changelog.xml

Violeta Georgieva Sun, 26 Mar 2017 11:59:45 -0700

Hi,

2017-03-26 21:27 GMT+03:00 Martin Grigorov <mgrigo...@apache.org>:
>
> Hi Violeta,
>
> On Sun, Mar 26, 2017 at 6:21 PM, <violet...@apache.org> wrote:
>
> > Author: violetagg
> > Date: Sun Mar 26 16:21:03 2017
> > New Revision: 1788741
> >
> > URL: http://svn.apache.org/viewvc?rev=1788741&view=rev
> > Log:
> > Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60911
> > Ensure NPE will not be thrown when looking for SSL session ID. Based on
a
> > pacth by Didier Gutacker.
> >
> > Modified:
> >     tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
> >     tomcat/trunk/webapps/docs/changelog.xml
> >
> > Modified: tomcat/trunk/java/org/apache/catalina/connector/
> > CoyoteAdapter.java
> > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/
> > catalina/connector/CoyoteAdapter.java?rev=1788741&r1=1788740&r2=1788741&
> > view=diff
> > ============================================================
> > ==================
> > --- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
> > (original)
> > +++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
> > Sun Mar 26 16:21:03 2017
> > @@ -980,9 +980,11 @@ public class CoyoteAdapter implements Ad
> >                  SSL_ONLY.equals(request.getServletContext()
> >                          .getEffectiveSessionTrackingModes()) &&
> >                          request.connector.secure) {
> > -            request.setRequestedSessionId(
> > -                    request.getAttribute(SSLSupport.SESSION_ID_KEY).
> > toString());
> > -            request.setRequestedSessionSSL(true);
> > +            String sessionId = (String) request.getAttribute(
> > SSLSupport.SESSION_ID_KEY);
> >
>
> Either this cast will lead to ClassCastException...


Nice catch. The attribute is String so ClassCastException is not expected.

>
> > +            if (sessionId != null) {
> > +                request.setRequestedSessionId(sessionId.toString());
> >
>
> ... or this this call to #toString() is not needed.

I'll remove this toString()

Thanks for the review,
Violeta

>
> > +                request.setRequestedSessionSSL(true);
> > +            }
> >          }
> >      }
> >
> >
> > Modified: tomcat/trunk/webapps/docs/changelog.xml
> > URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/
> > changelog.xml?rev=1788741&r1=1788740&r2=1788741&view=diff
> > ============================================================
> > ==================
> > --- tomcat/trunk/webapps/docs/changelog.xml (original)
> > +++ tomcat/trunk/webapps/docs/changelog.xml Sun Mar 26 16:21:03 2017
> > @@ -93,6 +93,10 @@
> >          single utility class and update the code to use the new utility
> > class.
> >          (markt)
> >        </scode>
> > +      <fix>
> > +        <bug>60911</bug>: Ensure NPE will not be thrown when looking
for
> > SSL
> > +        session ID. Based on a pacth by Didier Gutacker. (violetagg)
> > +      </fix>
> >      </changelog>
> >    </subsection>
> >    <subsection name="Coyote">
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: dev-h...@tomcat.apache.org
> >
> >

Re: svn commit: r1788741 - in /tomcat/trunk: java/org/apache/catalina/connector/CoyoteAdapter.java webapps/docs/changelog.xml

Reply via email to