tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <devli...@hanik.com>
Subject Re: svn commit: r1074675 - in /tomcat/trunk: java/org/apache/coyote/http11/ java/org/apache/tomcat/util/net/ webapps/docs/
Date Mon, 28 Feb 2011 18:06:19 GMT
On 2/27/2011 4:30 AM, Mark Thomas wrote:
>> On 25/02/2011 20:16, Filip Hanik - Dev Lists wrote:
>>> The simplest solution is, would be to use an individual selector.
>>> Register the socket and issue a select() on the thread you are running on.
>>> If you want to use a shared selector (like NIO does for reads and
>>> writes) it requires a bit more logic.
> I have implemented the simple solution and based on a quick test with
> the Eclipse debugger the handshake now blocks while waiting for client data.
>
> A review would be good since my understanding of NIO is not as good as
> yours.
My initial recommendation is to pull out this change, and as default behavior, throw an exception
if the SSLAuthenticator is trying to 
authenticate and the need-client-auth is not configured.

There is much complexity in implementing the renegotiation without a unit test case, as there
are both application buffers and network 
buffers in the NIO implementation that will need to be tested more carefully.

So for the sake of not holding up releases, implement the exception case first, where you
force the user to configure client authentication, 
until there is a configuration that we are more comfortable with.

best
Filip

> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>
>
> -----
> No virus found in this message.
> Checked by AVG - www.avg.com
> Version: 10.0.1204 / Virus Database: 1435/3473 - Release Date: 02/28/11
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message