You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/11/02 13:30:53 UTC

svn commit: r1711945 - /tomcat/native/trunk/native/src/sslcontext.c

Author: markt
Date: Mon Nov  2 12:30:53 2015
New Revision: 1711945

URL: http://svn.apache.org/viewvc?rev=1711945&view=rev
Log:
Improve logic when SNI callback is not available or the SNI host name is unknown.
Based on kkolinko's review of fix for BZ 58566.

Modified:
    tomcat/native/trunk/native/src/sslcontext.c

Modified: tomcat/native/trunk/native/src/sslcontext.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1711945&r1=1711944&r2=1711945&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Mon Nov  2 12:30:53 2015
@@ -107,15 +107,17 @@ int ssl_callback_ServerNameIndication(SS
     original_ssl_context = P2J(c->ctx);
 
     // Make the call only if the static method exists
-    if (sni_java_callback != 0) {
-        new_ssl_context = (*env)->CallStaticLongMethod(env,
-                                                       ssl_context_class,
-                                                       sni_java_callback,
-                                                       original_ssl_context,
-                                                       hostname);
+    if (sni_java_callback == NULL) {
+        return SSL_TLSEXT_ERR_OK;
     }
+    
+    new_ssl_context = (*env)->CallStaticLongMethod(env,
+                                                   ssl_context_class,
+                                                   sni_java_callback,
+                                                   original_ssl_context,
+                                                   hostname);
 
-    if (original_ssl_context != new_ssl_context) {
+    if (new_ssl_context != 0 && original_ssl_context != new_ssl_context) {
         SSL_set_SSL_CTX(ssl, J2P(new_ssl_context, SSL_CTX *));
     }
 
@@ -286,7 +288,7 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
         sni_java_callback = (*e)->GetStaticMethodID(e, ssl_context_class,
                                                     "sniCallBack", "(JLjava/lang/String;)J");
         /* Older Tomcat versions may not have this static method */
-        if ( JNI_TRUE == (*e)->ExceptionCheck(e) ) {
+        if ( (*e)->ExceptionCheck(e) ) {
             (*e)->ExceptionClear(e);
         }
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org