svn commit: r1159307 - in /tomcat/tc5.5.x/trunk: STATUS.txt connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties container/webapps/docs/changelog.xml

Thu, 18 Aug 2011 09:44:58 -0700 

Author: markt
Date: Thu Aug 18 16:44:33 2011
New Revision: 1159307

URL: http://svn.apache.org/viewvc?rev=1159307&view=rev
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50744
Skip SSL configuration check if we cannot create an unbound socket

Modified:
    tomcat/tc5.5.x/trunk/STATUS.txt
    
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
    
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
    tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml

Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STATUS.txt?rev=1159307&r1=1159306&r2=1159307&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/STATUS.txt (original)
+++ tomcat/tc5.5.x/trunk/STATUS.txt Thu Aug 18 16:44:33 2011
@@ -25,12 +25,6 @@ $Id$
 PATCHES PROPOSED TO BACKPORT:
   [ New proposals should be added at the end of the list ]
 
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50744
-  Skip SSL configuration check if we cannot create an unbound socket
-  https://issues.apache.org/bugzilla/attachment.cgi?id=26651
-  +1: kkolinko, markt, jfclere
-  -1:
-
 * Add additional configuration options to the DIGEST authenticator
   http://people.apache.org/~markt/patches/2011-04-01-digest-tc5.patch
   +1: markt: jfclere

Modified: 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1159307&r1=1159306&r2=1159307&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
 Thu Aug 18 16:44:33 2011
@@ -418,10 +418,21 @@ public abstract class JSSESocketFactory
      */
     protected void checkConfig() throws IOException {
         // Create an unbound server socket
-        ServerSocket socket =
-            JdkCompat.getJdkCompat().getUnboundSocket(sslProxy);
+        ServerSocket socket;
+        try {
+            socket = JdkCompat.getJdkCompat().getUnboundSocket(sslProxy);
+        } catch (IOException ex) {
+            // Bug 50744 - some old JDKs do not implement unbound sockets
+            if (log.isDebugEnabled()) {
+                log.debug(sm.getString("jsse.ssl_conf_unbound_socket"), ex);
+            }
+            return;
+        }
         if (socket == null) {
-            // Can create unbound sockets (1.3 JVM) - can't test the connection
+            // Can't create unbound sockets (1.3 JVM) - can't test the 
connection
+            if (log.isDebugEnabled()) {
+                log.debug(sm.getString("jsse.ssl_conf_unbound_socket"));
+            }
             return;
         }
         initServerSocket(socket);

Modified: 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties?rev=1159307&r1=1159306&r2=1159307&view=diff
==============================================================================
--- 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
 (original)
+++ 
tomcat/tc5.5.x/trunk/connectors/util/java/org/apache/tomcat/util/net/jsse/res/LocalStrings.properties
 Thu Aug 18 16:44:33 2011
@@ -15,3 +15,4 @@
 
 jsse.alias_no_key_entry=Alias name {0} does not identify a key entry
 jsse.invalid_ssl_conf=SSL configuration is invalid due to {0}
+jsse.ssl_conf_unbound_socket=Unable to create an unbound server socket. SSL 
configuration check will be skipped.

Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=1159307&r1=1159306&r2=1159307&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Thu Aug 18 
16:44:33 2011
@@ -86,6 +86,10 @@
         Fix CVE-2011-2526. Protect against crashes (HTTP APR) if sendfile is
         configured to send more data than is available in the file. (markt) 
       </fix>
+      <fix>
+        <bug>50744</bug>: Skip the SSL configuration check on platforms where 
an
+        unbounded socket cannot be created. (kkolinko)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to