This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new a47066f 63706: Avoid NPE accessing https port with plaintext
a47066f is described below
commit a47066f28d778aca8b04e5e1ebf2f92c57cf8d0b
Author: remm <[email protected]>
AuthorDate: Thu Aug 29 18:26:09 2019 +0200
63706: Avoid NPE accessing https port with plaintext
---
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 10 ++++++----
java/org/apache/tomcat/util/net/NioEndpoint.java | 10 ++++++----
webapps/docs/changelog.xml | 7 +++++++
3 files changed, 19 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index 4b59c9b..88c17cc 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -1578,11 +1578,13 @@ public class Nio2Endpoint extends
AbstractJsseEndpoint<Nio2Channel,AsynchronousS
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNio2Channel) {
SecureNio2Channel ch = (SecureNio2Channel) getSocket();
- SSLSession session = ch.getSslEngine().getSession();
- return ((Nio2Endpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
- } else {
- return null;
+ SSLEngine sslEngine = ch.getSslEngine();
+ if (sslEngine != null) {
+ SSLSession session = sslEngine.getSession();
+ return ((Nio2Endpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
+ }
}
+ return null;
}
diff --git a/java/org/apache/tomcat/util/net/NioEndpoint.java
b/java/org/apache/tomcat/util/net/NioEndpoint.java
index 0df3b0a..78a74f0 100644
--- a/java/org/apache/tomcat/util/net/NioEndpoint.java
+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java
@@ -1389,11 +1389,13 @@ public class NioEndpoint extends
AbstractJsseEndpoint<NioChannel,SocketChannel>
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNioChannel) {
SecureNioChannel ch = (SecureNioChannel) getSocket();
- SSLSession session = ch.getSslEngine().getSession();
- return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
- } else {
- return null;
+ SSLEngine sslEngine = ch.getSslEngine();
+ if (sslEngine != null) {
+ SSLSession session = sslEngine.getSession();
+ return ((NioEndpoint)
getEndpoint()).getSslImplementation().getSSLSupport(session);
+ }
}
+ return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d2abd52..18277ca 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -58,6 +58,13 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ <bug>63706</bug>: Avoid NPE accessing https port with plaintext. (remm)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Web applications">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
