Author: markt Date: Thu Aug 21 01:36:43 2008 New Revision: 687645 URL: http://svn.apache.org/viewvc?rev=687645&view=rev Log: Update patch for 45528
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=687645&r1=687644&r2=687645&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Thu Aug 21 01:36:43 2008 @@ -26,7 +26,6 @@ import java.net.ServerSocket; import java.net.Socket; import java.net.SocketException; -import java.net.SocketTimeoutException; import java.security.KeyStore; import java.security.SecureRandom; import java.security.cert.CRL; @@ -696,7 +695,7 @@ * Configures the given SSL server socket with the requested cipher suites, * protocol versions, and need for client authentication */ - private void initServerSocket(ServerSocket ssocket) throws IOException { + private void initServerSocket(ServerSocket ssocket) { SSLServerSocket socket = (SSLServerSocket) ssocket; @@ -714,7 +713,7 @@ } /** - * Checks that the cetificate is compatible with the enabled cipher suites. + * Checks that the certificate is compatible with the enabled cipher suites. * If we don't check now, the JIoEndpoint can enter a nasty logging loop. * See bug 45528. */ @@ -723,10 +722,11 @@ ServerSocket socket = sslProxy.createServerSocket(); initServerSocket(socket); - // Set the timeout to 1ms as all we care about is if it throws an - // exception on accept. - socket.setSoTimeout(1); try { + // Set the timeout to 1ms as all we care about is if it throws an + // SSLException on accept. + socket.setSoTimeout(1); + socket.accept(); // Will never get here - no client can connect to an unbound port } catch (SSLException ssle) { @@ -735,10 +735,22 @@ "jsse.invalid_ssl_conf", ssle.getMessage())); ioe.initCause(ssle); throw ioe; - } catch (SocketTimeoutException ste) { - // Expected if all is well - do nothing + } catch (Exception e) { + /* + * Possible ways of getting here + * socket.accept() throws a SecurityException + * socket.setSoTimeout() throws a SocketException + * socket.accept() throws some other exception (after a JDK change) + * In these cases the test won't work so carry on - essentially + * the behaviour before this patch + * socket.accept() throws a SocketTimeoutException + * In this case all is well so carry on + */ } finally { - socket.close(); + // Should be open here but just in case + if (!socket.isClosed()) { + socket.close(); + } } } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]