You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/01/28 11:08:13 UTC
[tomcat] 03/05: Ensure the name of the default SSLHostConfig is
always lower case
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit e041171e1afc141aa93cf5c49e2b7a1890c63e50
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Jan 28 09:58:43 2021 +0000
Ensure the name of the default SSLHostConfig is always lower case
This is the third part of the fix to make mapping of SNI values to SSL
virtual hosts case insensitive.
---
java/org/apache/tomcat/util/net/AbstractEndpoint.java | 7 ++++++-
java/org/apache/tomcat/util/net/SSLHostConfig.java | 3 +++
webapps/docs/config/http.xml | 3 ++-
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index 83b9715..868c8b6 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -27,6 +27,7 @@ import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
+import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
@@ -212,11 +213,15 @@ public abstract class AbstractEndpoint<S,U> {
// ----------------------------------------------------------------- Properties
private String defaultSSLHostConfigName = SSLHostConfig.DEFAULT_SSL_HOST_NAME;
+ /**
+ * @return The host name for the default SSL configuration for this endpoint
+ * - always in lower case.
+ */
public String getDefaultSSLHostConfigName() {
return defaultSSLHostConfigName;
}
public void setDefaultSSLHostConfigName(String defaultSSLHostConfigName) {
- this.defaultSSLHostConfigName = defaultSSLHostConfigName;
+ this.defaultSSLHostConfigName = defaultSSLHostConfigName.toLowerCase(Locale.ENGLISH);
}
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 8ab6b63..2c1c0c3 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -49,6 +49,9 @@ public class SSLHostConfig implements Serializable {
private static final Log log = LogFactory.getLog(SSLHostConfig.class);
private static final StringManager sm = StringManager.getManager(SSLHostConfig.class);
+ // Must be lower case. SSL host names are always stored using lower case as
+ // they are case insensitive but are used by case sensitive code such as
+ // keys in Maps.
protected static final String DEFAULT_SSL_HOST_NAME = "_default_";
protected static final Set<String> SSL_PROTO_ALL_SET = new HashSet<>();
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 8d77679..4f2d17b 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -115,7 +115,8 @@
connections) if the client connection does not provide SNI or if the SNI
is provided but does not match any configured
<strong>SSLHostConfig</strong>. If not specified the default value of
- <code>_default_</code> will be used.</p>
+ <code>_default_</code> will be used. Provided values are always converted
+ to lower case.</p>
</attribute>
<attribute name="discardFacades" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org