cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject [2/3] git commit: [CXF-5818] Fix stackoverflow with TLS
Date Tue, 01 Jul 2014 19:50:08 GMT
[CXF-5818] Fix stackoverflow with TLS


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c12aac7c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c12aac7c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c12aac7c

Branch: refs/heads/2.6.x-fixes
Commit: c12aac7c590412708655a56570e17f373f95a132
Parents: 9aba4df
Author: Daniel Kulp <dkulp@apache.org>
Authored: Tue Jul 1 15:21:48 2014 -0400
Committer: Daniel Kulp <dkulp@apache.org>
Committed: Tue Jul 1 15:49:53 2014 -0400

----------------------------------------------------------------------
 .../apache/cxf/transport/https/HttpsURLConnectionFactory.java   | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c12aac7c/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
index 5453144..a7a7a9f 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
@@ -173,6 +173,8 @@ public class HttpsURLConnectionFactory {
             // from the policy.
             socketFactory = new SSLSocketFactoryWrapper(ctx.getSocketFactory(), cipherSuites,
                                                         tlsClientParameters.getSecureSocketProtocol());
+            //recalc the hashcode since somet of the above MAY have changed the tlsClientParameters

+            lastTlsHash = tlsClientParameters.hashCode();
         } else {
            // ssl socket factory already initialized, reuse it to benefit of keep alive
         }
@@ -260,7 +262,8 @@ public class HttpsURLConnectionFactory {
                                                KeyManager[] keyManagers) throws GeneralSecurityException
{
         if (tlsClientParameters.getCertAlias() != null) {
             for (int idx = 0; idx < keyManagers.length; idx++) {
-                if (keyManagers[idx] instanceof X509KeyManager) {
+                if (keyManagers[idx] instanceof X509KeyManager
+                    && !(keyManagers[idx] instanceof AliasedX509ExtendedKeyManager))
{
                     try {
                         keyManagers[idx] = new AliasedX509ExtendedKeyManager(
                             tlsClientParameters.getCertAlias(), (X509KeyManager)keyManagers[idx]);


Mime
View raw message