svn commit: r1711991 - /tomcat/native/trunk/native/src/sslcontext.c

Mon, 02 Nov 2015 05:49:07 -0800 

Author: markt
Date: Mon Nov  2 13:48:08 2015
New Revision: 1711991

URL: http://svn.apache.org/viewvc?rev=1711991&view=rev
Log:
Implement review comments from kkolinko on the original fix for BZ 58566
Quit as early as possible if no SNI callback method is available in the Java 
code
Ensure that Java long values always point to tcn_ssl_ctxt_t structures

Modified:
    tomcat/native/trunk/native/src/sslcontext.c

Modified: tomcat/native/trunk/native/src/sslcontext.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1711991&r1=1711990&r2=1711991&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Mon Nov  2 13:48:08 2015
@@ -97,19 +97,21 @@ int ssl_callback_ServerNameIndication(SS
     const char *servername;
     jstring hostname;
     jlong original_ssl_context, new_ssl_context;
+    tcn_ssl_ctxt_t *new_c;
+    
+    // Continue only if the static method exists
+    if (sni_java_callback == NULL) {
+        return SSL_TLSEXT_ERR_OK;
+    }
+    
     (*javavm)->AttachCurrentThread(javavm, (void **)&env, NULL);
 
     // Get the host name presented by the client
     servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
 
-    // Convert parameters ready for the method call
+    // Convert to Java compatible parameters ready for the method call
     hostname = (*env)->NewStringUTF(env, servername);
-    original_ssl_context = P2J(c->ctx);
-
-    // Make the call only if the static method exists
-    if (sni_java_callback == NULL) {
-        return SSL_TLSEXT_ERR_OK;
-    }
+    original_ssl_context = P2J(c);
     
     new_ssl_context = (*env)->CallStaticLongMethod(env,
                                                    ssl_context_class,
@@ -117,9 +119,10 @@ int ssl_callback_ServerNameIndication(SS
                                                    original_ssl_context,
                                                    hostname);
 
-    if (new_ssl_context != 0 && original_ssl_context != new_ssl_context) {
-        SSL_set_SSL_CTX(ssl, J2P(new_ssl_context, SSL_CTX *));
-    }
+    if (new_ssl_context != 0 && new_ssl_context != original_ssl_context) {
+        new_c = J2P(new_ssl_context, tcn_ssl_ctxt_t *);
+        SSL_set_SSL_CTX(ssl, new_c->ctx);
+       }
 
     return SSL_TLSEXT_ERR_OK;
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to