[Pkg-freeipa-devel] [Git][freeipa-team/jss][master] 24 commits: Enabled unit tests during build
Timo Aaltonen
gitlab at salsa.debian.org
Wed Aug 15 11:59:46 BST 2018
Timo Aaltonen pushed to branch master at FreeIPA packaging / jss
Commits:
d9b42e22 by Endi S. Dewata at 2018-07-25T02:22:29Z
Enabled unit tests during build
The spec template has been modified to run the unit tests during
the build. Currently the test result is ignored since there are
some failures. Once the failures are fixed, the result should be
checked.
- - - - -
f20948ce by Endi S. Dewata at 2018-07-25T02:53:06Z
Cleaned up CLASSPATH and LD_LIBRARY_PATH
- - - - -
eec7b517 by Endi S. Dewata at 2018-07-25T03:25:34Z
Fixed NSS_LIB_DIR build with installed NSS
- - - - -
d36e65b3 by Endi S. Dewata at 2018-08-04T08:39:07Z
Added SSLVersion enum
A new SSLVersion enum has been added to enumerate supported
SSL/TLS versions which includes TLS 1.3.
The SSLVersionRange class has been updated to support the new
SSLVersion enum. Some old methods and constants have been
deprecated.
- - - - -
ba742073 by Alexander Bokovoy at 2018-08-06T11:54:29Z
make getMinEnum() / getMaxEnum() public
- - - - -
824d02f5 by Alexander Bokovoy at 2018-08-06T11:54:29Z
Add TLS 1.3 constants
- - - - -
1c1dad18 by Alexander Bokovoy at 2018-08-06T15:04:35Z
Add boundSSLVersionRange
Allow applications to obtain a bound supported SSL range according
to the default crypto policy on this system.
If the policy does not satisfy requirements, throw exception.
- - - - -
4c740a59 by Alexander Bokovoy at 2018-08-06T15:04:35Z
Release 4.5.1
- - - - -
937e7443 by Alexander Bokovoy at 2018-08-06T15:04:35Z
Fix tests/all.pl to actually load the library that was built
- - - - -
cf926cc2 by Alexander Bokovoy at 2018-08-06T15:04:35Z
Use RSA 2048 bit to generate a test certificate
NSS rejects generation of RSA 1024 bit certs now, use 2048 bit.
- - - - -
a1f1396a by Fraser Tweedale at 2018-08-06T17:31:43Z
Revert "Release 4.5.1"
This reverts commit 4c740a594767ffdd94b807d7b3f653f79434e427.
4.5.0 was not released yet, so revert the version bump to 4.5.1 and
put the new symbol under the 4.5 shared library version.
- - - - -
f4ec2cf6 by Endi S. Dewata at 2018-08-08T00:13:52Z
Added JSS_4_5_REPO parameter
A new JSS_4_5_REPO parameter has been added to specify the
repository that provides JSS 4.5 dependencies. By default
it will use @pki/10.6.
- - - - -
5fcbfcc7 by Endi S. Dewata at 2018-08-08T00:23:16Z
Refactored SSLVersionRange
The SSLVersionRange has been moved out of SSLSocket into a
separate class.
- - - - -
f4489ada by Endi S. Dewata at 2018-08-08T00:23:16Z
Refactored SSLProtocolVariant
The SSLProtocolVariant has been moved out of SSLSocket into a
separate class.
- - - - -
f0e1fac2 by Endi S. Dewata at 2018-08-08T00:23:17Z
Refactored CipherPolicy
The CipherPolicy has been moved out of SSLSocket into a separate
class.
- - - - -
8df3bcc3 by Endi S. Dewata at 2018-08-08T00:23:17Z
Removed unused Debug classes
- - - - -
b4b1c99e by Endi S. Dewata at 2018-08-08T00:23:17Z
Updated version number to 4.5.0-0.6 (beta 1)
- - - - -
2dd2e545 by Endi S. Dewata at 2018-08-10T20:36:28Z
Added logging message CryptoManager
- - - - -
c89f9a99 by Endi S. Dewata at 2018-08-10T20:45:52Z
Updated version number to 4.5.0-1
- - - - -
d87a45d6 by Timo Aaltonen at 2018-08-15T10:13:26Z
Merge branch 'upstream'
- - - - -
0aa9f5f4 by Timo Aaltonen at 2018-08-15T10:31:48Z
update version
- - - - -
f2775171 by Timo Aaltonen at 2018-08-15T10:44:39Z
control: Add breaks on current libidm-console-framework-java and libldap-java.
- - - - -
e5669dfe by Timo Aaltonen at 2018-08-15T10:50:06Z
watch: Updated.
- - - - -
0399b90e by Timo Aaltonen at 2018-08-15T10:57:56Z
releasing package jss version 4.5.0-1
- - - - -
30 changed files:
- .travis.yml
- build.sh
- build_java.pl
- debian/changelog
- debian/control
- debian/watch
- jss.spec.in → jss.spec
- lib/jss.def
- org/mozilla/jss/CryptoManager.java
- org/mozilla/jss/netscape/security/extensions/NSCertTypeExtension.java
- + org/mozilla/jss/ssl/CipherPolicy.java
- org/mozilla/jss/ssl/SSLCipher.java
- + org/mozilla/jss/ssl/SSLProtocolVariant.java
- org/mozilla/jss/ssl/SSLSocket.c
- org/mozilla/jss/ssl/SSLSocket.java
- + org/mozilla/jss/ssl/SSLVersion.java
- + org/mozilla/jss/ssl/SSLVersionRange.java
- org/mozilla/jss/ssl/SocketBase.java
- org/mozilla/jss/ssl/common.c
- org/mozilla/jss/ssl/jssl.h
- org/mozilla/jss/tests/Constants.java
- org/mozilla/jss/tests/SSLClientAuth.java
- org/mozilla/jss/tests/all.pl
- org/mozilla/jss/util/Assert.java
- org/mozilla/jss/util/AssertionException.java
- − org/mozilla/jss/util/Debug_debug.jnot
- − org/mozilla/jss/util/Debug_ship.jnot
- org/mozilla/jss/util/Makefile
- org/mozilla/jss/util/java_ids.h
- org/mozilla/jss/util/jssutil.c
Changes:
=====================================
.travis.yml
=====================================
--- a/.travis.yml
+++ b/.travis.yml
@@ -19,7 +19,7 @@ install:
-v $(pwd):/root/jss
registry.fedoraproject.org/fedora:$FEDORA
- docker exec container dnf install -y dnf-plugins-core gcc make rpm-build
- - docker exec container dnf copr -y enable @pki/10.6
+ - docker exec container dnf copr -y enable ${JSS_4_5_REPO:- at pki/10.6}
- docker exec container dnf builddep -y --spec /root/jss/jss.spec.in
- docker exec container /root/jss/build.sh --with-timestamp --with-commit-id rpm
=====================================
build.sh
=====================================
--- a/build.sh
+++ b/build.sh
@@ -208,7 +208,7 @@ if [ "$BUILD_TARGET" != "src" ] &&
fi
if [ "$SPEC_TEMPLATE" = "" ] ; then
- SPEC_TEMPLATE="$SRC_DIR/$NAME.spec.in"
+ SPEC_TEMPLATE="$SRC_DIR/$NAME.spec"
fi
VERSION="`rpmspec -P "$SPEC_TEMPLATE" | grep "^Version:" | awk '{print $2;}'`"
=====================================
build_java.pl
=====================================
--- a/build_java.pl
+++ b/build_java.pl
@@ -55,7 +55,6 @@ org.mozilla.jss.SecretDecoderRing.KeyManager
org.mozilla.jss.ssl.SSLSocket
org.mozilla.jss.ssl.SSLServerSocket
org.mozilla.jss.ssl.SocketBase
-org.mozilla.jss.util.Debug
org.mozilla.jss.util.Password
);
@@ -153,10 +152,8 @@ sub setup_vars {
$class_release_dir .= "/$cmdline_vars{SOURCE_RELEASE_CLASSES_DIR}";
if( $ENV{BUILD_OPT} ) {
$javac_opt_flag = "-O";
- $debug_source_file = "org/mozilla/jss/util/Debug_ship.jnot";
} else {
$javac_opt_flag = "-g";
- $debug_source_file = "org/mozilla/jss/util/Debug_debug.jnot";
}
$jni_header_dir = "$dist_dir/private/jss/_jni";
@@ -198,6 +195,9 @@ sub setup_vars {
if( ( $ENV{USE_INSTALLED_NSPR} ) && ( $ENV{USE_INSTALLED_NSS} ) ) {
print "Using the NSPR and NSS installed on the system to build JSS.\n";
+ $nss_lib_dir = $ENV{NSS_LIB_DIR};
+ $nss_lib_dir =~ s/^\s+|\s+$//g; # trim spaces
+
} else {
# Verify existence of work area
if(( ! -d "$work_dir/nspr" ) ||
@@ -261,14 +261,6 @@ sub clean {
sub build {
#
- # copy the appropriate debug file
- #
- my $debug_target_file = "org/mozilla/jss/util/Debug.java";
- if( compare($debug_source_file, $debug_target_file) ) {
- copy($debug_source_file, $debug_target_file) or die "Copying file: $!";
- }
-
- #
# generate MANIFEST.MF file in dist dir
#
my $manifest_file = "$dist_dir/MANIFEST.MF";
@@ -439,9 +431,7 @@ sub javadoc {
}
sub test {
- if( ( $ENV{USE_INSTALLED_NSPR} ) && ( $ENV{USE_INSTALLED_NSS} ) ) {
- die "make test_jss is only available on upstream builds of Linux and MacOS platforms.";
- } elsif( $os eq 'Linux' || $os eq 'Darwin' ) {
+ if( $os eq 'Linux' || $os eq 'Darwin' ) {
# Test JSS presuming that it has already been built
if(( -d $dist_dir ) &&
=====================================
debian/changelog
=====================================
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+jss (4.5.0-1) unstable; urgency=medium
+
+ * New upstream release.
+ * control: Add breaks on current libidm-console-framework-java and
+ libldap-java.
+ * watch: Updated.
+
+ -- Timo Aaltonen <tjaalton at debian.org> Wed, 15 Aug 2018 13:51:08 +0300
+
jss (4.5.0~a4-1) unstable; urgency=medium
* New upstream prerelease.
=====================================
debian/control
=====================================
--- a/debian/control
+++ b/debian/control
@@ -19,6 +19,8 @@ Homepage: https://github.com/dogtagpki/jss
Package: libjss-java
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
+Breaks: libidm-console-framework-java (<< 1.2.0),
+ libldap-java (<< 4.20.0),
Description: Network Security Services for Java
Network Security Services for Java (JSS) is a Java interface
to NSS. It supports most of the security standards and
=====================================
debian/watch
=====================================
--- a/debian/watch
+++ b/debian/watch
@@ -1,3 +1,3 @@
version=3
options=uversionmangle=s/-/~/ \
-https://github.com/dogtagpki/jss/tags/ (?:.*?/)?v at ANY_VERSION@\.tar\.gz
+https://github.com/dogtagpki/jss/releases/ (?:.*?/)?v at ANY_VERSION@\.tar\.gz
=====================================
jss.spec.in → jss.spec
=====================================
--- a/jss.spec.in
+++ b/jss.spec
@@ -7,8 +7,8 @@ URL: http://www.dogtagpki.org/wiki/JSS
License: MPLv1.1 or GPLv2+ or LGPLv2+
Version: 4.5.0
-Release: 0.4%{?_timestamp}%{?_commit_id}%{?dist}
-%global _phase -a4
+Release: 1%{?_timestamp}%{?_commit_id}%{?dist}
+# global _phase -a1
# To generate the source tarball:
# $ git clone https://github.com/dogtagpki/jss.git
@@ -35,8 +35,9 @@ Source: https://github.com/dogtagpki/%{name}/archive/v%{version}%{?_phas
BuildRequires: git
BuildRequires: gcc-c++
-BuildRequires: nss-devel >= 3.28.4-6
BuildRequires: nspr-devel >= 4.13.1
+BuildRequires: nss-devel >= 3.28.4-6
+BuildRequires: nss-tools >= 3.28.4-6
BuildRequires: java-devel
BuildRequires: jpackage-utils
BuildRequires: slf4j
@@ -64,9 +65,10 @@ Requires: slf4j-jdk14
Requires: apache-commons-lang
Requires: apache-commons-codec
-Conflicts: idm-console-framework < 1.1.17-4
-Conflicts: pki-base < 10.6.3
-Conflicts: tomcatjss < 7.3.2
+Conflicts: ldapjdk < 4.20
+Conflicts: idm-console-framework < 1.2
+Conflicts: tomcatjss < 7.3.4
+Conflicts: pki-base < 10.6.5
%description
Java Security Services (JSS) is a java native interface which provides a bridge
@@ -131,6 +133,7 @@ export USE_64
make -C coreconf
make
make javadoc
+make test_jss
################################################################################
%install
@@ -172,7 +175,6 @@ cp -p *.txt $RPM_BUILD_ROOT%{_javadocdir}/%{name}-%{version}
################################################################################
%changelog
-
* Tue May 29 2018 Dogtag PKI Team <pki-devel at redhat.com> 4.5.0-0
- To list changes in <branch> since <tag>:
$ git log --pretty=oneline --abbrev-commit --no-decorate <tag>..<branch>
=====================================
lib/jss.def
=====================================
--- a/lib/jss.def
+++ b/lib/jss.def
@@ -177,7 +177,6 @@ Java_org_mozilla_jss_ssl_SocketBase_setSSLOption;
Java_org_mozilla_jss_ssl_SocketBase_socketBind;
Java_org_mozilla_jss_ssl_SocketBase_socketClose;
Java_org_mozilla_jss_ssl_SocketBase_socketCreate;
-Java_org_mozilla_jss_util_Debug_setNativeLevel;
Java_org_mozilla_jss_util_Password_readPasswordFromConsole;
;+#
;+# Data objects (NONE)
@@ -337,6 +336,7 @@ Java_org_mozilla_jss_pkcs11_PK11Token_importPublicKey;
Java_org_mozilla_jss_pkcs11_PK11Store_loadPrivateKeys;
Java_org_mozilla_jss_pkcs11_PK11Store_loadPublicKeys;
Java_org_mozilla_jss_pkcs11_PK11Store_deletePublicKey;
+Java_org_mozilla_jss_ssl_SSLSocket_boundSSLVersionRange;
;+ local:
;+ *;
;+};
=====================================
org/mozilla/jss/CryptoManager.java
=====================================
--- a/org/mozilla/jss/CryptoManager.java
+++ b/org/mozilla/jss/CryptoManager.java
@@ -467,6 +467,9 @@ public final class CryptoManager implements TokenSupplier
"Must set ocspResponderCertNickname");
}
}
+
+ logger.info("CryptoManager: initializing NSS database at " + values.configDir);
+
initializeAllNative2(values.configDir,
values.certPrefix,
values.keyPrefix,
=====================================
org/mozilla/jss/netscape/security/extensions/NSCertTypeExtension.java
=====================================
--- a/org/mozilla/jss/netscape/security/extensions/NSCertTypeExtension.java
+++ b/org/mozilla/jss/netscape/security/extensions/NSCertTypeExtension.java
@@ -231,7 +231,7 @@ public class NSCertTypeExtension extends Extension implements CertAttrSet {
throws IOException {
/**
- * Debug.trace("NSCertTypeExtension");
+ * logger.trace("NSCertTypeExtension");
* this.mBitString = new byte[1];
* this.mBitString[0] = (byte)0x00;
* return;
=====================================
org/mozilla/jss/ssl/CipherPolicy.java
=====================================
--- /dev/null
+++ b/org/mozilla/jss/ssl/CipherPolicy.java
@@ -0,0 +1,23 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package org.mozilla.jss.ssl;
+
+public class CipherPolicy {
+
+ public static final CipherPolicy DOMESTIC =
+ new CipherPolicy(SocketBase.SSL_POLICY_DOMESTIC);
+
+ public static final CipherPolicy EXPORT =
+ new CipherPolicy(SocketBase.SSL_POLICY_EXPORT);
+
+ public static final CipherPolicy FRANCE =
+ new CipherPolicy(SocketBase.SSL_POLICY_FRANCE);
+
+ private int _enum;
+
+ private CipherPolicy(int _enum) { }
+
+ int getEnum() { return _enum; }
+}
=====================================
org/mozilla/jss/ssl/SSLCipher.java
=====================================
--- a/org/mozilla/jss/ssl/SSLCipher.java
+++ b/org/mozilla/jss/ssl/SSLCipher.java
@@ -304,7 +304,20 @@ public enum SSLCipher {
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02D, true),
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02F, true),
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030, true),
- TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031, true);
+ TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031, true),
+
+ /*
+ * TLS 1.3
+ */
+ /* draft-ietf-tls-chacha20-poly1305-04 */
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA8, true),
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCA9, true),
+ TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xCCAA),
+
+ /* Special TLS 1.3 cipher suites that really just specify AEAD */
+ TLS_AES_128_GCM_SHA256 (0x1301),
+ TLS_AES_256_GCM_SHA384 (0x1302),
+ TLS_CHACHA20_POLY1305_SHA256 (0x1303);
private int id;
private boolean ecc;
=====================================
org/mozilla/jss/ssl/SSLProtocolVariant.java
=====================================
--- /dev/null
+++ b/org/mozilla/jss/ssl/SSLProtocolVariant.java
@@ -0,0 +1,20 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package org.mozilla.jss.ssl;
+
+public class SSLProtocolVariant {
+
+ public static final SSLProtocolVariant STREAM =
+ new SSLProtocolVariant(SocketBase.SSL_Variant_Stream);
+
+ public static final SSLProtocolVariant DATA_GRAM =
+ new SSLProtocolVariant(SocketBase.SSL_Variant_Datagram);
+
+ private int _enum;
+
+ private SSLProtocolVariant(int val) { _enum = val; }
+
+ int getEnum() { return _enum; }
+}
=====================================
org/mozilla/jss/ssl/SSLSocket.c
=====================================
--- a/org/mozilla/jss/ssl/SSLSocket.c
+++ b/org/mozilla/jss/ssl/SSLSocket.c
@@ -13,7 +13,7 @@
#include <pk11util.h>
#include "_jni/org_mozilla_jss_ssl_SSLSocket.h"
#include "jssl.h"
-
+#include <sys/param.h>
#ifdef WINNT
#include <private/pprio.h>
@@ -27,7 +27,87 @@
/*
- * support TLS v1.1 and v1.2
+ * support TLS v1.1, v1.2, and v1.3
+ * returns SSL version range bound by the version range provided by the system.
+ * Doesn't change the defaults.
+ */
+JNIEXPORT jobject JNICALL
+Java_org_mozilla_jss_ssl_SSLSocket_boundSSLVersionRange(JNIEnv *env,
+ jclass clazz, jint ssl_variant, jint min, jint max)
+{
+ SECStatus status;
+ SSLVersionRange vrange;
+ SSLVersionRange supported_range;
+ jobject versionRange = NULL;
+ jclass versionRangeClass;
+ jmethodID versionRangeCons;
+
+ if (ssl_variant <0 || ssl_variant >= JSSL_enums_size||
+ min <0 || min >= JSSL_enums_size ||
+ max <0 || max >= JSSL_enums_size) {
+ char buf[128];
+ PR_snprintf(buf, 128, "JSS checkSSLVersionRangeDefault(): for variant=%d min=%d max=%d failed - out of range for array JSSL_enums size: %d", JSSL_enums[ssl_variant], min, max, JSSL_enums_size);
+ JSSL_throwSSLSocketException(env, buf);
+ goto finish;
+ }
+
+ vrange.min = JSSL_enums[min];
+ vrange.max = JSSL_enums[max];
+
+ /* get supported range */
+ status = SSL_VersionRangeGetSupported(JSSL_enums[ssl_variant],
+ &supported_range);
+ if( status != SECSuccess ) {
+ char buf[128];
+ PR_snprintf(buf, 128, "SSL_VersionRangeGetSupported() for variant=%d failed: %d", JSSL_enums[ssl_variant], PR_GetError());
+ JSSL_throwSSLSocketException(env, buf);
+ goto finish;
+ }
+
+ /* bind the min and max */
+ supported_range.min = MAX(supported_range.min, vrange.min);
+ supported_range.max = MIN(supported_range.max, vrange.max);
+
+ /* convert new min/max values back to the JSSL_enums indexes */
+ for (int i = 0; i < JSSL_enums_size; i++) {
+ if (JSSL_enums[i] == supported_range.min) {
+ supported_range.min = i;
+ break;
+ }
+ }
+ for (int i = 0; i < JSSL_enums_size; i++) {
+ if (JSSL_enums[i] == supported_range.max) {
+ supported_range.max = i;
+ break;
+ }
+ }
+
+ /*
+ * package the status into a new SSLVersionRange object
+ */
+ versionRangeClass = (*env)->FindClass(env, SSL_VERSION_RANGE_CLASS_NAME);
+ PR_ASSERT(versionRangeClass != NULL);
+ if( versionRangeClass == NULL ) {
+ /* exception was thrown */
+ goto finish;
+ }
+
+ versionRangeCons = (*env)->GetMethodID(env, versionRangeClass,
+ SSL_VERSION_RANGE_CONSTRUCTOR_NAME,
+ SSL_VERSION_RANGE_CONSTRUCTOR_SIG);
+ PR_ASSERT(versionRangeCons != NULL);
+ if(versionRangeCons == NULL ) {
+ /* exception was thrown */
+ goto finish;
+ }
+ versionRange = (*env)->NewObject(env, versionRangeClass, versionRangeCons,
+ supported_range.min, supported_range.max);
+finish:
+ return versionRange;
+}
+
+/*
+ * support TLS v1.1, v1.2, and v1.3
* sets default SSL version range for sockets created after this call
*/
JNIEXPORT void JNICALL
@@ -38,7 +118,7 @@ Java_org_mozilla_jss_ssl_SSLSocket_setSSLVersionRangeDefault(JNIEnv *env,
SSLVersionRange vrange;
SSLVersionRange supported_range;
- if (ssl_variant <0 || ssl_variant >= JSSL_enums_size||
+ if (ssl_variant <0 || ssl_variant >= JSSL_enums_size||
min <0 || min >= JSSL_enums_size ||
max <0 || max >= JSSL_enums_size) {
char buf[128];
@@ -59,11 +139,12 @@ Java_org_mozilla_jss_ssl_SSLSocket_setSSLVersionRangeDefault(JNIEnv *env,
JSSL_throwSSLSocketException(env, buf);
goto finish;
}
+
/* now check the min and max */
if (vrange.min < supported_range.min ||
vrange.max > supported_range.max) {
char buf[128];
- PR_snprintf(buf, 128, "SSL_VersionRangeSetDefault() for variant=%d with min=%d max=%d out of range (%d:%d): %d", JSSL_enums[ssl_variant], vrange.min, vrange.max, supported_range.min, supported_range.max, PR_GetError());
+ PR_snprintf(buf, 128, "JSS setSSLVersionRangeDefault() for variant=%d with min=%d max=%d out of range (%d:%d): %d", JSSL_enums[ssl_variant], vrange.min, vrange.max, supported_range.min, supported_range.max, PR_GetError());
JSSL_throwSSLSocketException(env, buf);
goto finish;
}
@@ -83,8 +164,8 @@ finish:
}
/*
- * support TLS v1.1 and v1.2
- * sets SSL version range for this socket
+ * support TLS v1.1, v1.2, and v1.3
+ * sets SSL version range for this socket
*/
JNIEXPORT void JNICALL
Java_org_mozilla_jss_ssl_SocketBase_setSSLVersionRange
=====================================
org/mozilla/jss/ssl/SSLSocket.java
=====================================
--- a/org/mozilla/jss/ssl/SSLSocket.java
+++ b/org/mozilla/jss/ssl/SSLSocket.java
@@ -316,6 +316,16 @@ public class SSLSocket extends java.net.Socket {
public final static int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xc030;
public final static int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xc031;
+ /* draft-ietf-tls-chacha20-poly1305-04 */
+ public final static int TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
+ public final static int TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
+ public final static int TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
+
+ /* Special TLS 1.3 cipher suites that really just specify AEAD */
+ public final static int TLS_AES_128_GCM_SHA256 = 0x1301;
+ public final static int TLS_AES_256_GCM_SHA384 = 0x1302;
+ public final static int TLS_CHACHA20_POLY1305_SHA256 = 0x1303;
+
/*
* Locking strategy of SSLSocket
*
@@ -1353,56 +1363,28 @@ public class SSLSocket extends java.net.Socket {
setSSLDefaultOption(SocketBase.SSL_NO_CACHE, !b);
}
- /*
- * _min_enum and _max_enum should be one of the following:
- * SocketBase.SSL_LIBRARY_VERSION_3_0
- * SocketBase.SSL_LIBRARY_VERSION_TLS_1_0
- * SocketBase.SSL_LIBRARY_VERSION_TLS_1_1
- * SocketBase.SSL_LIBRARY_VERSION_TLS_1_2
- */
- public static class SSLVersionRange {
- private int _min_enum;
- private int _max_enum;
- public static final int ssl3 = SocketBase.SSL_LIBRARY_VERSION_3_0;
- public static final int tls1_0 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_0;
- public static final int tls1_1 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_1;
- public static final int tls1_2 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_2;
- public SSLVersionRange(int min_enum, int max_enum)
- throws IllegalArgumentException {
- if ((min_enum >= SocketBase.SSL_LIBRARY_VERSION_3_0) &&
- (max_enum <= SocketBase.SSL_LIBRARY_VERSION_TLS_1_2) &&
- (min_enum <= max_enum)) {
- _min_enum = min_enum;
- _max_enum = max_enum;
- } else {
- throw new IllegalArgumentException("JSS SSLSocket SSLVersionRange: arguments out of range");
- }
- }
-
- int getMinEnum() { return _min_enum; }
- int getMaxEnum() { return _max_enum; }
-
- }
-
- public static class SSLProtocolVariant {
- private int _enum;
- private SSLProtocolVariant(int val) { _enum = val; }
-
- int getEnum() { return _enum; }
-
- public static final SSLProtocolVariant STREAM =
- new SSLProtocolVariant(SocketBase.SSL_Variant_Stream);
- public static final SSLProtocolVariant DATA_GRAM =
- new SSLProtocolVariant(SocketBase.SSL_Variant_Datagram);
+ public static void setSSLVersionRangeDefault(SSLProtocolVariant ssl_variant, SSLVersionRange range)
+ throws SocketException
+ {
+ if (range == null)
+ throw new SocketException("setSSLVersionRangeDefault: range null");
+ setSSLVersionRangeDefault(
+ ssl_variant.getEnum(),
+ range.getMinVersion().value(),
+ range.getMaxVersion().value());
}
- public static void setSSLVersionRangeDefault(SSLProtocolVariant ssl_variant, SSLVersionRange range)
+ public static SSLVersionRange boundSSLVersionRange(SSLProtocolVariant ssl_variant, SSLVersionRange range)
throws SocketException
{
if (range == null)
throw new SocketException("setSSLVersionRangeDefault: range null");
- setSSLVersionRangeDefault(ssl_variant.getEnum(), range.getMinEnum(), range.getMaxEnum());
+
+ return boundSSLVersionRange(
+ ssl_variant.getEnum(),
+ range.getMinVersion().value(),
+ range.getMaxVersion().value());
}
/**
@@ -1411,6 +1393,12 @@ public class SSLSocket extends java.net.Socket {
private static native void setSSLVersionRangeDefault(int ssl_variant, int min, int max)
throws SocketException;
+ /**
+ * Checks SSL Version Range against Default
+ */
+ private static native SSLVersionRange boundSSLVersionRange(int ssl_variant, int min, int max)
+ throws SocketException;
+
private static void setSSLDefaultOption(int option, boolean on)
throws SocketException
{
@@ -1545,21 +1533,6 @@ public class SSLSocket extends java.net.Socket {
close(); /* in case user did not call close */
}
- public static class CipherPolicy {
- private int _enum;
- private CipherPolicy(int _enum) { }
-
- int getEnum() { return _enum; }
-
- public static final CipherPolicy DOMESTIC =
- new CipherPolicy(SocketBase.SSL_POLICY_DOMESTIC);
- public static final CipherPolicy EXPORT =
- new CipherPolicy(SocketBase.SSL_POLICY_EXPORT);
- public static final CipherPolicy FRANCE =
- new CipherPolicy(SocketBase.SSL_POLICY_FRANCE);
-
- }
-
/**
* Sets the SSL cipher policy. This must be called before creating any
* SSL sockets.
=====================================
org/mozilla/jss/ssl/SSLVersion.java
=====================================
--- /dev/null
+++ b/org/mozilla/jss/ssl/SSLVersion.java
@@ -0,0 +1,52 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package org.mozilla.jss.ssl;
+
+public enum SSLVersion {
+
+ SSL_3_0 ("SSL3", SocketBase.SSL_LIBRARY_VERSION_3_0),
+ TLS_1_0 ("TLS1_0", SocketBase.SSL_LIBRARY_VERSION_TLS_1_0),
+ TLS_1_1 ("TLS1_1", SocketBase.SSL_LIBRARY_VERSION_TLS_1_1),
+ TLS_1_2 ("TLS1_2", SocketBase.SSL_LIBRARY_VERSION_TLS_1_2),
+ TLS_1_3 ("TLS1_3", SocketBase.SSL_LIBRARY_VERSION_TLS_1_3);
+
+ private String alias;
+ private int value;
+
+ private SSLVersion(String alias, int value) {
+ this.alias = alias;
+ this.value = value;
+ }
+
+ public String alias() {
+ return alias;
+ }
+
+ public int value() {
+ return value;
+ }
+
+ public static SSLVersion valueOf(int value) {
+ for (SSLVersion version : SSLVersion.values()) {
+ if (version.value == value) return version;
+ }
+
+ throw new IllegalArgumentException("Invalid SSLVersion value: " + value);
+ }
+
+ public static SSLVersion findByAlias(String alias) {
+
+ alias = alias.toUpperCase();
+
+ // find by alias
+ for (SSLVersion version : SSLVersion.values()) {
+ String a = version.alias.toUpperCase();
+ if (a.equals(alias)) return version;
+ }
+
+ // find by name
+ return SSLVersion.valueOf(alias);
+ }
+}
=====================================
org/mozilla/jss/ssl/SSLVersionRange.java
=====================================
--- /dev/null
+++ b/org/mozilla/jss/ssl/SSLVersionRange.java
@@ -0,0 +1,80 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+package org.mozilla.jss.ssl;
+
+public class SSLVersionRange {
+
+ private SSLVersion minVersion;
+ private SSLVersion maxVersion;
+
+ /**
+ * @deprecated Replaced with SSLVersion.SSL_3_0.
+ */
+ @Deprecated
+ public static final int ssl3 = SocketBase.SSL_LIBRARY_VERSION_3_0;
+
+ /**
+ * @deprecated Replaced with SSLVersion.TLS_1_0.
+ */
+ @Deprecated
+ public static final int tls1_0 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_0;
+
+ /**
+ * @deprecated Replaced with SSLVersion.TLS_1_1.
+ */
+ @Deprecated
+ public static final int tls1_1 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_1;
+
+ /**
+ * @deprecated Replaced with SSLVersion.TLS_1_2.
+ */
+ @Deprecated
+ public static final int tls1_2 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_2;
+
+ /**
+ * @deprecated Replaced with SSLVersion.TLS_1_3.
+ */
+ @Deprecated
+ public static final int tls1_3 = SocketBase.SSL_LIBRARY_VERSION_TLS_1_3;
+
+ public SSLVersionRange(SSLVersion minVersion, SSLVersion maxVersion) throws IllegalArgumentException {
+
+ if (minVersion.value() > maxVersion.value()) {
+ throw new IllegalArgumentException("Arguments out of range");
+ }
+
+ this.minVersion = minVersion;
+ this.maxVersion = maxVersion;
+ }
+
+ /**
+ * Used by the C code, do not use it directly
+ * @deprecated Replaced with SSLVersionRange(SSLVersion minVersion, SSLVersion maxVersion).
+ * @param min_enum
+ * @param max_enum
+ * @throws IllegalArgumentException
+ */
+ public SSLVersionRange(int min_enum, int max_enum) throws IllegalArgumentException {
+ this(SSLVersion.valueOf(min_enum), SSLVersion.valueOf(max_enum));
+ }
+
+ public SSLVersion getMinVersion() {
+ return minVersion;
+ }
+
+ public SSLVersion getMaxVersion() {
+ return maxVersion;
+ }
+
+ /**
+ * @return enumeration value
+ */
+ public int getMinEnum() { return minVersion.value(); }
+
+ /**
+ * @return enumeration value
+ */
+ public int getMaxEnum() { return maxVersion.value(); }
+}
=====================================
org/mozilla/jss/ssl/SocketBase.java
=====================================
--- a/org/mozilla/jss/ssl/SocketBase.java
+++ b/org/mozilla/jss/ssl/SocketBase.java
@@ -97,6 +97,7 @@ class SocketBase {
static final int SSL_LIBRARY_VERSION_TLS_1_0 = 30;
static final int SSL_LIBRARY_VERSION_TLS_1_1 = 31;
static final int SSL_LIBRARY_VERSION_TLS_1_2 = 32;
+ static final int SSL_LIBRARY_VERSION_TLS_1_3 = 35;
/* ssl/sslt.h */
static final int SSL_Variant_Stream = 33;
static final int SSL_Variant_Datagram = 34;
@@ -182,13 +183,13 @@ class SocketBase {
native void setSSLOption(int option, int on)
throws SocketException;
- void setSSLVersionRange(org.mozilla.jss.ssl.SSLSocket.SSLVersionRange range)
+ void setSSLVersionRange(SSLVersionRange range)
throws SocketException {
- setSSLVersionRange(range.getMinEnum(), range.getMaxEnum());
+ setSSLVersionRange(range.getMinVersion().value(), range.getMaxVersion().value());
}
/**
- * Sets SSL Version Range for this socket to support TLS v1.1 and v1.2
+ * Sets SSL Version Range for this socket to support TLS v1.1 to v1.3
*/
native void setSSLVersionRange(int min, int max)
throws SocketException;
=====================================
org/mozilla/jss/ssl/common.c
=====================================
--- a/org/mozilla/jss/ssl/common.c
+++ b/org/mozilla/jss/ssl/common.c
@@ -409,6 +409,7 @@ PRInt32 JSSL_enums[] = {
SSL_LIBRARY_VERSION_TLS_1_2, /* 32 */ /* sslproto.h */
ssl_variant_stream, /* 33 */ /* sslt.h */
ssl_variant_datagram, /* 34 */ /* sslt.h */
+ SSL_LIBRARY_VERSION_TLS_1_3, /* 35 */ /* sslproto.h */
0
};
=====================================
org/mozilla/jss/ssl/jssl.h
=====================================
--- a/org/mozilla/jss/ssl/jssl.h
+++ b/org/mozilla/jss/ssl/jssl.h
@@ -87,7 +87,7 @@ JSSL_DestroySocketData(JNIEnv *env, JSSL_SocketData *sd);
extern PRInt32 JSSL_enums[];
-#define JSSL_enums_size 35
+#define JSSL_enums_size 36
JSSL_SocketData*
JSSL_CreateSocketData(JNIEnv *env, jobject sockObj, PRFileDesc* newFD,
=====================================
org/mozilla/jss/tests/Constants.java
=====================================
--- a/org/mozilla/jss/tests/Constants.java
+++ b/org/mozilla/jss/tests/Constants.java
@@ -150,7 +150,14 @@ public interface Constants {
/*85*/ new cipher(SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"),
/*86*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"),
/*87*/ new cipher(SSLSocket.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"),
-/*88*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
+/*88*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"),
+// TLSv1_3
+/*89*/ new cipher(SSLSocket.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"),
+/*90*/ new cipher(SSLSocket.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"),
+/*91*/ new cipher(SSLSocket.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"),
+/*92*/ new cipher(SSLSocket.TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256"),
+/*93*/ new cipher(SSLSocket.TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384"),
+/*94*/ new cipher(SSLSocket.TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256")
};
/** Cipher supported by JSSE (JDK 1.5.x) */
=====================================
org/mozilla/jss/tests/SSLClientAuth.java
=====================================
--- a/org/mozilla/jss/tests/SSLClientAuth.java
+++ b/org/mozilla/jss/tests/SSLClientAuth.java
@@ -171,7 +171,7 @@ public class SSLClientAuth implements Runnable {
private void generateCerts(CryptoManager cm, int serialNum) {
// RSA Key with default exponent
- int keyLength = 1024;
+ int keyLength = 2048;
try {
java.security.KeyPairGenerator kpg =
java.security.KeyPairGenerator.getInstance("RSA",
=====================================
org/mozilla/jss/tests/all.pl
=====================================
--- a/org/mozilla/jss/tests/all.pl
+++ b/org/mozilla/jss/tests/all.pl
@@ -149,10 +149,11 @@ sub setup_vars {
$jss_rel_dir = "$dist_dir/classes/org";
$jss_classpath = "$dist_dir/xpclass.jar";
- $ENV{CLASSPATH} .= "$dist_dir/xpclass.jar";
- ( -f $ENV{CLASSPATH} ) or die "$ENV{CLASSPATH} does not exist";
- #$ENV{$ld_lib_path} = $ENV{$ld_lib_path} . $pathsep . "$obj_dir/lib";
- $ENV{$ld_lib_path} = "$obj_dir/lib";
+ ( -f $jss_classpath ) or die "$jss_classpath does not exist";
+
+ $ENV{CLASSPATH} .= "$jss_classpath";
+ #$ENV{$ld_lib_path} = $ENV{$ld_lib_path} . $pathsep . "$nss_lib_dir";
+ $ENV{$ld_lib_path} = "$nss_lib_dir";
} elsif( $$argv[0] eq "release" ) {
shift @$argv;
@@ -161,17 +162,19 @@ sub setup_vars {
my $nss_rel_dir = shift @$argv or usage();
my $nspr_rel_dir = shift @$argv or usage();
- $ENV{CLASSPATH} .= "$jss_rel_dir/../xpclass.jar";
- $ENV{$ld_lib_path} =
- "$jss_rel_dir/lib$pathsep$nss_rel_dir/lib$pathsep$nspr_rel_dir/lib"
- . $pathsep . $ENV{$ld_lib_path};
- print "LD_LIBRARY_PATH is $ld_lib_path\n";
- print "$ld_lib_path=$ENV{$ld_lib_path}\n";
+ $nspr_lib_dir = "$nspr_rel_dir/lib";
$nss_bin_dir = "$nss_rel_dir/bin";
$nss_lib_dir = "$nss_rel_dir/lib";
- $jss_lib_dir = "$nss_rel_dir/lib";
+ $jss_lib_dir = "$jss_rel_dir/lib";
$jss_classpath = "$jss_rel_dir/../xpclass.jar";
+ $ENV{CLASSPATH} .= "$jss_classpath";
+ $ENV{$ld_lib_path} =
+ "$jss_lib_dir" . $pathsep .
+ "$nss_lib_dir" . $pathsep .
+ "$nspr_lib_dir" . $pathsep .
+ $ENV{$ld_lib_path};
+
} else {
usage();
}
@@ -223,7 +226,7 @@ sub setup_vars {
}
#MAC OS X have the -Djava.library.path for the JSS JNI library
- if ($osname =~ /Darwin/) {
+ if ($osname =~ /Darwin/ || $osname =~ /Linux/) {
$java = $java . " -Djava.library.path=$jss_lib_dir";
}
@@ -426,8 +429,9 @@ if( ! -d $testdir ) {
my @dbfiles =
("$testdir/cert8.db", "$testdir/key3.db", "$testdir/secmod.db", "$testdir/rsa.pfx");
(grep{ -f } @dbfiles) and die "There is already an old database in $testdir";
- my $result = system("cp $nss_lib_dir/*nssckbi* $testdir"); $result >>= 8;
- $result and die "Failed to copy built-ins library";
+ my $result = system("cp $nss_lib_dir/*nssckbi* $testdir");
+ $result >>= 8;
+ # $result and die "Failed to copy built-ins library";
}
print "creating pkcs11config file\n";
=====================================
org/mozilla/jss/util/Assert.java
=====================================
--- a/org/mozilla/jss/util/Assert.java
+++ b/org/mozilla/jss/util/Assert.java
@@ -5,10 +5,7 @@ package org.mozilla.jss.util;
/**
* C-style assertions in Java.
- * These methods are only active in debug mode
- * (org.mozilla.jss.Debug.DEBUG==true).
*
- * @see org.mozilla.jss.util.Debug
* @see org.mozilla.jss.util.AssertionException
* @version $Revision$ $Date$
*/
=====================================
org/mozilla/jss/util/AssertionException.java
=====================================
--- a/org/mozilla/jss/util/AssertionException.java
+++ b/org/mozilla/jss/util/AssertionException.java
@@ -10,7 +10,6 @@ package org.mozilla.jss.util;
* VM to halt and print a stack trace.
*
* @see org.mozilla.jss.util.Assert
- * @see org.mozilla.jss.util.Debug
* @version $Revision$ $Date$
*/
public class AssertionException extends RuntimeException {
=====================================
org/mozilla/jss/util/Debug_debug.jnot deleted
=====================================
--- a/org/mozilla/jss/util/Debug_debug.jnot
+++ /dev/null
@@ -1,118 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/**********************************************************************
- * --------------------------- W A R N I N G --------------------------
- *
- * This file is the same as Debug_ship.jnot, except the static final
- * constants have been set to enable debugging and tracing. You must
- * double-edit any changes in this file into Debug_ship.jnot, and
- * vice-versa.
- **********************************************************************/
-
-package org.mozilla.jss.util;
-
-/**
- * Controls debug-mode operation of JSS classes, and allows for printing
- * trace statements to standard output.
- *
- * @see org.mozilla.jss.util.Assert
- * @version $Revision$ $Date$
- */
-public class Debug
-{
- /**
- * Controls debug mode for JSS. If DEBUG==true, debugging
- * code will be enabled. If DEBUG==false, debugging code will not be
- * executed. This variable does not influence the printing of trace
- * statements; their execution depends on the debug level, which can
- * be accessed through setLevel and getLevel.
- *
- * @see org.mozilla.jss.util.Assert
- */
- public static final boolean DEBUG = true;
-
- public static final int OBNOXIOUS = 10;
- public static final int VERBOSE = 5;
- public static final int ERROR = 1;
- public static final int QUIET = 0;
-
- /**
- * The debug level of the application. This gives the level of detail
- * trace messages will contain. A level of 0 means no debugging
- * statements will be printed.
- *
- * !!If you change this, change it in the native code too!!
- */
- private static int mDebugLevel = VERBOSE;
-
- /**
- * Print a trace statement to standard output.
- *
- * @param level The detail level of the statement.
- * The level must be greater than 0.
- * @param str The trace statement.
- */
- public synchronized static void trace(int level, String str)
- {
- // validate arguments in debug mode
- if(DEBUG && (level < 0) ) {
- throw new AssertionException("invalid debugging level "+level+
- " in trace");
- }
- if (level <= mDebugLevel)
- {
- System.out.println(Thread.currentThread().getName() + ": " + str);
- System.out.flush();
- }
- }
-
- /**
- * Print a trace statement to standard output.
- * Uses the VERBOSE detail level.
- *
- * @param str The trace statement.
- */
- public synchronized static void trace(String str)
- {
- trace(VERBOSE, str);
- }
-
- /**
- * Set the debugging level of the application.
- * The level must not be negative.
- */
- public synchronized static void setLevel(int level)
- {
- // In debugging mode, validate argument
- if( DEBUG && (level < 0) ) {
- throw new AssertionException("invalid debugging level set");
- }
-
- mDebugLevel = level;
- setNativeLevel(level);
- }
- private static native void setNativeLevel(int level);
-
- /**
- * Get debugging level of the application.
- *
- * @return The current debugging level of the application.
- */
- public synchronized static int getLevel() {
- return mDebugLevel;
- }
-
- public synchronized static String getLevelStr() {
- switch(mDebugLevel) {
- case QUIET: return "QUIET";
- case ERROR: return "ERROR";
- case VERBOSE: return "VERBOSE";
- case OBNOXIOUS: return "OBNOXIOUS";
- default:
- return String.valueOf(mDebugLevel);
- }
- }
-}
-
=====================================
org/mozilla/jss/util/Debug_ship.jnot deleted
=====================================
--- a/org/mozilla/jss/util/Debug_ship.jnot
+++ /dev/null
@@ -1,119 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/**********************************************************************
- * --------------------------- W A R N I N G --------------------------
- *
- * This file is the same as Debug_debug.jnot, except the static final
- * constants have been set to disable debugging and tracing. You must
- * double-edit any changes in this file into Debug_debug.jnot, and
- * vice-versa.
- **********************************************************************/
-
-
-package org.mozilla.jss.util;
-
-/**
- * Controls debug-mode operation of JSS classes, and allows for printing
- * trace statements to standard output.
- *
- * @see org.mozilla.jss.util.Assert
- * @version $Revision$ $Date$
- */
-public class Debug
-{
- /**
- * Controls debug mode for JSS. If DEBUG==true, debugging
- * code will be enabled. If DEBUG==false, debugging code will not be
- * executed. This variable does not influence the printing of trace
- * statements; their execution depends on the debug level, which can
- * be accessed through setLevel and getLevel.
- *
- * @see org.mozilla.jss.util.Assert
- */
- public static final boolean DEBUG = false;
-
- public static final int OBNOXIOUS = 10;
- public static final int VERBOSE = 5;
- public static final int ERROR = 1;
- public static final int QUIET = 0;
-
- /**
- * The debug level of the application. This gives the level of detail
- * trace messages will contain. A level of 0 means no debugging
- * statements will be printed.
- *
- * !!If you change this, change it in the native code too!!
- */
- private static int mDebugLevel = ERROR;
-
- /**
- * Print a trace statement to standard output.
- *
- * @param level The detail level of the statement.
- * The level must be greater than 0.
- * @param str The trace statement.
- */
- public synchronized static void trace(int level, String str)
- {
- // validate arguments in debug mode
- if(DEBUG && (level < 0) ) {
- throw new AssertionException("invalid debugging level "+level+
- " in trace");
- }
- if (level <= mDebugLevel)
- {
- System.out.println(Thread.currentThread().getName() + ": " + str);
- System.out.flush();
- }
- }
-
- /**
- * Print a trace statement to standard output.
- * Uses the VERBOSE detail level.
- *
- * @param str The trace statement.
- */
- public synchronized static void trace(String str)
- {
- trace(VERBOSE, str);
- }
-
- /**
- * Set the debugging level of the application.
- * The level must not be negative.
- */
- public synchronized static void setLevel(int level)
- {
- // In debugging mode, validate argument
- if( DEBUG && (level < 0) ) {
- throw new AssertionException("invalid debugging level set");
- }
-
- mDebugLevel = level;
- setNativeLevel(level);
- }
- private static native void setNativeLevel(int level);
-
- /**
- * Get debugging level of the application.
- *
- * @return The current debugging level of the application.
- */
- public synchronized static int getLevel() {
- return mDebugLevel;
- }
-
- public synchronized static String getLevelStr() {
- switch(mDebugLevel) {
- case QUIET: return "QUIET";
- case ERROR: return "ERROR";
- case VERBOSE: return "VERBOSE";
- case OBNOXIOUS: return "OBNOXIOUS";
- default:
- return String.valueOf(mDebugLevel);
- }
- }
-}
-
=====================================
org/mozilla/jss/util/Makefile
=====================================
--- a/org/mozilla/jss/util/Makefile
+++ b/org/mozilla/jss/util/Makefile
@@ -28,8 +28,6 @@ include $(CORE_DEPTH)/config/config.mk
include config.mk
-ALL_TRASH += Debug.java
-
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
=====================================
org/mozilla/jss/util/java_ids.h
=====================================
--- a/org/mozilla/jss/util/java_ids.h
+++ b/org/mozilla/jss/util/java_ids.h
@@ -45,13 +45,6 @@ PR_BEGIN_EXTERN_C
#define COLLECTION_ADD_SIG "(Ljava/lang/Object;)Z"
/*
- * Debug
- */
-#define DEBUG_CLASS_NAME "org/mozilla/jss/util/Debug"
-#define DEBUG_TRACE_NAME "trace"
-#define DEBUG_TRACE_SIG "(ILjava/lang/String;)V"
-
-/*
* InetAddress
*/
#define GET_ADDR_NAME "getAddress"
@@ -370,6 +363,14 @@ PR_BEGIN_EXTERN_C
*/
#define X509_CERT_CLASS "org/mozilla/jss/crypto/X509Certificate"
+
+/*
+ * SSLVersionRange
+ */
+#define SSL_VERSION_RANGE_CLASS_NAME "org/mozilla/jss/ssl/SSLVersionRange"
+#define SSL_VERSION_RANGE_CONSTRUCTOR_NAME "<init>"
+#define SSL_VERSION_RANGE_CONSTRUCTOR_SIG "(II)V"
+
PR_END_EXTERN_C
#endif
=====================================
org/mozilla/jss/util/jssutil.c
=====================================
--- a/org/mozilla/jss/util/jssutil.c
+++ b/org/mozilla/jss/util/jssutil.c
@@ -476,7 +476,7 @@ static int debugLevel = JSS_TRACE_ERROR;
*
* INPUTS
* level
- * The trace level, from org.mozilla.jss.util.Debug.
+ * The trace level.
* mesg
* The trace message. Must not be NULL.
*/
@@ -526,19 +526,6 @@ JSS_assertOutOfMem(JNIEnv *env)
}
/***********************************************************************
- * Debug.setNativeLevel
- *
- * If the debug level is changed in Java code, change it in native
- * code as well.
- */
-JNIEXPORT void JNICALL
-Java_org_mozilla_jss_util_Debug_setNativeLevel
- (JNIEnv *env, jclass clazz, jint level)
-{
- debugLevel = level;
-}
-
-/***********************************************************************
* Copies the contents of a SECItem into a new Java byte array.
*
* item
View it on GitLab: https://salsa.debian.org/freeipa-team/jss/compare/878980a121848da2fc0d6451559dd768a0ad37e5...0399b90e311e32f533bef59cd1a3edc2037d957d
--
View it on GitLab: https://salsa.debian.org/freeipa-team/jss/compare/878980a121848da2fc0d6451559dd768a0ad37e5...0399b90e311e32f533bef59cd1a3edc2037d957d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20180815/b3fd0b8c/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list