You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/11/04 14:45:41 UTC

[tomcat] 01/03: Refactor to align better with 9.0.x

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 31f324ae82bd25158b884c3c2a8e9e1de95dbdd4
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Nov 4 14:43:15 2019 +0000

    Refactor to align better with 9.0.x
---
 java/org/apache/tomcat/util/compat/Jre8Compat.java        | 5 +----
 java/org/apache/tomcat/util/compat/JreCompat.java         | 2 +-
 java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java | 9 ++++-----
 3 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/java/org/apache/tomcat/util/compat/Jre8Compat.java b/java/org/apache/tomcat/util/compat/Jre8Compat.java
index e76ac35..dfc2c87 100644
--- a/java/org/apache/tomcat/util/compat/Jre8Compat.java
+++ b/java/org/apache/tomcat/util/compat/Jre8Compat.java
@@ -24,7 +24,6 @@ import java.security.KeyStore.LoadStoreParameter;
 import java.util.Collections;
 import java.util.Map;
 
-import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLParameters;
 
 import org.apache.juli.logging.Log;
@@ -81,13 +80,11 @@ class Jre8Compat extends JreCompat {
 
 
     @Override
-    public void setUseServerCipherSuitesOrder(SSLEngine engine,
+    public void setUseServerCipherSuitesOrder(SSLParameters sslParameters,
             boolean useCipherSuitesOrder) {
-        SSLParameters sslParameters = engine.getSSLParameters();
         try {
             setUseCipherSuitesOrderMethod.invoke(sslParameters,
                     Boolean.valueOf(useCipherSuitesOrder));
-            engine.setSSLParameters(sslParameters);
         } catch (IllegalArgumentException e) {
             throw new UnsupportedOperationException(e);
         } catch (IllegalAccessException e) {
diff --git a/java/org/apache/tomcat/util/compat/JreCompat.java b/java/org/apache/tomcat/util/compat/JreCompat.java
index 4deb72c..814dfae 100644
--- a/java/org/apache/tomcat/util/compat/JreCompat.java
+++ b/java/org/apache/tomcat/util/compat/JreCompat.java
@@ -81,7 +81,7 @@ public class JreCompat {
 
 
     @SuppressWarnings("unused")
-    public void setUseServerCipherSuitesOrder(SSLEngine engine, boolean useCipherSuitesOrder) {
+    public void setUseServerCipherSuitesOrder(SSLParameters engine, boolean useCipherSuitesOrder) {
         throw new UnsupportedOperationException(sm.getString("jreCompat.noServerCipherSuiteOrder"));
     }
 
diff --git a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
index 5f95cfa..984b493 100644
--- a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
@@ -135,16 +135,16 @@ public abstract class AbstractJsseEndpoint<S> extends AbstractEndpoint<S> {
         engine.setEnabledCipherSuites(sslHostConfig.getEnabledCiphers());
         engine.setEnabledProtocols(sslHostConfig.getEnabledProtocols());
 
+        SSLParameters sslParameters = engine.getSSLParameters();
         String honorCipherOrderStr = sslHostConfig.getHonorCipherOrder();
         if (honorCipherOrderStr != null) {
             boolean honorCipherOrder = Boolean.parseBoolean(honorCipherOrderStr);
-            JreCompat.getInstance().setUseServerCipherSuitesOrder(engine, honorCipherOrder);
+            JreCompat.getInstance().setUseServerCipherSuitesOrder(sslParameters, honorCipherOrder);
         }
 
         if (JreCompat.isJre9Available() && clientRequestedApplicationProtocols != null
                 && clientRequestedApplicationProtocols.size() > 0
                 && negotiableProtocols.size() > 0) {
-            SSLParameters sslParameters = engine.getSSLParameters();
             // Only try to negotiate if both client and server have at least
             // one protocol in common
             // Note: Tomcat does not explicitly negotiate http/1.1
@@ -156,10 +156,9 @@ public abstract class AbstractJsseEndpoint<S> extends AbstractEndpoint<S> {
                 String[] commonProtocolsArray = commonProtocols.toArray(new String[commonProtocols.size()]);
                 JreCompat.getInstance().setApplicationProtocols(sslParameters, commonProtocolsArray);
             }
-
-            // In case the getter returns a defensive copy
-            engine.setSSLParameters(sslParameters);
         }
+        // In case the getter returns a defensive copy
+        engine.setSSLParameters(sslParameters);
 
         return engine;
     }


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org