Author: markt
Date: Mon Nov 2 12:30:53 2015
New Revision: 1711945
URL: http://svn.apache.org/viewvc?rev=1711945&view=rev
Log:
Improve logic when SNI callback is not available or the SNI host name is
unknown.
Based on kkolinko's review of fix for BZ 58566.
Modified:
tomcat/native/trunk/native/src/sslcontext.c
Modified: tomcat/native/trunk/native/src/sslcontext.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1711945&r1=1711944&r2=1711945&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Mon Nov 2 12:30:53 2015
@@ -107,15 +107,17 @@ int ssl_callback_ServerNameIndication(SS
original_ssl_context = P2J(c->ctx);
// Make the call only if the static method exists
- if (sni_java_callback != 0) {
- new_ssl_context = (*env)->CallStaticLongMethod(env,
- ssl_context_class,
- sni_java_callback,
- original_ssl_context,
- hostname);
+ if (sni_java_callback == NULL) {
+ return SSL_TLSEXT_ERR_OK;
}
+
+ new_ssl_context = (*env)->CallStaticLongMethod(env,
+ ssl_context_class,
+ sni_java_callback,
+ original_ssl_context,
+ hostname);
- if (original_ssl_context != new_ssl_context) {
+ if (new_ssl_context != 0 && original_ssl_context != new_ssl_context) {
SSL_set_SSL_CTX(ssl, J2P(new_ssl_context, SSL_CTX *));
}
@@ -286,7 +288,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
sni_java_callback = (*e)->GetStaticMethodID(e, ssl_context_class,
"sniCallBack",
"(JLjava/lang/String;)J");
/* Older Tomcat versions may not have this static method */
- if ( JNI_TRUE == (*e)->ExceptionCheck(e) ) {
+ if ( (*e)->ExceptionCheck(e) ) {
(*e)->ExceptionClear(e);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
