svn commit: r834340 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

Mon, 09 Nov 2009 20:55:05 -0800 

Author: costin
Date: Tue Nov 10 04:54:34 2009
New Revision: 834340

URL: http://svn.apache.org/viewvc?rev=834340&view=rev
Log:
Invalidate the session - so it can't be resumed. 
Not sure what else we can do using this hook - we could switch to SSLEngine, 
but that's pretty large change. 

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=834340&r1=834339&r2=834340&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
Tue Nov 10 04:54:34 2009
@@ -178,6 +178,7 @@
             if (completed) {
                 try {
                     log.warn("SSL renegotiation is disabled, closing 
connection");
+                    event.getSession().invalidate();
                     event.getSocket().close();
                 } catch (IOException e) {
                     // ignore



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to