You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2014/07/01 21:25:06 UTC
[2/2] git commit: [CXF-5818] Fix stackoverflow with TLS
[CXF-5818] Fix stackoverflow with TLS
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7fab676d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7fab676d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7fab676d
Branch: refs/heads/master
Commit: 7fab676dc109d702da52a7dfeaf0ef1802a60e98
Parents: 0fdde9e
Author: Daniel Kulp <dk...@apache.org>
Authored: Tue Jul 1 15:21:48 2014 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Tue Jul 1 15:21:48 2014 -0400
----------------------------------------------------------------------
.../apache/cxf/transport/https/HttpsURLConnectionFactory.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7fab676d/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
index 73b692d..56637ee 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
@@ -174,6 +174,8 @@ public class HttpsURLConnectionFactory {
// from the policy.
socketFactory = new SSLSocketFactoryWrapper(ctx.getSocketFactory(), cipherSuites,
tlsClientParameters.getSecureSocketProtocol());
+ //recalc the hashcode since somet of the above MAY have changed the tlsClientParameters
+ lastTlsHash = tlsClientParameters.hashCode();
} else {
// ssl socket factory already initialized, reuse it to benefit of keep alive
}
@@ -255,7 +257,8 @@ public class HttpsURLConnectionFactory {
KeyManager[] keyManagers) throws GeneralSecurityException {
if (tlsClientParameters.getCertAlias() != null) {
for (int idx = 0; idx < keyManagers.length; idx++) {
- if (keyManagers[idx] instanceof X509KeyManager) {
+ if (keyManagers[idx] instanceof X509KeyManager
+ && !(keyManagers[idx] instanceof AliasedX509ExtendedKeyManager)) {
try {
keyManagers[idx] = new AliasedX509ExtendedKeyManager(
tlsClientParameters.getCertAlias(), (X509KeyManager)keyManagers[idx]);