Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 43624 invoked from network); 21 Aug 2008 08:15:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 21 Aug 2008 08:15:36 -0000 Received: (qmail 83677 invoked by uid 500); 21 Aug 2008 08:15:31 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 83604 invoked by uid 500); 21 Aug 2008 08:15:31 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 83593 invoked by uid 99); 21 Aug 2008 08:15:30 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Aug 2008 01:15:30 -0700 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [193.252.22.157] (HELO smtp2.freeserve.com) (193.252.22.157) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Aug 2008 08:14:33 +0000 Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf3114.me.freeserve.com (SMTP Server) with ESMTP id 0419A7000084 for ; Thu, 21 Aug 2008 10:14:58 +0200 (CEST) Received: from smtp.homeinbox.net (unknown [91.109.174.150]) by mwinf3114.me.freeserve.com (SMTP Server) with ESMTP id 19A277000082 for ; Thu, 21 Aug 2008 10:14:58 +0200 (CEST) X-ME-UUID: 20080821081458105.19A277000082@mwinf3114.me.freeserve.com Received: from localhost (localhost [127.0.0.1]) by smtp.homeinbox.net (Postfix) with ESMTP id 6398F112236 for ; Thu, 21 Aug 2008 09:05:35 +0100 (BST) X-Virus-Scanned: Debian amavisd-new at homeinbox.net Received: from smtp.homeinbox.net ([127.0.0.1]) by localhost (server02.dev.local [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T1cY9guQk6dP for ; Thu, 21 Aug 2008 09:05:31 +0100 (BST) Received: from [192.168.0.4] (study01.dev.local [192.168.0.4]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.homeinbox.net (Postfix) with ESMTPSA id 035C711220B for ; Thu, 21 Aug 2008 09:05:31 +0100 (BST) Message-ID: <48AD23F8.2080309@apache.org> Date: Thu, 21 Aug 2008 09:14:48 +0100 From: Mark Thomas User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Tomcat Developers List Subject: Re: svn commit: r687503 - in /tomcat/trunk/java/org/apache/tomcat/util/net/jsse: JSSESocketFactory.java res/LocalStrings.properties References: <20080820232042.AB85223889BA@eris.apache.org> <427155180808201822s3385654kc30b63e631cd723e@mail.gmail.com> In-Reply-To: <427155180808201822s3385654kc30b63e631cd723e@mail.gmail.com> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Konstantin Kolinko wrote: > Hi, > > Several comments: > 1. There are two glitches, that got carried over from the previous > version of the patch: > > a) >> - private void initServerSocket(ServerSocket ssocket) { >> + private void initServerSocket(ServerSocket ssocket) throws IOException { > > There is no need to declare throwing an IOException here. Thanks for the catch. I missed that whilst I was moving stuff around. > b) >> + * Checks that the cetificate is compatible with the enabled cipher suites. > > s/cetificate/certificate/ Fixed. > 2. I do not understand how serverSocket.accept() can succeed for an > unbound socket. It bugs me. > > from ServerSocket#accept() of jdk 1.5.0_12: > > if (!isBound()) > throw new SocketException("Socket is not bound yet"); > > It seems that the specific implementation, SSLServerSocketImpl, > bypasses the check (overwrites the accept() method not calling > super and not reimplementing the check), but it looks more like > a bug in this specific JDK implementation than a design decision. It bypasses the isClosed() test too. If these tests were added, the result would be an IOException. As long as the cipher check happens first it will be fine. Thinking about it logically, the cipher check has to be first as the socket can't start accepting connections if the SSL config is invalid. Therefore, I am happy relying on the cipher check happening before any other check. I beginning to think that the code should catch SSLException forthe case where the config is bad and Exception for eveything else. That has the advantage that *if* for some reason checks were done before the cipher check we would revert to the previous behaviour. > Also, in this operation the server port is checked through the > security manager for an "accept" permission. Some configurations > might need adjusting. And there is another reason to catch Exception. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org