Author: rjung
Date: Sat Sep  2 20:33:06 2017
New Revision: 1807094

URL: http://svn.apache.org/viewvc?rev=1807094&view=rev
Log:
When using a Java connector in combination with
the OpenSSL TLS implementation, do not configure
each SSL connection object via the OpenSSLEngine.
For OpenSSL the SSL object inherits its settings
from the SSL_CTX which we have already configured.

Some attributes of the SSL connection actually
can change dynamically after initialization,
especially the auth mode during renegotiation.

Move changelog item from Catalina to Coyote.

Backport of r1805525, r1806356 and r1807093
from trunk.

Modified:
    tomcat/tc8.5.x/trunk/   (props changed)
    
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
    
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
    tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc8.5.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Sep  2 20:33:06 2017
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747
 
536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1
 
756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
 
8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,1763450,1763462,1763505,1763511-1763512,1763516,1763518,1763520,1763529,1763559,1763565,1763568,1763574,1763619,1763634-1763635,1763718,1763786,1763798-1763799,1763810,1763813,1763815,1763819,1763831,1764083,1764425,1764646,1764648-1764649,1764659,1764663,1764682,1764862,1764866-1764867,1764870,1764897,1765133,1765299,1765358,1765439,1765447,1765495,1765502,1765569-1765571,1765579,1765582,1765589-1765590,1765794,1765801,1765813,1765815,1766276,1766514,1766533,1766535,1766664,1766675,1766698,1766700,1766822,1766834,1766840,1767047,1767328,1767362,1767368,1767429,1767471,1767505,1767641-1767644,1767903,1767945-1767946,1768123,1768283,1768520,1768569,176
 
8651,1768762,1768922,1769191,1769263,1769630,1769833,1769975,1770047,1770140,1770180,1770258,1770389,1770656,1770666,1770718,1770762,1770952,1770954,1770956,1770961,1771087,1771126,1771139,1771143,1771149,1771156,1771266,1771316,1771386,1771611,1771613,1771711,1771718,1771723-1771724,1771730,1771743,1771752,1771853,1771963,1772170,1772174,1772223,1772229,1772318-1772319,1772353,1772355,1772554,1772603-1772609,1772849,1772865,1772870,1772872,1772875-1772876,1772881,1772886,1772947,1773306,1773344,1773418,1773756,1773813-1773814,1774052,1774102,1774131,1774161,1774164,1774248,1774253,1774257,1774259,1774262,1774267,1774271,1774303,1774340,1774406,1774412,1774426,1774433,1774522-1774523,1774526,1774528-1774529,1774531,1774732-1774736,1774738-1774739,1774741-1774742,1774749,1774755,1774789,1774858,1774867,1775596,1775985-1775986,1776540,1776937,1776954,1777011,1777173,1777189,1777211,1777524,1777546,1777605,1777619,1777647,1777721-1777722,1777967,1778061,1778138-1778139,1778141-1778150,
 
1778154,1778275-1778276,1778295,1778342,1778348,1778404,1778424,1778426,1778582,1778600,1779641,1779654,1779708,1779718,1779897,1779899,1780109,1780120,1780189,1780196,1780488,1780514-1780516,1780601,1780606,1780609-1780610,1780652,1780991,1780995-1780996,1781174,1781569,1781975,1781986,1782116,1782383-1782384,1782566,1782572,1782775,1782779,1782814,1782857,1782868,1782934,1782946-1782947,1782956,1783144-1783147,1783155,1783408,1784182,1784565,1784583,1784657,1784669,1784712,1784723,1784751,1784767,1784806,1784818,1784911,1784926,1784956,1784963,1785032,1785037,1785245,1785271,1785310,1785317,1785643,1785667,1785762,1785774,1785823,1785935,1786051,1786070,1786123-1786124,1786127,1786129,1786341,1786378,1786844,1787200,1787250,1787405,1787701,1787703,1787938,1787959,1787973,1788223-1788224,1788228,1788232,1788241-1788242,1788248,1788323,1788328,1788455,1788460,1788473,1788543-1788544,1788548,1788550,1788554,1788558,1788560,1788567,1788569,1788572,1788647,1788732,1788741,1788747,17887
 
53,1788764,1788771,1788834,1788841,1788852,1788860,1788883,1788890,1789051,1789400,1789415,1789442-1789443,1789447,1789453,1789456,1789458,1789461-1789463,1789465-1789467,1789470,1789472,1789474,1789476,1789479-1789480,1789733,1789735,1789744-1789745,1789937,1789984,1790119,1790180,1790183,1790376,1790614,1790983,1790991,1791050,1791090,1791095-1791096,1791099,1791101-1791103,1791124,1791129,1791134,1791137,1791298,1791527,1791557,1791970,1792033,1792038,1792055,1792093,1792140,1792460,1792468,1792791,1792957,1793095,1793121,1793123,1793127,1793136,1793139,1793147-1793148,1793266,1793437,1793449,1793460,1793468,1793487,1793498,1793502,1793514,1793682-1793683,1793711-1793712,1793719,1793736,1793746,1793771,1793776,1793798,1793802,1793812,1793819,1793844,1793854,1793887,1793891,1793898,1793901-1793902,1793907,1793910,1793980,1794674,1794941-1794942,1795278,1795289,1795298,1795305,1795813,1795893,1796090,1796275,1796693-1796695,1796729,1796806,1796836,1796873,1796878,1797197,1797338,17
 
97344,1797354-1797355,1797516,1797528,1797532,1797536,1797540,1797543,1797677-1797678,1797692,1797694,1797748,1797828,1798126,1798238,1798280,1798371,1798379,1798384,1798390,1798395,1798419,1798505,1798507,1798509,1798533,1798546,1798561,1798977,1799115,1799126,1799164,1799190,1799194,1799216,1799231,1799250,1799253,1799285,1799368,1799412,1799515,1799701-1799702,1799704,1799709,1799885,1799893,1799895,1799916,1800136-1800138,1800202,1800309,1800390,1800629,1800791,1800816,1800850,1800864,1800867,1800874,1800885,1800981,1800984,1800988,1800992,1801195,1801686,1801688,1801709,1801717,1801774,1801778,1802083,1802195,1802204-1802205,1802210,1802225-1802226,1802229,1802403,1802475,1802788,1802796,1802803,1802820,1802828,1802833,1802836,1803030,1803038,1803055,1803135,1803165,1803174,1803193,1803205,1803224,1803278,1803281,1803295,1803297,1803446,1803451,1803456,1803459,1803616,1803636,1803828,1803901,1803972,1804040,1804094,1804306,1804461-1804463,1804501,1804506-1804507,1804754,1804813
 
,1804888,1804890,1804906,1805523-1805524,1805613,1805637,1805645,1805652,1805726,1805752,1805782,1805826,1806307,1806445,1806736,1806794,1806798,1806801,1806807,1806873,1806966
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501
 
,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747
 
536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1
 
756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
 
8,1762172,1762182,1762201-1762202,1762204,1762208,1762288,1762296,1762324,1762348,1762353,1762362,1762374,1762492,1762503,1762505,1762541,1762608,1762710,1762753,1762766,1762769,1762944,1762947,1762953,1763167,1763179,1763232,1763259,1763271-1763272,1763276-1763277,1763319-1763320,1763370,1763372,1763375,1763377,1763393,1763412,1763430,1763450,1763462,1763505,1763511-1763512,1763516,1763518,1763520,1763529,1763559,1763565,1763568,1763574,1763619,1763634-1763635,1763718,1763786,1763798-1763799,1763810,1763813,1763815,1763819,1763831,1764083,1764425,1764646,1764648-1764649,1764659,1764663,1764682,1764862,1764866-1764867,1764870,1764897,1765133,1765299,1765358,1765439,1765447,1765495,1765502,1765569-1765571,1765579,1765582,1765589-1765590,1765794,1765801,1765813,1765815,1766276,1766514,1766533,1766535,1766664,1766675,1766698,1766700,1766822,1766834,1766840,1767047,1767328,1767362,1767368,1767429,1767471,1767505,1767641-1767644,1767903,1767945-1767946,1768123,1768283,1768520,1768569,176
 
8651,1768762,1768922,1769191,1769263,1769630,1769833,1769975,1770047,1770140,1770180,1770258,1770389,1770656,1770666,1770718,1770762,1770952,1770954,1770956,1770961,1771087,1771126,1771139,1771143,1771149,1771156,1771266,1771316,1771386,1771611,1771613,1771711,1771718,1771723-1771724,1771730,1771743,1771752,1771853,1771963,1772170,1772174,1772223,1772229,1772318-1772319,1772353,1772355,1772554,1772603-1772609,1772849,1772865,1772870,1772872,1772875-1772876,1772881,1772886,1772947,1773306,1773344,1773418,1773756,1773813-1773814,1774052,1774102,1774131,1774161,1774164,1774248,1774253,1774257,1774259,1774262,1774267,1774271,1774303,1774340,1774406,1774412,1774426,1774433,1774522-1774523,1774526,1774528-1774529,1774531,1774732-1774736,1774738-1774739,1774741-1774742,1774749,1774755,1774789,1774858,1774867,1775596,1775985-1775986,1776540,1776937,1776954,1777011,1777173,1777189,1777211,1777524,1777546,1777605,1777619,1777647,1777721-1777722,1777967,1778061,1778138-1778139,1778141-1778150,
 
1778154,1778275-1778276,1778295,1778342,1778348,1778404,1778424,1778426,1778582,1778600,1779641,1779654,1779708,1779718,1779897,1779899,1780109,1780120,1780189,1780196,1780488,1780514-1780516,1780601,1780606,1780609-1780610,1780652,1780991,1780995-1780996,1781174,1781569,1781975,1781986,1782116,1782383-1782384,1782566,1782572,1782775,1782779,1782814,1782857,1782868,1782934,1782946-1782947,1782956,1783144-1783147,1783155,1783408,1784182,1784565,1784583,1784657,1784669,1784712,1784723,1784751,1784767,1784806,1784818,1784911,1784926,1784956,1784963,1785032,1785037,1785245,1785271,1785310,1785317,1785643,1785667,1785762,1785774,1785823,1785935,1786051,1786070,1786123-1786124,1786127,1786129,1786341,1786378,1786844,1787200,1787250,1787405,1787701,1787703,1787938,1787959,1787973,1788223-1788224,1788228,1788232,1788241-1788242,1788248,1788323,1788328,1788455,1788460,1788473,1788543-1788544,1788548,1788550,1788554,1788558,1788560,1788567,1788569,1788572,1788647,1788732,1788741,1788747,17887
 
53,1788764,1788771,1788834,1788841,1788852,1788860,1788883,1788890,1789051,1789400,1789415,1789442-1789443,1789447,1789453,1789456,1789458,1789461-1789463,1789465-1789467,1789470,1789472,1789474,1789476,1789479-1789480,1789733,1789735,1789744-1789745,1789937,1789984,1790119,1790180,1790183,1790376,1790614,1790983,1790991,1791050,1791090,1791095-1791096,1791099,1791101-1791103,1791124,1791129,1791134,1791137,1791298,1791527,1791557,1791970,1792033,1792038,1792055,1792093,1792140,1792460,1792468,1792791,1792957,1793095,1793121,1793123,1793127,1793136,1793139,1793147-1793148,1793266,1793437,1793449,1793460,1793468,1793487,1793498,1793502,1793514,1793682-1793683,1793711-1793712,1793719,1793736,1793746,1793771,1793776,1793798,1793802,1793812,1793819,1793844,1793854,1793887,1793891,1793898,1793901-1793902,1793907,1793910,1793980,1794674,1794941-1794942,1795278,1795289,1795298,1795305,1795813,1795893,1796090,1796275,1796693-1796695,1796729,1796806,1796836,1796873,1796878,1797197,1797338,17
 
97344,1797354-1797355,1797516,1797528,1797532,1797536,1797540,1797543,1797677-1797678,1797692,1797694,1797748,1797828,1798126,1798238,1798280,1798371,1798379,1798384,1798390,1798395,1798419,1798505,1798507,1798509,1798533,1798546,1798561,1798977,1799115,1799126,1799164,1799190,1799194,1799216,1799231,1799250,1799253,1799285,1799368,1799412,1799515,1799701-1799702,1799704,1799709,1799885,1799893,1799895,1799916,1800136-1800138,1800202,1800309,1800390,1800629,1800791,1800816,1800850,1800864,1800867,1800874,1800885,1800981,1800984,1800988,1800992,1801195,1801686,1801688,1801709,1801717,1801774,1801778,1802083,1802195,1802204-1802205,1802210,1802225-1802226,1802229,1802403,1802475,1802788,1802796,1802803,1802820,1802828,1802833,1802836,1803030,1803038,1803055,1803135,1803165,1803174,1803193,1803205,1803224,1803278,1803281,1803295,1803297,1803446,1803451,1803456,1803459,1803616,1803636,1803828,1803901,1803972,1804040,1804094,1804306,1804461-1804463,1804501,1804506-1804507,1804754,1804813
 
,1804888,1804890,1804906,1805523-1805525,1805613,1805637,1805645,1805652,1805726,1805752,1805782,1805826,1806307,1806356,1806445,1806736,1806794,1806798,1806801,1806807,1806873,1806966,1807093

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java?rev=1807094&r1=1807093&r2=1807094&view=diff
==============================================================================
--- 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
 (original)
+++ 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
 Sat Sep  2 20:33:06 2017
@@ -409,7 +409,7 @@ public class OpenSSLContext implements o
     @Override
     public SSLEngine createSSLEngine() {
         return new OpenSSLEngine(ctx, defaultProtocol, false, sessionContext,
-                (negotiableProtocols != null && negotiableProtocols.size() > 
0));
+                (negotiableProtocols != null && negotiableProtocols.size() > 
0), initialized);
     }
 
     @Override

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java?rev=1807094&r1=1807093&r2=1807094&view=diff
==============================================================================
--- 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java 
(original)
+++ 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java 
Sat Sep  2 20:33:06 2017
@@ -164,6 +164,7 @@ public final class OpenSSLEngine extends
     private final String fallbackApplicationProtocol;
     private final OpenSSLSessionContext sessionContext;
     private final boolean alpn;
+    private final boolean initialized;
 
     private String selectedProtocol = null;
 
@@ -173,15 +174,38 @@ public final class OpenSSLEngine extends
      * Creates a new instance
      *
      * @param sslCtx an OpenSSL {@code SSL_CTX} object
-     * @param alloc the {@link ByteBufAllocator} that will be used by this
-     * engine
+     * @param fallbackApplicationProtocol the fallback application protocol
      * @param clientMode {@code true} if this is used for clients, {@code 
false}
      * otherwise
      * @param sessionContext the {@link OpenSslSessionContext} this
      * {@link SSLEngine} belongs to.
+     * @param alpn {@code true} if alpn should be used, {@code false}
+     * otherwise
+     */
+    OpenSSLEngine(long sslCtx, String fallbackApplicationProtocol,
+            boolean clientMode, OpenSSLSessionContext sessionContext,
+            boolean alpn) {
+        this(sslCtx, fallbackApplicationProtocol, clientMode, sessionContext,
+             alpn, false);
+    }
+
+    /**
+     * Creates a new instance
+     *
+     * @param sslCtx an OpenSSL {@code SSL_CTX} object
+     * @param fallbackApplicationProtocol the fallback application protocol
+     * @param clientMode {@code true} if this is used for clients, {@code 
false}
+     * otherwise
+     * @param sessionContext the {@link OpenSslSessionContext} this
+     * {@link SSLEngine} belongs to.
+     * @param alpn {@code true} if alpn should be used, {@code false}
+     * otherwise
+     * @param initialized {@code true} if this instance gets its protocol,
+     * cipher and client verification from the {@code SSL_CTX} {@code sslCtx}
      */
     OpenSSLEngine(long sslCtx, String fallbackApplicationProtocol,
-            boolean clientMode, OpenSSLSessionContext sessionContext, boolean 
alpn) {
+            boolean clientMode, OpenSSLSessionContext sessionContext, boolean 
alpn,
+            boolean initialized) {
         if (sslCtx == 0) {
             throw new 
IllegalArgumentException(sm.getString("engine.noSSLContext"));
         }
@@ -194,6 +218,7 @@ public final class OpenSSLEngine extends
         this.clientMode = clientMode;
         this.sessionContext = sessionContext;
         this.alpn = alpn;
+        this.initialized = initialized;
     }
 
     @Override
@@ -697,6 +722,9 @@ public final class OpenSSLEngine extends
 
     @Override
     public synchronized void setEnabledCipherSuites(String[] cipherSuites) {
+        if (initialized) {
+            return;
+        }
         if (cipherSuites == null) {
             throw new 
IllegalArgumentException(sm.getString("engine.nullCipherSuite"));
         }
@@ -772,6 +800,9 @@ public final class OpenSSLEngine extends
 
     @Override
     public synchronized void setEnabledProtocols(String[] protocols) {
+        if (initialized) {
+            return;
+        }
         if (protocols == null) {
             // This is correct from the API docs
             throw new IllegalArgumentException();

Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1807094&r1=1807093&r2=1807094&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Sat Sep  2 20:33:06 2017
@@ -68,6 +68,13 @@
   <subsection name="Coyote">
     <changelog>
       <fix>
+        When using a Java connector in combination with the OpenSSL TLS
+        implementation, do not configure each SSL connection object via
+        the OpenSSLEngine. For OpenSSL the SSL object inherits its
+        settings from the SSL_CTX which we have already configured.
+        (rjung)
+      </fix>
+      <fix>
         If an invalid option is specified for the
         <code>certificateVerification</code> attribute of an
         <code>SSLHostConfig</code> element, treat it as <code>required</code>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to