You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/11/02 14:48:08 UTC

svn commit: r1711991 - /tomcat/native/trunk/native/src/sslcontext.c

Author: markt
Date: Mon Nov  2 13:48:08 2015
New Revision: 1711991

URL: http://svn.apache.org/viewvc?rev=1711991&view=rev
Log:
Implement review comments from kkolinko on the original fix for BZ 58566
Quit as early as possible if no SNI callback method is available in the Java code
Ensure that Java long values always point to tcn_ssl_ctxt_t structures

Modified:
    tomcat/native/trunk/native/src/sslcontext.c

Modified: tomcat/native/trunk/native/src/sslcontext.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1711991&r1=1711990&r2=1711991&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Mon Nov  2 13:48:08 2015
@@ -97,19 +97,21 @@ int ssl_callback_ServerNameIndication(SS
     const char *servername;
     jstring hostname;
     jlong original_ssl_context, new_ssl_context;
+    tcn_ssl_ctxt_t *new_c;
+    
+    // Continue only if the static method exists
+    if (sni_java_callback == NULL) {
+        return SSL_TLSEXT_ERR_OK;
+    }
+    
     (*javavm)->AttachCurrentThread(javavm, (void **)&env, NULL);
 
     // Get the host name presented by the client
     servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
 
-    // Convert parameters ready for the method call
+    // Convert to Java compatible parameters ready for the method call
     hostname = (*env)->NewStringUTF(env, servername);
-    original_ssl_context = P2J(c->ctx);
-
-    // Make the call only if the static method exists
-    if (sni_java_callback == NULL) {
-        return SSL_TLSEXT_ERR_OK;
-    }
+    original_ssl_context = P2J(c);
     
     new_ssl_context = (*env)->CallStaticLongMethod(env,
                                                    ssl_context_class,
@@ -117,9 +119,10 @@ int ssl_callback_ServerNameIndication(SS
                                                    original_ssl_context,
                                                    hostname);
 
-    if (new_ssl_context != 0 && original_ssl_context != new_ssl_context) {
-        SSL_set_SSL_CTX(ssl, J2P(new_ssl_context, SSL_CTX *));
-    }
+    if (new_ssl_context != 0 && new_ssl_context != original_ssl_context) {
+        new_c = J2P(new_ssl_context, tcn_ssl_ctxt_t *);
+        SSL_set_SSL_CTX(ssl, new_c->ctx);
+	}
 
     return SSL_TLSEXT_ERR_OK;
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org