This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 31f324ae82bd25158b884c3c2a8e9e1de95dbdd4
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Nov 4 14:43:15 2019 +0000
Refactor to align better with 9.0.x
---
java/org/apache/tomcat/util/compat/Jre8Compat.java | 5 +----
java/org/apache/tomcat/util/compat/JreCompat.java | 2 +-
java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java | 9 ++++-----
3 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/java/org/apache/tomcat/util/compat/Jre8Compat.java
b/java/org/apache/tomcat/util/compat/Jre8Compat.java
index e76ac35..dfc2c87 100644
--- a/java/org/apache/tomcat/util/compat/Jre8Compat.java
+++ b/java/org/apache/tomcat/util/compat/Jre8Compat.java
@@ -24,7 +24,6 @@ import java.security.KeyStore.LoadStoreParameter;
import java.util.Collections;
import java.util.Map;
-import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import org.apache.juli.logging.Log;
@@ -81,13 +80,11 @@ class Jre8Compat extends JreCompat {
@Override
- public void setUseServerCipherSuitesOrder(SSLEngine engine,
+ public void setUseServerCipherSuitesOrder(SSLParameters sslParameters,
boolean useCipherSuitesOrder) {
- SSLParameters sslParameters = engine.getSSLParameters();
try {
setUseCipherSuitesOrderMethod.invoke(sslParameters,
Boolean.valueOf(useCipherSuitesOrder));
- engine.setSSLParameters(sslParameters);
} catch (IllegalArgumentException e) {
throw new UnsupportedOperationException(e);
} catch (IllegalAccessException e) {
diff --git a/java/org/apache/tomcat/util/compat/JreCompat.java
b/java/org/apache/tomcat/util/compat/JreCompat.java
index 4deb72c..814dfae 100644
--- a/java/org/apache/tomcat/util/compat/JreCompat.java
+++ b/java/org/apache/tomcat/util/compat/JreCompat.java
@@ -81,7 +81,7 @@ public class JreCompat {
@SuppressWarnings("unused")
- public void setUseServerCipherSuitesOrder(SSLEngine engine, boolean
useCipherSuitesOrder) {
+ public void setUseServerCipherSuitesOrder(SSLParameters engine, boolean
useCipherSuitesOrder) {
throw new
UnsupportedOperationException(sm.getString("jreCompat.noServerCipherSuiteOrder"));
}
diff --git a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
index 5f95cfa..984b493 100644
--- a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
@@ -135,16 +135,16 @@ public abstract class AbstractJsseEndpoint<S> extends
AbstractEndpoint<S> {
engine.setEnabledCipherSuites(sslHostConfig.getEnabledCiphers());
engine.setEnabledProtocols(sslHostConfig.getEnabledProtocols());
+ SSLParameters sslParameters = engine.getSSLParameters();
String honorCipherOrderStr = sslHostConfig.getHonorCipherOrder();
if (honorCipherOrderStr != null) {
boolean honorCipherOrder =
Boolean.parseBoolean(honorCipherOrderStr);
- JreCompat.getInstance().setUseServerCipherSuitesOrder(engine,
honorCipherOrder);
+
JreCompat.getInstance().setUseServerCipherSuitesOrder(sslParameters,
honorCipherOrder);
}
if (JreCompat.isJre9Available() && clientRequestedApplicationProtocols
!= null
&& clientRequestedApplicationProtocols.size() > 0
&& negotiableProtocols.size() > 0) {
- SSLParameters sslParameters = engine.getSSLParameters();
// Only try to negotiate if both client and server have at least
// one protocol in common
// Note: Tomcat does not explicitly negotiate http/1.1
@@ -156,10 +156,9 @@ public abstract class AbstractJsseEndpoint<S> extends
AbstractEndpoint<S> {
String[] commonProtocolsArray = commonProtocols.toArray(new
String[commonProtocols.size()]);
JreCompat.getInstance().setApplicationProtocols(sslParameters,
commonProtocolsArray);
}
-
- // In case the getter returns a defensive copy
- engine.setSSLParameters(sslParameters);
}
+ // In case the getter returns a defensive copy
+ engine.setSSLParameters(sslParameters);
return engine;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
