You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/03/27 15:39:12 UTC
[tomcat] branch 8.5.x updated: Fix ALPN negotiation with JSSE
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new bcca085 Fix ALPN negotiation with JSSE
bcca085 is described below
commit bcca085c20f8a00c5ade95ca7c45c90a4d274f8c
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Mar 27 15:35:33 2019 +0000
Fix ALPN negotiation with JSSE
When using a JSSE TLS connector that supported ALPN (Java 9 onwards) and
a protocol was not negotiated, Tomcat failed to fallback to HTTP/1.1 and
instead dropped the connection.
---
java/org/apache/coyote/AbstractProtocol.java | 4 +++-
webapps/docs/changelog.xml | 5 +++++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/coyote/AbstractProtocol.java b/java/org/apache/coyote/AbstractProtocol.java
index fc899df..837f805 100644
--- a/java/org/apache/coyote/AbstractProtocol.java
+++ b/java/org/apache/coyote/AbstractProtocol.java
@@ -749,7 +749,9 @@ public abstract class AbstractProtocol<S> implements ProtocolHandler,
try {
if (processor == null) {
String negotiatedProtocol = wrapper.getNegotiatedProtocol();
- if (negotiatedProtocol != null) {
+ // OpenSSL typically returns null whereas JSSE typically
+ // returns "" when no protocol is negotiated
+ if (negotiatedProtocol != null && negotiatedProtocol.length() > 0) {
UpgradeProtocol upgradeProtocol =
getProtocol().getNegotiatedProtocol(negotiatedProtocol);
if (upgradeProtocol != null) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index fc04dd7..b482e9c 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -93,6 +93,11 @@
<fix>
Harmonize NIO2 isReadyForWrite with isReadyForRead code. (remm)
</fix>
+ <fix>
+ When using a JSSE TLS connector that supported ALPN (Java 9 onwards) and
+ a protocol was not negotiated, Tomcat failed to fallback to HTTP/1.1 and
+ instead dropped the connection. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org