tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: [PATCH] Prevent NPE if CLIENT-CERT auth fails
Date Sat, 30 Aug 2003 03:10:47 GMT
Patch committed. Thanks much!

"Mark Thomas" <medthomas@ntlworld.com> wrote in message
news:01C36E8A.1934F8B0.medthomas@ntlworld.com...
> Sorry. Only just noticed the attachment was removed somewhere along the
way.
> Contents of patch below.
>
> Index: http11/src/java/org/apache/coyote/http11/Http11Processor.java
> ===================================================================
> RCS file:
>
/home/cvspublic/jakarta-tomcat-connectors/http11/src/java/org/apache/coyote/
> http11/Http11Processor.java,v
> retrieving revision 1.75
> diff -u -r1.75 Http11Processor.java
> --- http11/src/java/org/apache/coyote/http11/Http11Processor.java 19 Aug
2003
> 16:15:21 -0000 1.75
> +++ http11/src/java/org/apache/coyote/http11/Http11Processor.java 20 Aug
2003
> 19:44:56 -0000
> @@ -845,17 +845,17 @@
>              }
>
>          } else if (actionCode == ActionCode.ACTION_REQ_SSL_CERTIFICATE) {
> -
> -            try {
> -                Object sslO = sslSupport.getPeerCertificateChain(true);
> -                if( sslO != null) {
> -                    request.setAttribute
> -                        (SSLSupport.CERTIFICATE_KEY, sslO);
> +            if (sslSupport != null) {
> +                try {
> +                    Object sslO =
sslSupport.getPeerCertificateChain(true);
> +                    if( sslO != null) {
> +                        request.setAttribute
> +                            (SSLSupport.CERTIFICATE_KEY, sslO);
> +                    }
> +                } catch (Exception e) {
> +                    log.warn("Exception getting SSL Cert",e);
>                  }
> -            } catch (Exception e) {
> -                log.warn("Exception getting SSL Cert",e);
>              }
> -
>          }
>
>      }
>
> On Wednesday, August 20, 2003 9:05 PM, Mark Thomas
> [SMTP:medthomas@ntlworld.com] wrote:
> > A small patch.
> >
> > If auth fails, SSL session is terminated. Subsequent call to
> > sslSupport.getPeerCertifcate() generates a NPE as sslSupport is null in
this
> > case.
> >
> >
> >  << File: ATT00000.txt >>




Mime
View raw message