ASF Bugzilla – Attachment 35069 Details for
Bug 60461
SIGSEGV in SSLSocket.getInfos
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
APR SSL support sync
aprssl_crash.patch (text/plain), 5.80 KB, created by
Remy Maucherat
on 2017-06-22 19:24:00 UTC
(
hide
)
Description:
APR SSL support sync
Filename:
MIME Type:
Creator:
Remy Maucherat
Created:
2017-06-22 19:24:00 UTC
Size:
5.80 KB
patch
obsolete
>Index: java/org/apache/tomcat/util/net/AprSSLSupport.java >=================================================================== >--- java/org/apache/tomcat/util/net/AprSSLSupport.java (revision 1799591) >+++ java/org/apache/tomcat/util/net/AprSSLSupport.java (working copy) >@@ -22,7 +22,6 @@ > import java.security.cert.X509Certificate; > > import org.apache.tomcat.jni.SSL; >-import org.apache.tomcat.jni.SSLSocket; > > /** > * Implementation of SSLSupport for APR. >@@ -32,11 +31,11 @@ > */ > public class AprSSLSupport implements SSLSupport { > >- private final SocketWrapperBase<Long> socketWrapper; >+ private final AprEndpoint.AprSocketWrapper socketWrapper; > private final String clientCertProvider; > > >- public AprSSLSupport(SocketWrapperBase<Long> socketWrapper, String clientCertProvider) { >+ public AprSSLSupport(AprEndpoint.AprSocketWrapper socketWrapper, String clientCertProvider) { > this.socketWrapper = socketWrapper; > this.clientCertProvider = clientCertProvider; > } >@@ -44,12 +43,8 @@ > > @Override > public String getCipherSuite() throws IOException { >- long socketRef = socketWrapper.getSocket().longValue(); >- if (socketRef == 0) { >- return null; >- } > try { >- return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_CIPHER); >+ return socketWrapper.getSSLInfoS(SSL.SSL_INFO_CIPHER); > } catch (Exception e) { > throw new IOException(e); > } >@@ -58,15 +53,10 @@ > > @Override > public X509Certificate[] getPeerCertificateChain() throws IOException { >- long socketRef = socketWrapper.getSocket().longValue(); >- if (socketRef == 0) { >- return null; >- } >- > try { > // certLength == -1 indicates an error >- int certLength = SSLSocket.getInfoI(socketRef, SSL.SSL_INFO_CLIENT_CERT_CHAIN); >- byte[] clientCert = SSLSocket.getInfoB(socketRef, SSL.SSL_INFO_CLIENT_CERT); >+ int certLength = socketWrapper.getSSLInfoI(SSL.SSL_INFO_CLIENT_CERT_CHAIN); >+ byte[] clientCert = socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT); > X509Certificate[] certs = null; > if (clientCert != null && certLength > -1) { > certs = new X509Certificate[certLength + 1]; >@@ -78,7 +68,7 @@ > } > certs[0] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(clientCert)); > for (int i = 0; i < certLength; i++) { >- byte[] data = SSLSocket.getInfoB(socketRef, SSL.SSL_INFO_CLIENT_CERT_CHAIN + i); >+ byte[] data = socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT_CHAIN + i); > certs[i+1] = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(data)); > } > } >@@ -91,13 +81,8 @@ > > @Override > public Integer getKeySize() throws IOException { >- long socketRef = socketWrapper.getSocket().longValue(); >- if (socketRef == 0) { >- return null; >- } >- > try { >- return Integer.valueOf(SSLSocket.getInfoI(socketRef, SSL.SSL_INFO_CIPHER_USEKEYSIZE)); >+ return Integer.valueOf(socketWrapper.getSSLInfoI(SSL.SSL_INFO_CIPHER_USEKEYSIZE)); > } catch (Exception e) { > throw new IOException(e); > } >@@ -106,13 +91,8 @@ > > @Override > public String getSessionId() throws IOException { >- long socketRef = socketWrapper.getSocket().longValue(); >- if (socketRef == 0) { >- return null; >- } >- > try { >- return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_SESSION_ID); >+ return socketWrapper.getSSLInfoS(SSL.SSL_INFO_SESSION_ID); > } catch (Exception e) { > throw new IOException(e); > } >@@ -120,13 +100,8 @@ > > @Override > public String getProtocol() throws IOException { >- long socketRef = socketWrapper.getSocket().longValue(); >- if (socketRef == 0) { >- return null; >- } >- > try { >- return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_PROTOCOL); >+ return socketWrapper.getSSLInfoS(SSL.SSL_INFO_PROTOCOL); > } catch (Exception e) { > throw new IOException(e); > } >Index: java/org/apache/tomcat/util/net/AprEndpoint.java >=================================================================== >--- java/org/apache/tomcat/util/net/AprEndpoint.java (revision 1799591) >+++ java/org/apache/tomcat/util/net/AprEndpoint.java (working copy) >@@ -2761,5 +2761,44 @@ > public void setAppReadBufHandler(ApplicationBufferHandler handler) { > // no-op > } >+ >+ String getSSLInfoS(int id) { >+ synchronized (closedLock) { >+ if (closed) { >+ return null; >+ } >+ try { >+ return SSLSocket.getInfoS(getSocket().longValue(), id); >+ } catch (Exception e) { >+ throw new IllegalStateException(e); >+ } >+ } >+ } >+ >+ int getSSLInfoI(int id) { >+ synchronized (closedLock) { >+ if (closed) { >+ return 0; >+ } >+ try { >+ return SSLSocket.getInfoI(getSocket().longValue(), id); >+ } catch (Exception e) { >+ throw new IllegalStateException(e); >+ } >+ } >+ } >+ >+ byte[] getSSLInfoB(int id) { >+ synchronized (closedLock) { >+ if (closed) { >+ return null; >+ } >+ try { >+ return SSLSocket.getInfoB(getSocket().longValue(), id); >+ } catch (Exception e) { >+ throw new IllegalStateException(e); >+ } >+ } >+ } > } > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=35069">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 60461
:
34512
|
34790
|
35004
|
35051
|
35056
| 35069