You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/08/12 07:46:56 UTC
svn commit: r1756098 - in /tomcat/trunk/java/org/apache/coyote:
ajp/AjpProcessor.java http11/Http11Processor.java http2/StreamProcessor.java
Author: markt
Date: Fri Aug 12 07:46:56 2016
New Revision: 1756098
URL: http://svn.apache.org/viewvc?rev=1756098&view=rev
Log:
Align ActionCode.REQ_SSL_CERTIFICATE
Modified:
tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Fri Aug 12 07:46:56 2016
@@ -463,8 +463,7 @@ public class AjpProcessor extends Abstra
break;
}
case REQ_SSL_CERTIFICATE: {
- // NO-OP. Can't force a new SSL handshake with the client when using
- // AJP as the reverse proxy controls that connection.
+ sslReHandShake();
break;
}
@@ -1502,6 +1501,12 @@ public class AjpProcessor extends Abstra
}
+ private void sslReHandShake() {
+ // NO-OP. Can't force a new SSL handshake with the client when using
+ // AJP as the reverse proxy controls that connection.
+ }
+
+
/**
* Read at least the specified amount of bytes, and place them
* in the input buffer. Note that if any data is available to read then this
Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri Aug 12 07:46:56 2016
@@ -756,24 +756,7 @@ public class Http11Processor extends Abs
break;
}
case REQ_SSL_CERTIFICATE: {
- if (sslSupport != null) {
- // Consume and buffer the request body, so that it does not
- // interfere with the client's handshake messages
- InputFilter[] inputFilters = inputBuffer.getFilters();
- ((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER]).setLimit(
- maxSavePostSize);
- inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
-
- try {
- socketWrapper.doClientAuth(sslSupport);
- Object sslO = sslSupport.getPeerCertificateChain();
- if (sslO != null) {
- request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
- }
- } catch (IOException ioe) {
- log.warn(sm.getString("http11processor.socket.ssl"), ioe);
- }
- }
+ sslReHandShake();
break;
}
@@ -1825,6 +1808,28 @@ public class Http11Processor extends Abs
}
+ private void sslReHandShake() {
+ if (sslSupport != null) {
+ // Consume and buffer the request body, so that it does not
+ // interfere with the client's handshake messages
+ InputFilter[] inputFilters = inputBuffer.getFilters();
+ ((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER]).setLimit(
+ maxSavePostSize);
+ inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
+
+ try {
+ socketWrapper.doClientAuth(sslSupport);
+ Object sslO = sslSupport.getPeerCertificateChain();
+ if (sslO != null) {
+ request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+ }
+ } catch (IOException ioe) {
+ log.warn(sm.getString("http11processor.socket.ssl"), ioe);
+ }
+ }
+ }
+
+
/**
* Checks to see if the keep-alive loop should be broken, performing any
* processing (e.g. sendfile handling) that may have an impact on whether
Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java Fri Aug 12 07:46:56 2016
@@ -210,7 +210,7 @@ public class StreamProcessor extends Abs
break;
}
case REQ_SSL_CERTIFICATE: {
- // No re-negotiation support in HTTP/2.
+ sslReHandShake();
break;
}
@@ -436,6 +436,11 @@ public class StreamProcessor extends Abs
}
+ private void sslReHandShake() {
+ // No re-negotiation support in HTTP/2.
+ }
+
+
@Override
public void recycle() {
// StreamProcessor instances are not re-used.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org