You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/08/12 07:46:56 UTC

svn commit: r1756098 - in /tomcat/trunk/java/org/apache/coyote: ajp/AjpProcessor.java http11/Http11Processor.java http2/StreamProcessor.java

Author: markt
Date: Fri Aug 12 07:46:56 2016
New Revision: 1756098

URL: http://svn.apache.org/viewvc?rev=1756098&view=rev
Log:
Align ActionCode.REQ_SSL_CERTIFICATE

Modified:
    tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
    tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
    tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java

Modified: tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java Fri Aug 12 07:46:56 2016
@@ -463,8 +463,7 @@ public class AjpProcessor extends Abstra
             break;
         }
         case REQ_SSL_CERTIFICATE: {
-            // NO-OP. Can't force a new SSL handshake with the client when using
-            // AJP as the reverse proxy controls that connection.
+            sslReHandShake();
             break;
         }
 
@@ -1502,6 +1501,12 @@ public class AjpProcessor extends Abstra
     }
     
     
+    private void sslReHandShake() {
+        // NO-OP. Can't force a new SSL handshake with the client when using
+        // AJP as the reverse proxy controls that connection.
+    }
+
+    
     /**
      * Read at least the specified amount of bytes, and place them
      * in the input buffer. Note that if any data is available to read then this

Modified: tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java Fri Aug 12 07:46:56 2016
@@ -756,24 +756,7 @@ public class Http11Processor extends Abs
             break;
         }
         case REQ_SSL_CERTIFICATE: {
-            if (sslSupport != null) {
-                // Consume and buffer the request body, so that it does not
-                // interfere with the client's handshake messages
-                InputFilter[] inputFilters = inputBuffer.getFilters();
-                ((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER]).setLimit(
-                        maxSavePostSize);
-                inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
-
-                try {
-                    socketWrapper.doClientAuth(sslSupport);
-                    Object sslO = sslSupport.getPeerCertificateChain();
-                    if (sslO != null) {
-                        request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
-                    }
-                } catch (IOException ioe) {
-                    log.warn(sm.getString("http11processor.socket.ssl"), ioe);
-                }
-            }
+            sslReHandShake();
             break;
         }
 
@@ -1825,6 +1808,28 @@ public class Http11Processor extends Abs
     }
 
 
+    private void sslReHandShake() {
+        if (sslSupport != null) {
+            // Consume and buffer the request body, so that it does not
+            // interfere with the client's handshake messages
+            InputFilter[] inputFilters = inputBuffer.getFilters();
+            ((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER]).setLimit(
+                    maxSavePostSize);
+            inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
+
+            try {
+                socketWrapper.doClientAuth(sslSupport);
+                Object sslO = sslSupport.getPeerCertificateChain();
+                if (sslO != null) {
+                    request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
+                }
+            } catch (IOException ioe) {
+                log.warn(sm.getString("http11processor.socket.ssl"), ioe);
+            }
+        }
+    }
+    
+    
     /**
      * Checks to see if the keep-alive loop should be broken, performing any
      * processing (e.g. sendfile handling) that may have an impact on whether

Modified: tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java?rev=1756098&r1=1756097&r2=1756098&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java (original)
+++ tomcat/trunk/java/org/apache/coyote/http2/StreamProcessor.java Fri Aug 12 07:46:56 2016
@@ -210,7 +210,7 @@ public class StreamProcessor extends Abs
             break;
         }
         case REQ_SSL_CERTIFICATE: {
-            // No re-negotiation support in HTTP/2.
+            sslReHandShake();
             break;
         }
 
@@ -436,6 +436,11 @@ public class StreamProcessor extends Abs
     }
 
 
+    private void sslReHandShake() {
+        // No re-negotiation support in HTTP/2.
+    }
+
+    
     @Override
     public void recycle() {
         // StreamProcessor instances are not re-used.



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org