removing client/server properties for IceSSL

8 files changed, 50 insertions, 123 deletions

diff --git a/java/src/IceInternal/PropertyNames.java b/java/src/IceInternal/PropertyNames.java
index 96f7c1296f5..023989584a9 100644
--- a/java/src/IceInternal/PropertyNames.java
+++ b/java/src/IceInternal/PropertyNames.java
@@ -7,7 +7,7 @@
 //
 // **********************************************************************
 
-// Generated by makeprops.py from file `../config/PropertyNames.def', Fri Apr 14 14:43:00 2006
+// Generated by makeprops.py from file `../config/PropertyNames.def', Mon Apr 17 10:30:14 2006
 
 // IMPORTANT: Do not edit this file -- any edits made here will be lost!
 
@@ -206,57 +206,34 @@ public final class PropertyNames
 
     public static final String IceSSLProps[] =
     {
-        "^IceSSL\\.Client\\.CertAuthDir$",
-        "^IceSSL\\.Client\\.CertAuthFile$",
-        "^IceSSL\\.Client\\.CertFile$",
-        "^IceSSL\\.Client\\.CheckCertName$",
-        "^IceSSL\\.Client\\.CheckCRL$",
-        "^IceSSL\\.Client\\.Ciphers$",
-        "^IceSSL\\.Client\\.DefaultDir$",
-        "^IceSSL\\.Client\\.DH\\.*$",
-        "^IceSSL\\.Client\\.KeyFile$",
-        "^IceSSL\\.Client\\.Password$",
-        "^IceSSL\\.Client\\.PasswordRetryMax$",
-        "^IceSSL\\.Client\\.Protocols$",
-        "^IceSSL\\.Client\\.VerifyDepthMax$",
-        "^IceSSL\\.Client\\.VerifyPeer$",
+        "^IceSSL\\.Alias$",
+        "^IceSSL\\.CertAuthDir$",
+        "^IceSSL\\.CertAuthFile$",
+        "^IceSSL\\.CertFile$",
+        "^IceSSL\\.Certs$",
+        "^IceSSL\\.CertsPassword$",
+        "^IceSSL\\.CheckCertName$",
+        "^IceSSL\\.CheckCRL$",
+        "^IceSSL\\.Ciphers$",
+        "^IceSSL\\.DefaultDir$",
         "^IceSSL\\.DelayInit$",
+        "^IceSSL\\.DH\\.[^\\s.]+$",
         "^IceSSL\\.EntropyDaemon$",
         "^IceSSL\\.ImportCert\\.[^\\s.]+\\.[^\\s.]+$",
+        "^IceSSL\\.KeyFile$",
+        "^IceSSL\\.Keystore$",
+        "^IceSSL\\.KeystorePassword$",
+        "^IceSSL\\.KeystoreType$",
+        "^IceSSL\\.Password$",
+        "^IceSSL\\.PasswordRetryMax$",
+        "^IceSSL\\.Protocols$",
         "^IceSSL\\.Random$",
-        "^IceSSL\\.Server\\.CertAuthDir$",
-        "^IceSSL\\.Server\\.CertAuthFile$",
-        "^IceSSL\\.Server\\.CertFile$",
-        "^IceSSL\\.Server\\.CheckCRL$",
-        "^IceSSL\\.Server\\.Ciphers$",
-        "^IceSSL\\.Server\\.DefaultDir$",
-        "^IceSSL\\.Server\\.DH\\.[^\\s.]+$",
-        "^IceSSL\\.Server\\.KeyFile$",
-        "^IceSSL\\.Server\\.Password$",
-        "^IceSSL\\.Server\\.PasswordRetryMax$",
-        "^IceSSL\\.Server\\.Protocols$",
-        "^IceSSL\\.Server\\.VerifyDepthMax$",
-        "^IceSSL\\.Server\\.VerifyPeer$",
         "^IceSSL\\.Trace\\.Security$",
-        "^IceSSL\\.Client\\.Alias$",
-        "^IceSSL\\.Client\\.Certs$",
-        "^IceSSL\\.Client\\.CertsPassword$",
-        "^IceSSL\\.Client\\.Keystore$",
-        "^IceSSL\\.Client\\.KeystorePassword$",
-        "^IceSSL\\.Client\\.KeystoreType$",
-        "^IceSSL\\.Client\\.Truststore$",
-        "^IceSSL\\.Client\\.TruststorePassword$",
-        "^IceSSL\\.Client\\.TruststoreType$",
-        "^IceSSL\\.Server\\.Alias$",
-        "^IceSSL\\.Server\\.Certs$",
-        "^IceSSL\\.Server\\.CertsPassword$",
-        "^IceSSL\\.Server\\.ClientAuth$",
-        "^IceSSL\\.Server\\.Keystore$",
-        "^IceSSL\\.Server\\.KeystorePassword$",
-        "^IceSSL\\.Server\\.KeystoreType$",
-        "^IceSSL\\.Server\\.Truststore$",
-        "^IceSSL\\.Server\\.TruststorePassword$",
-        "^IceSSL\\.Server\\.TruststoreType$",
+        "^IceSSL\\.Truststore$",
+        "^IceSSL\\.TruststorePassword$",
+        "^IceSSL\\.TruststoreType$",
+        "^IceSSL\\.VerifyDepthMax$",
+        "^IceSSL\\.VerifyPeer$",
         null
     };
 
diff --git a/java/src/IceSSL/AcceptorI.java b/java/src/IceSSL/AcceptorI.java
index 5229c896160..165bfa7170f 100644
--- a/java/src/IceSSL/AcceptorI.java
+++ b/java/src/IceSSL/AcceptorI.java
@@ -272,7 +272,7 @@ class AcceptorI implements IceInternal.Acceptor
     AcceptorI(Instance instance, String host, int port)
     {
 	_instance = instance;
-	_ctx = instance.serverContext();
+	_ctx = instance.context();
 	_logger = instance.communicator().getLogger();
 	_backlog = 0;
 
@@ -294,16 +294,8 @@ class AcceptorI implements IceInternal.Acceptor
 	    _fd = (javax.net.ssl.SSLServerSocket)factory.createServerSocket(port, _backlog, iface);
 	    _addr = (java.net.InetSocketAddress)_fd.getLocalSocketAddress();
 
-	    int verifyPeer = _instance.communicator().getProperties().getPropertyAsIntWithDefault(
-		"IceSSL.Server.VerifyPeer", -1);
-	    if(verifyPeer == -1)
-	    {
-		//
-		// Check deprecated ClientAuth property.
-		//
-		verifyPeer = _instance.communicator().getProperties().getPropertyAsIntWithDefault(
-		    "IceSSL.Server.ClientAuth", 2);
-	    }
+	    int verifyPeer =
+		_instance.communicator().getProperties().getPropertyAsIntWithDefault("IceSSL.VerifyPeer", 2);
 	    if(verifyPeer == 0)
 	    {
 		_fd.setWantClientAuth(false);
diff --git a/java/src/IceSSL/ConnectorI.java b/java/src/IceSSL/ConnectorI.java
index 785eb02d359..0df3c1ed049 100644
--- a/java/src/IceSSL/ConnectorI.java
+++ b/java/src/IceSSL/ConnectorI.java
@@ -17,7 +17,7 @@ final class ConnectorI implements IceInternal.Connector
 	//
 	// The plugin may not be fully initialized.
 	//
-	Context ctx = _instance.clientContext();
+	Context ctx = _instance.context();
 
 	if(_instance.networkTraceLevel() >= 2)
 	{
diff --git a/java/src/IceSSL/Context.java b/java/src/IceSSL/Context.java
index 7db3d6450eb..79ff636565b 100644
--- a/java/src/IceSSL/Context.java
+++ b/java/src/IceSSL/Context.java
@@ -11,13 +11,13 @@ package IceSSL;
 
 class Context
 {
-    Context(Instance instance, boolean client, javax.net.ssl.SSLContext context, java.security.SecureRandom rand)
+    Context(Instance instance, javax.net.ssl.SSLContext context, java.security.SecureRandom rand)
 	throws java.security.GeneralSecurityException
     {
 	_instance = instance;
 	_logger = instance.communicator().getLogger();
 
-	final String prefix = client ? "IceSSL.Client." : "IceSSL.Server.";
+	final String prefix = "IceSSL.";
 	Ice.Properties properties = instance.communicator().getProperties();
 	String ciphers = properties.getProperty(prefix + "Ciphers");
 
@@ -167,7 +167,7 @@ class Context
 
 		    for(int i = 0; i < keyManagers.length; ++i)
 		    {
-			keyManagers[i] = new KeyManagerI((javax.net.ssl.X509KeyManager)keyManagers[i], alias, client);
+			keyManagers[i] = new KeyManagerI((javax.net.ssl.X509KeyManager)keyManagers[i], alias);
 		    }
 		}
 	    }
diff --git a/java/src/IceSSL/Instance.java b/java/src/IceSSL/Instance.java
index b6494d69099..4b6fa6baf66 100644
--- a/java/src/IceSSL/Instance.java
+++ b/java/src/IceSSL/Instance.java
@@ -22,7 +22,7 @@ class Instance
 	//
 	if(communicator.getProperties().getPropertyAsInt("IceSSL.DelayInit") == 0)
 	{   
-	    initialize(null, null);
+	    initialize(null);
 	}
 
 	// 
@@ -32,9 +32,9 @@ class Instance
     }
 
     void
-    initialize(javax.net.ssl.SSLContext clientContext, javax.net.ssl.SSLContext serverContext)
+    initialize(javax.net.ssl.SSLContext context)
     {
-	if(_clientContext != null)
+	if(_context != null)
 	{   
 	    Ice.PluginInitializationException e = new Ice.PluginInitializationException();
 	    e.reason = "plugin is already initialized";
@@ -45,7 +45,7 @@ class Instance
 	// If we have to initialize an SSLContext, we'll need a SecureRandom object.
 	//
 	java.security.SecureRandom rand = null;
-	if(clientContext == null || serverContext == null)
+	if(context == null)
 	{
 	    try
 	    {
@@ -67,29 +67,16 @@ class Instance
 	}
 
 	//
-	// Create the client and server contexts. We always create both, even
-	// if only one is used.
+	// Create the context.
 	//
 	try
 	{
-	    _clientContext = new Context(this, true, clientContext, rand);
+	    _context = new Context(this, context, rand);
 	}
 	catch(java.security.GeneralSecurityException ex)
 	{
 	    Ice.PluginInitializationException e = new Ice.PluginInitializationException();
-	    e.reason = "IceSSL: unable to initialize client context";
-	    e.initCause(ex);
-	    throw e;
-	}
-
-	try
-	{
-	    _serverContext = new Context(this, false, serverContext, rand);
-	}
-	catch(java.security.GeneralSecurityException ex)
-	{
-	    Ice.PluginInitializationException e = new Ice.PluginInitializationException();
-	    e.reason = "IceSSL: unable to initialize server context";
+	    e.reason = "IceSSL: unable to initialize context";
 	    e.initCause(ex);
 	    throw e;
 	}
@@ -138,27 +125,15 @@ class Instance
     }
 
     Context
-    clientContext()
-    {
-	if(_clientContext == null)
-	{
-	    Ice.PluginInitializationException e = new Ice.PluginInitializationException();
-	    e.reason = "IceSSL: plugin is not fully initialized";
-	    throw e;
-	}
-	return _clientContext;
-    }
-
-    Context
-    serverContext()
+    context()
     {
-	if(_serverContext == null)
+	if(_context == null)
 	{
 	    Ice.PluginInitializationException e = new Ice.PluginInitializationException();
 	    e.reason = "IceSSL: plugin is not fully initialized";
 	    throw e;
 	}
-	return _serverContext;
+	return _context;
     }
 
     CertificateVerifier
@@ -170,7 +145,6 @@ class Instance
     private IceInternal.ProtocolPluginFacade _facade;
     private int _securityTraceLevel;
     private String _securityTraceCategory;
-    private Context _clientContext;
-    private Context _serverContext;
+    private Context _context;
     private CertificateVerifier _verifier;
 }
diff --git a/java/src/IceSSL/KeyManagerI.java b/java/src/IceSSL/KeyManagerI.java
index 4a6d76e33cc..2c4bdd4796a 100644
--- a/java/src/IceSSL/KeyManagerI.java
+++ b/java/src/IceSSL/KeyManagerI.java
@@ -11,37 +11,22 @@ package IceSSL;
 
 final class KeyManagerI implements javax.net.ssl.X509KeyManager
 {
-    KeyManagerI(javax.net.ssl.X509KeyManager del, String alias, boolean client)
+    KeyManagerI(javax.net.ssl.X509KeyManager del, String alias)
     {
         _delegate = del;
         _alias = alias;
-	_client = client;
     }
 
     public String
     chooseClientAlias(String[] keyType, java.security.Principal[] issuers, java.net.Socket socket)
     {
-	if(_client)
-	{
-	    return _alias;
-	}
-	else
-	{
-	    return _delegate.chooseClientAlias(keyType, issuers, socket);
-	}
+	return _alias;
     }
 
     public String
     chooseServerAlias(String keyType, java.security.Principal[] issuers, java.net.Socket socket)
     {
-	if(!_client)
-	{
-	    return _alias;
-	}
-	else
-	{
-	    return _delegate.chooseServerAlias(keyType, issuers, socket);
-	}
+	return _alias;
     }
 
     public java.security.cert.X509Certificate[]
@@ -70,5 +55,4 @@ final class KeyManagerI implements javax.net.ssl.X509KeyManager
 
     private javax.net.ssl.X509KeyManager _delegate;
     private String _alias;
-    private boolean _client;
 }
diff --git a/java/src/IceSSL/Plugin.java b/java/src/IceSSL/Plugin.java
index a4316453f62..64eac3f1b2b 100644
--- a/java/src/IceSSL/Plugin.java
+++ b/java/src/IceSSL/Plugin.java
@@ -15,10 +15,10 @@ public interface Plugin extends Ice.Plugin
     // Manually initialize the plugin. The application must set the property
     // IceSSL.DelayInit=1 in order to use this method.
     //
-    // It is legal to pass null as either argument, in which case the plugin
-    // obtains its certificates as directed by configuration properties.
+    // It is legal to pass null as the argument, in which case the plugin
+    // obtains its configuration via properties.
     //
-    void initialize(javax.net.ssl.SSLContext clientContext, javax.net.ssl.SSLContext serverContext);
+    void initialize(javax.net.ssl.SSLContext context);
 
     // 
     // Establish the certificate verifier object. This should be
diff --git a/java/src/IceSSL/PluginI.java b/java/src/IceSSL/PluginI.java
index bba197882e3..13748a83061 100644
--- a/java/src/IceSSL/PluginI.java
+++ b/java/src/IceSSL/PluginI.java
@@ -23,9 +23,9 @@ class PluginI extends Ice.LocalObjectImpl implements Plugin
     }
 
     public void
-    initialize(javax.net.ssl.SSLContext clientContext, javax.net.ssl.SSLContext serverContext)
+    initialize(javax.net.ssl.SSLContext context)
     {
-	_instance.initialize(clientContext, serverContext);
+	_instance.initialize(context);
     }
 
     public void