You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by fs...@apache.org on 2015/01/24 14:59:30 UTC
svn commit: r1654517 -
/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Author: fschumacher
Date: Sat Jan 24 13:59:29 2015
New Revision: 1654517
URL: http://svn.apache.org/r1654517
Log:
Close the socket that was used to determine the ssl
capabilities. Issue reported by Coverity Scan.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1654517&r1=1654516&r2=1654517&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Sat Jan 24 13:59:29 2015
@@ -148,24 +148,36 @@ public class JSSESocketFactory implement
return;
}
- defaultServerCipherSuites = socket.getEnabledCipherSuites();
- if (defaultServerCipherSuites.length == 0) {
- log.warn(sm.getString("jsse.noDefaultCiphers", endpoint.getName()));
- }
+ try {
+ defaultServerCipherSuites = socket.getEnabledCipherSuites();
+ if (defaultServerCipherSuites.length == 0) {
+ log.warn(sm.getString("jsse.noDefaultCiphers",
+ endpoint.getName()));
+ }
- // Filter out all the SSL protocols (SSLv2 and SSLv3) from the defaults
- // since they are no longer considered secure
- List<String> filteredProtocols = new ArrayList<>();
- for (String protocol : socket.getEnabledProtocols()) {
- if (protocol.toUpperCase(Locale.ENGLISH).contains("SSL")) {
- log.debug(sm.getString("jsse.excludeDefaultProtocol", protocol));
- continue;
+ // Filter out all the SSL protocols (SSLv2 and SSLv3) from the
+ // defaults
+ // since they are no longer considered secure
+ List<String> filteredProtocols = new ArrayList<>();
+ for (String protocol : socket.getEnabledProtocols()) {
+ if (protocol.toUpperCase(Locale.ENGLISH).contains("SSL")) {
+ log.debug(sm.getString("jsse.excludeDefaultProtocol",
+ protocol));
+ continue;
+ }
+ filteredProtocols.add(protocol);
+ }
+ defaultServerProtocols = filteredProtocols
+ .toArray(new String[filteredProtocols.size()]);
+ if (defaultServerProtocols.length == 0) {
+ log.warn(sm.getString("jsse.noDefaultProtocols",
+ endpoint.getName()));
+ }
+ } finally {
+ try {
+ socket.close();
+ } catch (IOException ignore) {
}
- filteredProtocols.add(protocol);
- }
- defaultServerProtocols = filteredProtocols.toArray(new String[filteredProtocols.size()]);
- if (defaultServerProtocols.length == 0) {
- log.warn(sm.getString("jsse.noDefaultProtocols", endpoint.getName()));
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org