ASF Bugzilla – Attachment 32493 Details for
Bug 57540
report TLS protocol version
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated patch
57540.patch.3 (text/plain), 5.79 KB, created by
Christopher Schultz
on 2015-02-18 14:31:25 UTC
(
hide
)
Description:
Updated patch
Filename:
MIME Type:
Creator:
Christopher Schultz
Created:
2015-02-18 14:31:25 UTC
Size:
5.79 KB
patch
obsolete
>Index: java/org/apache/coyote/ajp/AjpProcessor.java >=================================================================== >--- java/org/apache/coyote/ajp/AjpProcessor.java (revision 1660466) >+++ java/org/apache/coyote/ajp/AjpProcessor.java (working copy) >@@ -1140,6 +1140,8 @@ > } catch (NumberFormatException nfe) { > // Ignore invalid value > } >+ } else if(n.equals(Constants.SC_A_SSL_PROTOCOL)) { >+ request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY, v); > } else { > request.setAttribute(n, v ); > } >Index: java/org/apache/coyote/ajp/Constants.java >=================================================================== >--- java/org/apache/coyote/ajp/Constants.java (revision 1660466) >+++ java/org/apache/coyote/ajp/Constants.java (working copy) >@@ -76,6 +76,7 @@ > */ > public static final String SC_A_REQ_LOCAL_ADDR = "AJP_LOCAL_ADDR"; > public static final String SC_A_REQ_REMOTE_PORT = "AJP_REMOTE_PORT"; >+ public static final String SC_A_SSL_PROTOCOL = "AJP_SSL_PROTOCOL"; > > // Terminates list of attributes > public static final byte SC_A_ARE_DONE = (byte)0xFF; >Index: java/org/apache/coyote/http11/Http11Processor.java >=================================================================== >--- java/org/apache/coyote/http11/Http11Processor.java (revision 1660466) >+++ java/org/apache/coyote/http11/Http11Processor.java (working copy) >@@ -975,6 +975,11 @@ > request.setAttribute > (SSLSupport.SESSION_ID_KEY, sslO); > } >+ sslO = sslSupport.getProtocol(); >+ if (sslO != null) { >+ request.setAttribute >+ (SSLSupport.PROTOCOL_VERSION_KEY, sslO); >+ } > request.setAttribute(SSLSupport.SESSION_MGR, sslSupport); > } > } catch (Exception e) { >Index: java/org/apache/tomcat/util/net/jsse/JSSESupport.java >=================================================================== >--- java/org/apache/tomcat/util/net/jsse/JSSESupport.java (revision 1660466) >+++ java/org/apache/tomcat/util/net/jsse/JSSESupport.java (working copy) >@@ -180,5 +180,13 @@ > public void invalidateSession() { > session.invalidate(); > } >+ >+ @Override >+ public String getProtocol() throws IOException { >+ if (session == null) { >+ return null; >+ } >+ return session.getProtocol(); >+ } > } > >Index: java/org/apache/tomcat/util/net/SSLSupport.java >=================================================================== >--- java/org/apache/tomcat/util/net/SSLSupport.java (revision 1660466) >+++ java/org/apache/tomcat/util/net/SSLSupport.java (working copy) >@@ -55,6 +55,12 @@ > public static final String SESSION_MGR = > "javax.servlet.request.ssl_session_mgr"; > >+ /** >+ * The request attribute key under which the String indicating the protocol >+ * that created the SSL socket is recorded - e.g. TLSv1 or TLSv1.2 etc. >+ */ >+ public static final String PROTOCOL_VERSION_KEY = >+ "org.apache.tomcat.util.net.secure_protocol_version"; > > /** > * The cipher suite being used on this connection. >@@ -106,5 +112,11 @@ > * @throws IOException If an error occurs trying to obtain the session ID > */ > public String getSessionId() throws IOException; >+ >+ /** >+ * @return the protocol String indicating how the SSL socket was created >+ * e.g. TLSv1 or TLSv1.2 etc. >+ */ >+ public String getProtocol() throws IOException; > } > >Index: java/org/apache/tomcat/util/net/AprSSLSupport.java >=================================================================== >--- java/org/apache/tomcat/util/net/AprSSLSupport.java (revision 1660466) >+++ java/org/apache/tomcat/util/net/AprSSLSupport.java (working copy) >@@ -117,4 +117,18 @@ > throw new IOException(e); > } > } >+ >+ @Override >+ public String getProtocol() throws IOException { >+ long socketRef = socketWrapper.getSocket().longValue(); >+ if (socketRef == 0) { >+ return null; >+ } >+ >+ try { >+ return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_PROTOCOL); >+ } catch (Exception e) { >+ throw new IOException(e); >+ } >+ } > } >Index: java/org/apache/catalina/connector/Request.java >=================================================================== >--- java/org/apache/catalina/connector/Request.java (revision 1660466) >+++ java/org/apache/catalina/connector/Request.java (working copy) >@@ -98,6 +98,7 @@ > import org.apache.tomcat.util.http.fileupload.servlet.ServletFileUpload; > import org.apache.tomcat.util.http.fileupload.servlet.ServletRequestContext; > import org.apache.tomcat.util.http.parser.AcceptLanguage; >+import org.apache.tomcat.util.net.SSLSupport; > import org.apache.tomcat.util.res.StringManager; > import org.ietf.jgss.GSSCredential; > import org.ietf.jgss.GSSException; >@@ -853,7 +854,7 @@ > if(attr != null) { > return attr; > } >- if( isSSLAttribute(name) ) { >+ if( isSSLAttribute(name) || name.equals(SSLSupport.PROTOCOL_VERSION_KEY)) { > coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE, > coyoteRequest); > attr = coyoteRequest.getAttribute(Globals.CERTIFICATES_ATTR); >@@ -876,6 +877,10 @@ > if(attr != null) { > attributes.put(Globals.SSL_SESSION_MGR_ATTR, attr); > } >+ attr = coyoteRequest.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY); >+ if(attr != null) { >+ attributes.put(SSLSupport.PROTOCOL_VERSION_KEY, attr); >+ } > attr = attributes.get(name); > sslAttributesParsed = true; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 57540
:
32437
|
32486
|
32487
| 32493