0005;
+ public static final int SSL_INFO_CIPHER_DESCRIPTION = 0x0006;
+ public static final int SSL_INFO_PROTOCOL = 0x0007;
+
+ /* To obtain the CountryName of the Client Certificate Issuer
+ * use the SSL_INFO_CLIENT_I_DN + SSL_INFO_DN_COUNTRYNAME
+ */
+ public static final int SSL_INFO_CLIENT_S_DN = 0x0010;
+ public static final int SSL_INFO_CLIENT_I_DN = 0x0020;
+ public static final int SSL_INFO_SERVER_S_DN = 0x0040;
+ public static final int SSL_INFO_SERVER_I_DN = 0x0080;
+
+ public static final int SSL_INFO_DN_COUNTRYNAME = 0x0001;
+ public static final int SSL_INFO_DN_STATEORPROVINCENAME = 0x0002;
+ public static final int SSL_INFO_DN_LOCALITYNAME = 0x0003;
+ public static final int SSL_INFO_DN_ORGANIZATIONNAME = 0x0004;
+ public static final int SSL_INFO_DN_ORGANIZATIONALUNITNAME = 0x0005;
+ public static final int SSL_INFO_DN_COMMONNAME = 0x0006;
+ public static final int SSL_INFO_DN_TITLE = 0x0007;
+ public static final int SSL_INFO_DN_INITIALS = 0x0008;
+ public static final int SSL_INFO_DN_GIVENNAME = 0x0009;
+ public static final int SSL_INFO_DN_SURNAME = 0x000A;
+ public static final int SSL_INFO_DN_DESCRIPTION = 0x000B;
+ public static final int SSL_INFO_DN_UNIQUEIDENTIFIER = 0x000C;
+ public static final int SSL_INFO_DN_EMAILADDRESS = 0x000D;
+
+ public static final int SSL_INFO_CLIENT_M_VERSION = 0x0101;
+ public static final int SSL_INFO_CLIENT_M_SERIAL = 0x0102;
+ public static final int SSL_INFO_CLIENT_V_START = 0x0103;
+ public static final int SSL_INFO_CLIENT_V_END = 0x0104;
+ public static final int SSL_INFO_CLIENT_A_SIG = 0x0105;
+ public static final int SSL_INFO_CLIENT_A_KEY = 0x0106;
+ public static final int SSL_INFO_CLIENT_CERT = 0x0107;
+ public static final int SSL_INFO_CLIENT_V_REMAIN = 0x0108;
+
+ public static final int SSL_INFO_SERVER_M_VERSION = 0x0201;
+ public static final int SSL_INFO_SERVER_M_SERIAL = 0x0202;
+ public static final int SSL_INFO_SERVER_V_START = 0x0203;
+ public static final int SSL_INFO_SERVER_V_END = 0x0204;
+ public static final int SSL_INFO_SERVER_A_SIG = 0x0205;
+ public static final int SSL_INFO_SERVER_A_KEY = 0x0206;
+ public static final int SSL_INFO_SERVER_CERT = 0x0207;
+ /* Return client certificate chain.
+ * Add certificate chain number to that flag (0 ... verify depth)
+ */
+ public static final int SSL_INFO_CLIENT_CERT_CHAIN = 0x0400;
+ /* Return OpenSSL version number */
+ public static native int version();
+
+ /* Return OpenSSL version string */
+ public static native String versionString();
+
+ /**
+ * Initialize OpenSSL support.
+ * This function needs to be called once for the
+ * lifetime of JVM. Library.init() has to be called before.
+ * @param engine Support for external a Crypto Device ("engine"),
+ * usually
+ * a hardware accellerator card for crypto operations.
+ * @return APR status code
+ */
+ public static native int initialize(String engine);
+
+ /**
+ * Set source of entropy to use in SSL
+ * @param filename Filename containing random data
+ */
+ public static native boolean randSet(String filename);
+
+ /**
+ * Add content of the file to the PRNG
+ * @param filename Filename containing random data.
+ * If null the default file will be tested.
+ * The seed file is $RANDFILE if that environment variable is
+ * set, $HOME/.rnd otherwise.
+ * In case both files are unavailable builtin
+ * random seed generator is used.
+ */
+ public static native boolean randLoad(String filename);
+
+ /**
+ * Writes a number of random bytes (currently 1024) to
+ * file <code>filename</code> which can be used to initialize the PRNG
+ * by calling randLoad in a later session.
+ * @param filename Filename to save the data
+ */
+ public static native boolean randSave(String filename);
+
+ /**
+ * Creates random data to filename
+ * @param filename Filename to save the data
+ * @param len The length of random sequence in bytes
+ * @param base64 Output the data in Base64 encoded format
+ */
+ public static native boolean randMake(String filename, int len,
+ boolean base64);
+
+ /**
+ * Initialize new BIO
+ * @param pool The pool to use.
+ * @param callback BIOCallback to use
+ * @return New BIO handle
+ */
+ public static native long newBIO(long pool, BIOCallback callback)
+ throws Exception;
+
+ /**
+ * Close BIO and derefrence callback object
+ * @param bio BIO to close and destroy.
+ * @return APR Status code
+ */
+ public static native int closeBIO(long bio);
+
+ /**
+ * Set global Password callback for obtaining passwords.
+ * @param callback PasswordCallback implementation to use.
+ */
+ public static native void setPasswordCallback(PasswordCallback callback);
+
+ /**
+ * Set global Password for decrypting certificates and keys.
+ * @param password Password to use.
+ */
+ public static native void setPassword(String password);
+
+ /**
+ * Generate temporary RSA key.
+ * <br />
+ * Index can be one of:
+ * <PRE>
+ * SSL_TMP_KEY_RSA_512
+ * SSL_TMP_KEY_RSA_1024
+ * SSL_TMP_KEY_RSA_2048
+ * SSL_TMP_KEY_RSA_4096
+ * </PRE>
+ * By default 512 and 1024 keys are generated on startup.
+ * You can use a low priority thread to generate them on the fly.
+ * @param idx temporary key index.
+ */
+ public static native boolean generateRSATempKey(int idx);
+
+ /**
+ * Load temporary DSA key from file
+ * <br />
+ * Index can be one of:
+ * <PRE>
+ * SSL_TMP_KEY_DH_512
+ * SSL_TMP_KEY_DH_1024
+ * SSL_TMP_KEY_DH_2048
+ * SSL_TMP_KEY_DH_4096
+ * </PRE>
+ * @param idx temporary key index.
+ * @param file File contatining DH params.
+ */
+ public static native boolean loadDSATempKey(int idx, String file);
+
+ /**
+ * Return last SSL error string
+ */
+ public static native String getLastError();
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLContext.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLContext.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLContext.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLContext.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,284 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** SSL Context
+ *
+ * @author Mladen Turk
+ * @version $Id: SSLContext.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public final class SSLContext {
+
+
+ /**
+ * Initialize new SSL context
+ * @param pool The pool to use.
+ * @param protocol The SSL protocol to use. It can be one of:
+ * <PRE>
+ * SSL_PROTOCOL_SSLV2
+ * SSL_PROTOCOL_SSLV3
+ * SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3
+ * SSL_PROTOCOL_TLSV1
+ * SSL_PROTOCOL_ALL
+ * </PRE>
+ * @param mode SSL mode to use
+ * <PRE>
+ * SSL_MODE_CLIENT
+ * SSL_MODE_SERVER
+ * SSL_MODE_COMBINED
+ * </PRE>
+ */
+ public static native long make(long pool, int protocol, int mode)
+ throws Exception;
+
+ /**
+ * Free the resources used by the Context
+ * @param ctx Server or Client context to free.
+ * @return APR Status code.
+ */
+ public static native int free(long ctx);
+
+ /**
+ * Set Session context id. Usually host:port combination.
+ * @param ctx Context to use.
+ * @param id String that uniquely identifies this context.
+ */
+ public static native void setContextId(long ctx, String id);
+
+ /**
+ * Asssociate BIOCallback for input or output data capture.
+ * <br />
+ * First word in the output string will contain error
+ * level in the form:
+ * <PRE>
+ * [ERROR] -- Critical error messages
+ * [WARN] -- Varning messages
+ * [INFO] -- Informational messages
+ * [DEBUG] -- Debugging messaged
+ * </PRE>
+ * Callback can use that word to determine application logging level
+ * by intercepting <b>write</b> call.
+ * If the <b>bio</b> is set to 0 no error messages will be displayed.
+ * Default is to use the stderr output stream.
+ * @param ctx Server or Client context to use.
+ * @param bio BIO handle to use, created with SSL.newBIO
+ * @param dir BIO direction (1 for input 0 for output).
+ */
+ public static native void setBIO(long ctx, long bio, int dir);
+
+ /**
+ * Set OpenSSL Option.
+ * @param ctx Server or Client context to use.
+ * @param options See SSL.SSL_OP_* for option flags.
+ */
+ public static native void setOptions(long ctx, int options);
+
+ /**
+ * Sets the "quiet shutdown" flag for <b>ctx</b> to be
+ * <b>mode</b>. SSL objects created from <b>ctx</b> inherit the
+ * <b>mode</b> valid at the time and may be 0 or 1.
+ * <br />
+ * Normally when a SSL connection is finished, the parties must send out
+ * "close notify" alert messages using L<SSL_shutdown(3)|SSL_shutdown(3)>
+ * for a clean shutdown.
+ * <br />
+ * When setting the "quiet shutdown" flag to 1, <b>SSL.shutdown</b>
+ * will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.
+ * (<b>SSL_shutdown</b> then behaves like called with
+ * SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.)
+ * The session is thus considered to be shutdown, but no "close notify" alert
+ * is sent to the peer. This behaviour violates the TLS standard.
+ * The default is normal shutdown behaviour as described by the TLS standard.
+ * @param ctx Server or Client context to use.
+ * @param mode True to set the quiet shutdown.
+ */
+ public static native void setQuietShutdown(long ctx, boolean mode);
+
+ /**
+ * Cipher Suite available for negotiation in SSL handshake.
+ * <br />
+ * This complex directive uses a colon-separated cipher-spec string consisting
+ * of OpenSSL cipher specifications to configure the Cipher Suite the client
+ * is permitted to negotiate in the SSL handshake phase. Notice that this
+ * directive can be used both in per-server and per-directory context.
+ * In per-server context it applies to the standard SSL handshake when a
+ * connection is established. In per-directory context it forces a SSL
+ * renegotation with the reconfigured Cipher Suite after the HTTP request
+ * was read but before the HTTP response is sent.
+ * @param ctx Server or Client context to use.
+ * @param ciphers An SSL cipher specification.
+ */
+ public static native boolean setCipherSuite(long ctx, String ciphers)
+ throws Exception;
+
+ /**
+ * Set File of concatenated PEM-encoded CA CRLs or
+ * directory of PEM-encoded CA Certificates for Client Auth
+ * <br />
+ * This directive sets the all-in-one file where you can assemble the
+ * Certificate Revocation Lists (CRL) of Certification Authorities (CA)
+ * whose clients you deal with. These are used for Client Authentication.
+ * Such a file is simply the concatenation of the various PEM-encoded CRL
+ * files, in order of preference.
+ * <br />
+ * The files in this directory have to be PEM-encoded and are accessed through
+ * hash filenames. So usually you can't just place the Certificate files there:
+ * you also have to create symbolic links named hash-value.N. And you should
+ * always make sure this directory contains the appropriate symbolic links.
+ * Use the Makefile which comes with mod_ssl to accomplish this task.
+ * @param ctx Server or Client context to use.
+ * @param file File of concatenated PEM-encoded CA CRLs for Client Auth.
+ * @param path Directory of PEM-encoded CA Certificates for Client Auth.
+ */
+ public static native boolean setCARevocation(long ctx, String file,
+ String path)
+ throws Exception;
+
+ /**
+ * Set File of PEM-encoded Server CA Certificates
+ * <br />
+ * This directive sets the optional all-in-one file where you can assemble the
+ * certificates of Certification Authorities (CA) which form the certificate
+ * chain of the server certificate. This starts with the issuing CA certificate
+ * of of the server certificate and can range up to the root CA certificate.
+ * Such a file is simply the concatenation of the various PEM-encoded CA
+ * Certificate files, usually in certificate chain order.
+ * <br />
+ * But be careful: Providing the certificate chain works only if you are using
+ * a single (either RSA or DSA) based server certificate. If you are using a
+ * coupled RSA+DSA certificate pair, this will work only if actually both
+ * certificates use the same certificate chain. Else the browsers will be
+ * confused in this situation.
+ * @param ctx Server or Client context to use.
+ * @param file File of PEM-encoded Server CA Certificates.
+ * @param skipfirst Skip first certificate if chain file is inside
+ * certificate file.
+ */
+ public static native boolean setCertificateChainFile(long ctx, String file,
+ boolean skipfirst);
+
+ /**
+ * Set Certificate
+ * <br />
+ * Point setCertificateFile at a PEM encoded certificate. If
+ * the certificate is encrypted, then you will be prompted for a
+ * pass phrase. Note that a kill -HUP will prompt again. A test
+ * certificate can be generated with `make certificate' under
+ * built time. Keep in mind that if you've both a RSA and a DSA
+ * certificate you can configure both in parallel (to also allow
+ * the use of DSA ciphers, etc.)
+ * <br />
+ * If the key is not combined with the certificate, use key param
+ * to point at the key file. Keep in mind that if
+ * you've both a RSA and a DSA private key you can configure
+ * both in parallel (to also allow the use of DSA ciphers, etc.)
+ * @param ctx Server or Client context to use.
+ * @param cert Certificate file.
+ * @param key Private Key file to use if not in cert.
+ * @param password Certificate password. If null and certificate
+ * is encrypted, password prompt will be dispayed.
+ * @param idx Certificate index SSL_AIDX_RSA or SSL_AIDX_DSA.
+ */
+ public static native boolean setCertificate(long ctx, String cert,
+ String key, String password,
+ int idx)
+ throws Exception;
+
+ /**
+ * Set File and Directory of concatenated PEM-encoded CA Certificates
+ * for Client Auth
+ * <br />
+ * This directive sets the all-in-one file where you can assemble the
+ * Certificates of Certification Authorities (CA) whose clients you deal with.
+ * These are used for Client Authentication. Such a file is simply the
+ * concatenation of the various PEM-encoded Certificate files, in order of
+ * preference. This can be used alternatively and/or additionally to
+ * path.
+ * <br />
+ * The files in this directory have to be PEM-encoded and are accessed through
+ * hash filenames. So usually you can't just place the Certificate files there:
+ * you also have to create symbolic links named hash-value.N. And you should
+ * always make sure this directory contains the appropriate symbolic links.
+ * Use the Makefile which comes with mod_ssl to accomplish this task.
+ * @param ctx Server or Client context to use.
+ * @param file File of concatenated PEM-encoded CA Certificates for
+ * Client Auth.
+ * @param path Directory of PEM-encoded CA Certificates for Client Auth.
+ */
+ public static native boolean setCACertificate(long ctx, String file,
+ String path)
+ throws Exception;
+
+ /**
+ * Set file for randomness
+ * @param ctx Server or Client context to use.
+ * @param file random file.
+ */
+ public static native void setRandom(long ctx, String file);
+
+ /**
+ * Set SSL connection shutdown type
+ * <br />
+ * The following levels are available for level:
+ * <PRE>
+ * SSL_SHUTDOWN_TYPE_STANDARD
+ * SSL_SHUTDOWN_TYPE_UNCLEAN
+ * SSL_SHUTDOWN_TYPE_ACCURATE
+ * </PRE>
+ * @param ctx Server or Client context to use.
+ * @param type Shutdown type to use.
+ */
+ public static native void setShutdownType(long ctx, int type);
+
+ /**
+ * Set Type of Client Certificate verification and Maximum depth of CA Certificates
+ * in Client Certificate verification.
+ * <br />
+ * This directive sets the Certificate verification level for the Client
+ * Authentication. Notice that this directive can be used both in per-server
+ * and per-directory context. In per-server context it applies to the client
+ * authentication process used in the standard SSL handshake when a connection
+ * is established. In per-directory context it forces a SSL renegotation with
+ * the reconfigured client verification level after the HTTP request was read
+ * but before the HTTP response is sent.
+ * <br />
+ * The following levels are available for level:
+ * <PRE>
+ * SSL_CVERIFY_NONE - No client Certificate is required at all
+ * SSL_CVERIFY_OPTIONAL - The client may present a valid Certificate
+ * SSL_CVERIFY_REQUIRE - The client has to present a valid Certificate
+ * SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate
+ * but it need not to be (successfully) verifiable
+ * </PRE>
+ * <br />
+ * The depth actually is the maximum number of intermediate certificate issuers,
+ * i.e. the number of CA certificates which are max allowed to be followed while
+ * verifying the client certificate. A depth of 0 means that self-signed client
+ * certificates are accepted only, the default depth of 1 means the client
+ * certificate can be self-signed or has to be signed by a CA which is directly
+ * known to the server (i.e. the CA's certificate is under
+ * <code>setCACertificatePath</code>), etc.
+ * @param ctx Server or Client context to use.
+ * @param level Type of Client Certificate verification.
+ * @param depth Maximum depth of CA Certificates in Client Certificate
+ * verification.
+ */
+ public static native void setVerify(long ctx, int level, int depth);
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLSocket.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLSocket.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLSocket.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/SSLSocket.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** SSL Socket
+ *
+ * @author Mladen Turk
+ * @version $Id: SSLSocket.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class SSLSocket {
+
+ /**
+ * Attach APR socket on a SSL connection.
+ * @param ctx SSLContext to use.
+ * @param sock APR Socket that already did physical connect or accept.
+ * @return APR_STATUS code.
+ */
+ public static native int attach(long ctx, long sock)
+ throws Exception;
+
+ /**
+ * Do a SSL handshake.
+ * @param thesocket The socket to use
+ */
+ public static native int handshake(long thesocket);
+
+ /**
+ * Do a SSL renegotiation.
+ * SSL supports per-directory re-configuration of SSL parameters.
+ * This is implemented by performing an SSL renegotiation of the
+ * re-configured parameters after the request is read, but before the
+ * response is sent. In more detail: the renegotiation happens after the
+ * request line and MIME headers were read, but _before_ the attached
+ * request body is read. The reason simply is that in the HTTP protocol
+ * usually there is no acknowledgment step between the headers and the
+ * body (there is the 100-continue feature and the chunking facility
+ * only), so Apache has no API hook for this step.
+ *
+ * @param thesocket The socket to use
+ */
+ public static native int renegotiate(long thesocket);
+
+ /**
+ * Set Type of Client Certificate verification and Maximum depth of CA
+ * Certificates in Client Certificate verification.
+ * <br />
+ * This is used to change the verification level for a connection prior to
+ * starting a re-negotiation.
+ * <br />
+ * The following levels are available for level:
+ * <PRE>
+ * SSL_CVERIFY_NONE - No client Certificate is required at all
+ * SSL_CVERIFY_OPTIONAL - The client may present a valid Certificate
+ * SSL_CVERIFY_REQUIRE - The client has to present a valid
+ * Certificate
+ * SSL_CVERIFY_OPTIONAL_NO_CA - The client may present a valid Certificate
+ * but it need not to be (successfully)
+ * verifiable
+ * </PRE>
+ * <br />
+ * @param sock The socket to change.
+ * @param level Type of Client Certificate verification.
+ */
+ public static native void setVerify(long sock, int level, int depth);
+
+ /**
+ * Return SSL Info parameter as byte array.
+ *
+ * @param sock The socket to read the data from.
+ * @param id Parameter id.
+ * @return Byte array containing info id value.
+ */
+ public static native byte[] getInfoB(long sock, int id)
+ throws Exception;
+
+ /**
+ * Return SSL Info parameter as String.
+ *
+ * @param sock The socket to read the data from.
+ * @param id Parameter id.
+ * @return String containing info id value.
+ */
+ public static native String getInfoS(long sock, int id)
+ throws Exception;
+
+ /**
+ * Return SSL Info parameter as integer.
+ *
+ * @param sock The socket to read the data from.
+ * @param id Parameter id.
+ * @return Integer containing info id value or -1 on error.
+ */
+ public static native int getInfoI(long sock, int id)
+ throws Exception;
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Shm.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Shm.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Shm.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Shm.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+import java.nio.ByteBuffer;
+
+/** Shm
+ *
+ * @author Mladen Turk
+ * @version $Id: Shm.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class Shm {
+
+ /**
+ * Create and make accessable a shared memory segment.
+ * <br />
+ * A note about Anonymous vs. Named shared memory segments:<br />
+ * Not all plaforms support anonymous shared memory segments, but in
+ * some cases it is prefered over other types of shared memory
+ * implementations. Passing a NULL 'file' parameter to this function
+ * will cause the subsystem to use anonymous shared memory segments.
+ * If such a system is not available, APR_ENOTIMPL is returned.
+ * <br />
+ * A note about allocation sizes:<br />
+ * On some platforms it is necessary to store some metainformation
+ * about the segment within the actual segment. In order to supply
+ * the caller with the requested size it may be necessary for the
+ * implementation to request a slightly greater segment length
+ * from the subsystem. In all cases, the apr_shm_baseaddr_get()
+ * function will return the first usable byte of memory.
+ * @param reqsize The desired size of the segment.
+ * @param filename The file to use for shared memory on platforms that
+ * require it.
+ * @param pool the pool from which to allocate the shared memory
+ * structure.
+ * @return The created shared memory structure.
+ *
+ */
+ public static native long create(long reqsize, String filename, long pool)
+ throws Error;
+
+ /**
+ * Remove shared memory segment associated with a filename.
+ * <br />
+ * This function is only supported on platforms which support
+ * name-based shared memory segments, and will return APR_ENOTIMPL on
+ * platforms without such support.
+ * @param filename The filename associated with shared-memory segment which
+ * needs to be removed
+ * @param pool The pool used for file operations
+ */
+ public static native int remove(String filename, long pool);
+
+ /**
+ * Destroy a shared memory segment and associated memory.
+ * @param m The shared memory segment structure to destroy.
+ */
+ public static native int destroy(long m);
+
+ /**
+ * Attach to a shared memory segment that was created
+ * by another process.
+ * @param filename The file used to create the original segment.
+ * (This MUST match the original filename.)
+ * @param pool the pool from which to allocate the shared memory
+ * structure for this process.
+ * @return The created shared memory structure.
+ */
+ public static native long attach(String filename, long pool)
+ throws Error;
+
+ /**
+ * Detach from a shared memory segment without destroying it.
+ * @param m The shared memory structure representing the segment
+ * to detach from.
+ */
+ public static native int detach(long m);
+
+ /**
+ * Retrieve the base address of the shared memory segment.
+ * NOTE: This address is only usable within the callers address
+ * space, since this API does not guarantee that other attaching
+ * processes will maintain the same address mapping.
+ * @param m The shared memory segment from which to retrieve
+ * the base address.
+ * @return address, aligned by APR_ALIGN_DEFAULT.
+ */
+ public static native long baseaddr(long m);
+
+ /**
+ * Retrieve the length of a shared memory segment in bytes.
+ * @param m The shared memory segment from which to retrieve
+ * the segment length.
+ */
+ public static native long size(long m);
+
+ /**
+ * Retrieve new ByteBuffer base address of the shared memory segment.
+ * NOTE: This address is only usable within the callers address
+ * space, since this API does not guarantee that other attaching
+ * processes will maintain the same address mapping.
+ * @param m The shared memory segment from which to retrieve
+ * the base address.
+ * @return address, aligned by APR_ALIGN_DEFAULT.
+ */
+ public static native ByteBuffer buffer(long m);
+
+}
Added: geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Sockaddr.java
URL: http://svn.apache.org/viewvc/geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Sockaddr.java?rev=1214761&view=auto
==============================================================================
--- geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Sockaddr.java (added)
+++ geronimo/external/trunk/tomcat-parent-6.0.35/catalina/src/main/java/org/apache/tomcat/jni/Sockaddr.java Thu Dec 15 13:55:25 2011
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.tomcat.jni;
+
+/** Sockaddr
+ *
+ * @author Mladen Turk
+ * @version $Id: Sockaddr.java 939351 2010-04-29 15:41:54Z kkolinko $
+ */
+
+public class Sockaddr {
+
+ /** The pool to use... */
+ public long pool;
+ /** The hostname */
+ public String hostname;
+ /** Either a string of the port number or the service name for the port */
+ public String servname;
+ /** The numeric port */
+ public int port;
+ /** The family */
+ public int family;
+ /** If multiple addresses were found by apr_sockaddr_info_get(), this
+ * points to a representation of the next address. */
+ public long next;
+
+}
|