luehe 2003/11/18 17:19:44
Modified: util/java/org/apache/tomcat/util/net/jsse
JSSE14SocketFactory.java
Log:
Throw exception if keyAlias does not identify key entry in connector's
key store, to prevent infinite loop on
org.apache.tomcat.util.net.PoolTcpEndpoint acceptSocket
Revision Changes Path
1.17 +11 -2
jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java
Index: JSSE14SocketFactory.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/jsse/JSSE14SocketFactory.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- JSSE14SocketFactory.java 11 Oct 2003 04:24:30 -0000 1.16
+++ JSSE14SocketFactory.java 19 Nov 2003 01:19:44 -0000 1.17
@@ -72,6 +72,8 @@
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
+import org.apache.tomcat.util.res.StringManager;
+
/*
1. Make the JSSE's jars available, either as an installed
extension (copy them into jre/lib/ext) or by adding
@@ -92,6 +94,9 @@
*/
public class JSSE14SocketFactory extends JSSESocketFactory {
+ private static StringManager sm =
+ StringManager.getManager("org.apache.tomcat.util.net.jsse.res");
+
public JSSE14SocketFactory () {
super();
}
@@ -165,8 +170,12 @@
String keystorePass = getKeystorePassword();
KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);
- kmf.init(getKeystore(keystoreType, keystorePass),
- keystorePass.toCharArray());
+ KeyStore ks = getKeystore(keystoreType, keystorePass);
+ if (!ks.isKeyEntry(keyAlias)) {
+ throw new Exception(sm.getString("jsse.alias_no_key_entry", keyAlias));
+ }
+
+ kmf.init(ks, keystorePass.toCharArray());
kms = kmf.getKeyManagers();
if (keyAlias != null) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
