You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2015/12/11 12:02:55 UTC
svn commit: r1719343 - in /tomcat/trunk/java/org/apache/tomcat/util/net:
AbstractJsseEndpoint.java Nio2Endpoint.java NioEndpoint.java
Author: remm
Date: Fri Dec 11 11:02:55 2015
New Revision: 1719343
URL: http://svn.apache.org/viewvc?rev=1719343&view=rev
Log:
Add code to properly destroy SSL contexts.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1719343&r1=1719342&r2=1719343&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Fri Dec 11 11:02:55 2015
@@ -37,7 +37,6 @@ public abstract class AbstractJsseEndpoi
private SSLImplementation sslImplementation = null;
-
public String getSslImplementationName() {
return sslImplementationName;
}
@@ -99,6 +98,21 @@ public abstract class AbstractJsseEndpoi
}
+ protected void destroySsl() throws Exception {
+ if (isSSLEnabled()) {
+ for (SSLHostConfig sslHostConfig : sslHostConfigs.values()) {
+ for (SSLHostConfigCertificate certificate : sslHostConfig.getCertificates(true)) {
+ if (certificate.getSslContextWrapper() != null) {
+ SSLContext sslContext = certificate.getSslContextWrapper().getSSLContext();
+ if (sslContext != null) {
+ sslContext.destroy();
+ }
+ }
+ }
+ }
+ }
+ }
+
protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers) {
SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName);
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java?rev=1719343&r1=1719342&r2=1719343&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/Nio2Endpoint.java Fri Dec 11 11:02:55 2015
@@ -275,6 +275,7 @@ public class Nio2Endpoint extends Abstra
// Close server socket
serverSock.close();
serverSock = null;
+ destroySsl();
super.unbind();
// Unlike other connectors, the thread pool is tied to the server socket
shutdownExecutor();
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java?rev=1719343&r1=1719342&r2=1719343&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/NioEndpoint.java Fri Dec 11 11:02:55 2015
@@ -348,6 +348,7 @@ public class NioEndpoint extends Abstrac
serverSock.socket().close();
serverSock.close();
serverSock = null;
+ destroySsl();
super.unbind();
releaseCaches();
selectorPool.close();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org