summaryrefslogtreecommitdiff
path: root/java
diff options
context:
space:
mode:
authorMark Spruiell <mes@zeroc.com>2007-06-26 10:22:00 -0700
committerMark Spruiell <mes@zeroc.com>2007-06-26 10:22:00 -0700
commitbdd7b47ab37973ed6cdd192c126901aa823ed1b0 (patch)
tree017d90475d8922065b753068d620831670dc1a40 /java
parentMerge branch 'master' of ssh://cvs.zeroc.com/home/git/ice (diff)
downloadice-bdd7b47ab37973ed6cdd192c126901aa823ed1b0.tar.bz2
ice-bdd7b47ab37973ed6cdd192c126901aa823ed1b0.tar.xz
ice-bdd7b47ab37973ed6cdd192c126901aa823ed1b0.zip
fixing NPE in IceSSL for Java & updating IceSSL test
Diffstat (limited to 'java')
-rw-r--r--java/CHANGES3
-rw-r--r--java/ssl/jdk1.4/IceSSL/TrustManager.java2
-rw-r--r--java/ssl/jdk1.5/IceSSL/TrustManager.java2
-rw-r--r--java/test/IceSSL/configuration/AllTests.java28
4 files changed, 33 insertions, 2 deletions
diff --git a/java/CHANGES b/java/CHANGES
index 8ba6d2d3f17..5ef9c60c4fb 100644
--- a/java/CHANGES
+++ b/java/CHANGES
@@ -50,6 +50,9 @@ Changes since version 3.2.X (binary incompatible)
Changes since version 3.2.0
---------------------------
+- Fixed a bug in IceSSL that could cause a NullPointerException when
+ using TrustOnly properties.
+
- Added support for protected class data members using the new
metadata tag ["protected"]. The tag can be applied to a Slice class
or to individual data members.
diff --git a/java/ssl/jdk1.4/IceSSL/TrustManager.java b/java/ssl/jdk1.4/IceSSL/TrustManager.java
index 1374b99dfec..d53cdf74273 100644
--- a/java/ssl/jdk1.4/IceSSL/TrustManager.java
+++ b/java/ssl/jdk1.4/IceSSL/TrustManager.java
@@ -87,7 +87,7 @@ class TrustManager
//
// If there is no certificate then we match false.
//
- if(info.certs.length != 0)
+ if(info.certs != null && info.certs.length > 0)
{
javax.security.auth.x500.X500Principal subjectDN = (javax.security.auth.x500.X500Principal)
((java.security.cert.X509Certificate)info.certs[0]).getSubjectX500Principal();
diff --git a/java/ssl/jdk1.5/IceSSL/TrustManager.java b/java/ssl/jdk1.5/IceSSL/TrustManager.java
index ca4a43c0596..8598c1ac7e6 100644
--- a/java/ssl/jdk1.5/IceSSL/TrustManager.java
+++ b/java/ssl/jdk1.5/IceSSL/TrustManager.java
@@ -87,7 +87,7 @@ class TrustManager
//
// If there is no certificate then we match false.
//
- if(info.certs.length != 0)
+ if(info.certs != null && info.certs.length > 0)
{
javax.security.auth.x500.X500Principal subjectDN = (javax.security.auth.x500.X500Principal)
((java.security.cert.X509Certificate)info.certs[0]).getSubjectX500Principal();
diff --git a/java/test/IceSSL/configuration/AllTests.java b/java/test/IceSSL/configuration/AllTests.java
index 96d3444dcaa..edf27399047 100644
--- a/java/test/IceSSL/configuration/AllTests.java
+++ b/java/test/IceSSL/configuration/AllTests.java
@@ -1224,6 +1224,34 @@ public class AllTests
fact.destroyServer(server);
comm.destroy();
}
+ {
+ //
+ // Test rejection when client does not supply a certificate.
+ //
+ Ice.InitializationData initData = createClientProps(defaultDir, defaultHost, threadPool);
+ initData = createClientProps(defaultDir, defaultHost, threadPool);
+ initData.properties.setProperty("IceSSL.Ciphers", "NONE (.*DH_anon.*)");
+ initData.properties.setProperty("IceSSL.VerifyPeer", "0");
+ Ice.Communicator comm = Ice.Util.initialize(args, initData);
+ Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+ test(fact != null);
+ java.util.Map d = createServerProps(defaultDir, defaultHost, threadPool);
+ d.put("IceSSL.TrustOnly",
+ "C=US, ST=Florida, O=ZeroC\\, Inc.,OU=Ice, emailAddress=info@zeroc.com, CN=Client");
+ d.put("IceSSL.Ciphers", "NONE (.*DH_anon.*)");
+ d.put("IceSSL.VerifyPeer", "0");
+ Test.ServerPrx server = fact.createServer(d);
+ try
+ {
+ server.ice_ping();
+ test(false);
+ }
+ catch(Ice.LocalException ex)
+ {
+ }
+ fact.destroyServer(server);
+ comm.destroy();
+ }
System.out.println("ok");
System.out.print("testing IceSSL.TrustOnly.Client... ");
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 22:59:51 +0000