You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2006/12/19 00:16:47 UTC
svn commit: r488453 -
/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java
Author: remm
Date: Mon Dec 18 15:16:46 2006
New Revision: 488453
URL: http://svn.apache.org/viewvc?view=rev&rev=488453
Log:
- 37869: Also use the SSL_INFO_CLIENT_CERT field if the chain is empty.
- Submitted by Grzegorz Grzybek.
Modified:
tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java
Modified: tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java?view=diff&rev=488453&r1=488452&r2=488453
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/coyote/http11/Http11AprProcessor.java Mon Dec 18 15:16:46 2006
@@ -1145,6 +1145,15 @@
ByteArrayInputStream stream = new ByteArrayInputStream(data);
certs[i] = (X509Certificate) cf.generateCertificate(stream);
}
+ } else if (certLength == 0) {
+ byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT);
+ if (data != null) {
+ certs = new X509Certificate[1];
+ CertificateFactory cf =
+ CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream stream = new ByteArrayInputStream(data);
+ certs[0] = (X509Certificate) cf.generateCertificate(stream);
+ }
}
if (certs != null) {
request.setAttribute
@@ -1191,6 +1200,15 @@
CertificateFactory.getInstance("X.509");
ByteArrayInputStream stream = new ByteArrayInputStream(data);
certs[i] = (X509Certificate) cf.generateCertificate(stream);
+ }
+ } else if (certLength == 0) {
+ byte[] data = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT);
+ if (data != null) {
+ certs = new X509Certificate[1];
+ CertificateFactory cf =
+ CertificateFactory.getInstance("X.509");
+ ByteArrayInputStream stream = new ByteArrayInputStream(data);
+ certs[0] = (X509Certificate) cf.generateCertificate(stream);
}
}
if (certs != null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org