You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2019/08/29 16:29:53 UTC
[tomcat] branch 8.5.x updated: 63706: Avoid NPE accessing https
port with plaintext
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new df41189 63706: Avoid NPE accessing https port with plaintext
df41189 is described below
commit df41189ee6ad84e891e62fcf84530d2d635deda2
Author: remm <re...@apache.org>
AuthorDate: Thu Aug 29 18:26:09 2019 +0200
63706: Avoid NPE accessing https port with plaintext
---
java/org/apache/tomcat/util/net/Nio2Endpoint.java | 10 ++++++----
java/org/apache/tomcat/util/net/NioEndpoint.java | 10 ++++++----
webapps/docs/changelog.xml | 7 +++++++
3 files changed, 19 insertions(+), 8 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/Nio2Endpoint.java b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
index dfd2f0c..83be183 100644
--- a/java/org/apache/tomcat/util/net/Nio2Endpoint.java
+++ b/java/org/apache/tomcat/util/net/Nio2Endpoint.java
@@ -1677,11 +1677,13 @@ public class Nio2Endpoint extends AbstractJsseEndpoint<Nio2Channel> {
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNio2Channel) {
SecureNio2Channel ch = (SecureNio2Channel) getSocket();
- SSLSession session = ch.getSslEngine().getSession();
- return ((Nio2Endpoint) getEndpoint()).getSslImplementation().getSSLSupport(session);
- } else {
- return null;
+ SSLEngine sslEngine = ch.getSslEngine();
+ if (sslEngine != null) {
+ SSLSession session = sslEngine.getSession();
+ return ((Nio2Endpoint) getEndpoint()).getSslImplementation().getSSLSupport(session);
+ }
}
+ return null;
}
diff --git a/java/org/apache/tomcat/util/net/NioEndpoint.java b/java/org/apache/tomcat/util/net/NioEndpoint.java
index 2eb4d09..45613aa 100644
--- a/java/org/apache/tomcat/util/net/NioEndpoint.java
+++ b/java/org/apache/tomcat/util/net/NioEndpoint.java
@@ -1412,11 +1412,13 @@ public class NioEndpoint extends AbstractJsseEndpoint<NioChannel> {
public SSLSupport getSslSupport(String clientCertProvider) {
if (getSocket() instanceof SecureNioChannel) {
SecureNioChannel ch = (SecureNioChannel) getSocket();
- SSLSession session = ch.getSslEngine().getSession();
- return ((NioEndpoint) getEndpoint()).getSslImplementation().getSSLSupport(session);
- } else {
- return null;
+ SSLEngine sslEngine = ch.getSslEngine();
+ if (sslEngine != null) {
+ SSLSession session = sslEngine.getSession();
+ return ((NioEndpoint) getEndpoint()).getSslImplementation().getSSLSupport(session);
+ }
}
+ return null;
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 13c63a6..2b1c5db 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -54,6 +54,13 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ <bug>63706</bug>: Avoid NPE accessing https port with plaintext. (remm)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Web applications">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org