You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2014/07/01 21:25:06 UTC

[2/2] git commit: [CXF-5818] Fix stackoverflow with TLS

[CXF-5818] Fix stackoverflow with TLS


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7fab676d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7fab676d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7fab676d

Branch: refs/heads/master
Commit: 7fab676dc109d702da52a7dfeaf0ef1802a60e98
Parents: 0fdde9e
Author: Daniel Kulp <dk...@apache.org>
Authored: Tue Jul 1 15:21:48 2014 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Tue Jul 1 15:21:48 2014 -0400

----------------------------------------------------------------------
 .../apache/cxf/transport/https/HttpsURLConnectionFactory.java   | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7fab676d/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
index 73b692d..56637ee 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
@@ -174,6 +174,8 @@ public class HttpsURLConnectionFactory {
             // from the policy.
             socketFactory = new SSLSocketFactoryWrapper(ctx.getSocketFactory(), cipherSuites,
                                                         tlsClientParameters.getSecureSocketProtocol());
+            //recalc the hashcode since somet of the above MAY have changed the tlsClientParameters 
+            lastTlsHash = tlsClientParameters.hashCode();
         } else {
            // ssl socket factory already initialized, reuse it to benefit of keep alive
         }
@@ -255,7 +257,8 @@ public class HttpsURLConnectionFactory {
                                                KeyManager[] keyManagers) throws GeneralSecurityException {
         if (tlsClientParameters.getCertAlias() != null) {
             for (int idx = 0; idx < keyManagers.length; idx++) {
-                if (keyManagers[idx] instanceof X509KeyManager) {
+                if (keyManagers[idx] instanceof X509KeyManager
+                    && !(keyManagers[idx] instanceof AliasedX509ExtendedKeyManager)) {
                     try {
                         keyManagers[idx] = new AliasedX509ExtendedKeyManager(
                             tlsClientParameters.getCertAlias(), (X509KeyManager)keyManagers[idx]);