You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/08/12 07:46:42 UTC
svn commit: r1756095 - in /tomcat/trunk/java/org/apache/coyote:
ActionCode.java http2/StreamProcessor.java
Author: markt
Date: Fri Aug 12 07:46:42 2016
New Revision: 1756095
URL: http://svn.apache.org/viewvc?rev=1756095&view=rev
Log:
Better description of purpose of REQ_SSL_CERTIFICATE
Remove code that is now clearly not necessary
Modified:
tomcat/trunk/java/org/apache/coyote/ActionCode.java
tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
Modified: tomcat/trunk/java/org/apache/coyote/ActionCode.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ActionCode.java?rev=1756095&r1=1756094&r2=1756095&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ActionCode.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ActionCode.java Fri Aug 12 07:46:42 2016
@@ -71,13 +71,14 @@ public enum ActionCode {
REQ_HOST_ADDR_ATTRIBUTE,
/**
- * Callback for lazy evaluation - extract the SSL-related attributes.
+ * Callback for lazy evaluation - extract the SSL-related attributes
+ * including the client certificate if present.
*/
REQ_SSL_ATTRIBUTE,
/**
- * Callback for lazy evaluation - extract the SSL-certificate (including
- * forcing a re-handshake if necessary)
+ * Force a TLS re-handshake and make the resulting client certificate (if
+ * any) available as a request attribute.
*/
REQ_SSL_CERTIFICATE,
Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1756095&r1=1756094&r2=1756095&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java Fri Aug 12 07:46:42 2016
@@ -236,19 +236,7 @@ public class StreamProcessor extends Abs
break;
}
case REQ_SSL_CERTIFICATE: {
- // No re-negotiation support in HTTP/2. Either the certificate is
- // available or it isn't.
- try {
- if (sslSupport != null) {
- Object sslO = sslSupport.getCipherSuite();
- sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- }
- } catch (Exception e) {
- log.warn(sm.getString("streamProcessor.ssl.error"), e);
- }
+ // No re-negotiation support in HTTP/2.
break;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org