svn commit: r1788741 - in /tomcat/trunk: java/org/apache/catalina/connector/CoyoteAdapter.java webapps/docs/changelog.xml

Sun, 26 Mar 2017 09:21:21 -0700 

Author: violetagg
Date: Sun Mar 26 16:21:03 2017
New Revision: 1788741

URL: http://svn.apache.org/viewvc?rev=1788741&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=60911
Ensure NPE will not be thrown when looking for SSL session ID. Based on a pacth 
by Didier Gutacker.

Modified:
    tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java?rev=1788741&r1=1788740&r2=1788741&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java 
(original)
+++ tomcat/trunk/java/org/apache/catalina/connector/CoyoteAdapter.java Sun Mar 
26 16:21:03 2017
@@ -980,9 +980,11 @@ public class CoyoteAdapter implements Ad
                 SSL_ONLY.equals(request.getServletContext()
                         .getEffectiveSessionTrackingModes()) &&
                         request.connector.secure) {
-            request.setRequestedSessionId(
-                    
request.getAttribute(SSLSupport.SESSION_ID_KEY).toString());
-            request.setRequestedSessionSSL(true);
+            String sessionId = (String) 
request.getAttribute(SSLSupport.SESSION_ID_KEY);
+            if (sessionId != null) {
+                request.setRequestedSessionId(sessionId.toString());
+                request.setRequestedSessionSSL(true);
+            }
         }
     }
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1788741&r1=1788740&r2=1788741&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Sun Mar 26 16:21:03 2017
@@ -93,6 +93,10 @@
         single utility class and update the code to use the new utility class.
         (markt)
       </scode>
+      <fix>
+        <bug>60911</bug>: Ensure NPE will not be thrown when looking for SSL
+        session ID. Based on a pacth by Didier Gutacker. (violetagg)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to