Author: markt
Date: Thu Aug 21 01:36:43 2008
New Revision: 687645
URL: http://svn.apache.org/viewvc?rev=687645&view=rev
Log:
Update patch for 45528
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=687645&r1=687644&r2=687645&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Thu Aug 21 01:36:43 2008
@@ -26,7 +26,6 @@
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;
-import java.net.SocketTimeoutException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CRL;
@@ -696,7 +695,7 @@
* Configures the given SSL server socket with the requested cipher suites,
* protocol versions, and need for client authentication
*/
- private void initServerSocket(ServerSocket ssocket) throws IOException {
+ private void initServerSocket(ServerSocket ssocket) {
SSLServerSocket socket = (SSLServerSocket) ssocket;
@@ -714,7 +713,7 @@
}
/**
- * Checks that the cetificate is compatible with the enabled cipher suites.
+ * Checks that the certificate is compatible with the enabled cipher
suites.
* If we don't check now, the JIoEndpoint can enter a nasty logging loop.
* See bug 45528.
*/
@@ -723,10 +722,11 @@
ServerSocket socket = sslProxy.createServerSocket();
initServerSocket(socket);
- // Set the timeout to 1ms as all we care about is if it throws an
- // exception on accept.
- socket.setSoTimeout(1);
try {
+ // Set the timeout to 1ms as all we care about is if it throws an
+ // SSLException on accept.
+ socket.setSoTimeout(1);
+
socket.accept();
// Will never get here - no client can connect to an unbound port
} catch (SSLException ssle) {
@@ -735,10 +735,22 @@
"jsse.invalid_ssl_conf", ssle.getMessage()));
ioe.initCause(ssle);
throw ioe;
- } catch (SocketTimeoutException ste) {
- // Expected if all is well - do nothing
+ } catch (Exception e) {
+ /*
+ * Possible ways of getting here
+ * socket.accept() throws a SecurityException
+ * socket.setSoTimeout() throws a SocketException
+ * socket.accept() throws some other exception (after a JDK change)
+ * In these cases the test won't work so carry on -
essentially
+ * the behaviour before this patch
+ * socket.accept() throws a SocketTimeoutException
+ * In this case all is well so carry on
+ */
} finally {
- socket.close();
+ // Should be open here but just in case
+ if (!socket.isClosed()) {
+ socket.close();
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
