This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 14edcf8621a22d883caa77ecf089aa29ba506b08
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 28 09:58:43 2021 +0000
Ensure the name of the default SSLHostConfig is always lower case
This is the third part of the fix to make mapping of SNI values to SSL
virtual hosts case insensitive.
---
java/org/apache/tomcat/util/net/AbstractEndpoint.java | 7 ++++++-
java/org/apache/tomcat/util/net/SSLHostConfig.java | 3 +++
webapps/docs/config/http.xml | 3 ++-
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 2b47dee..89a134e 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -26,6 +26,7 @@ import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
+import java.util.Locale;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
@@ -204,11 +205,15 @@ public abstract class AbstractEndpoint<S> {
// -----------------------------------------------------------------
Properties
private String defaultSSLHostConfigName =
SSLHostConfig.DEFAULT_SSL_HOST_NAME;
+ /**
+ * @return The host name for the default SSL configuration for this
endpoint
+ * - always in lower case.
+ */
public String getDefaultSSLHostConfigName() {
return defaultSSLHostConfigName;
}
public void setDefaultSSLHostConfigName(String defaultSSLHostConfigName) {
- this.defaultSSLHostConfigName = defaultSSLHostConfigName;
+ this.defaultSSLHostConfigName =
defaultSSLHostConfigName.toLowerCase(Locale.ENGLISH);
}
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 4e72bb3..56d7b6a 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -52,6 +52,9 @@ public class SSLHostConfig implements Serializable {
private static final String DEFAULT_CIPHERS =
"HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA";
+ // Must be lower case. SSL host names are always stored using lower case as
+ // they are case insensitive but are used by case sensitive code such as
+ // keys in Maps.
protected static final String DEFAULT_SSL_HOST_NAME = "_default_";
protected static final Set<String> SSL_PROTO_ALL_SET = new HashSet<>();
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 26439b5..5239a36 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -106,7 +106,8 @@
connections) if the client connection does not provide SNI or if the SNI
is provided but does not match any configured
<strong>SSLHostConfig</strong>. If not specified the default value of
- <code>_default_</code> will be used.</p>
+ <code>_default_</code> will be used. Provided values are always converted
+ to lower case.</p>
</attribute>
<attribute name="discardFacades" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
