This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 1.3.x
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/1.3.x by this push:
new f7543f9d8 Fix BZ 69988 post handshake authentication when using JSSE
style trust
f7543f9d8 is described below
commit f7543f9d8f93cf45ad6aa8731b8b74606816a10f
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jun 11 16:29:51 2026 +0100
Fix BZ 69988 post handshake authentication when using JSSE style trust
---
native/src/ssl.c | 25 +++++++++++++++++++++++++
xdocs/miscellaneous/changelog.xml | 4 ++++
2 files changed, 29 insertions(+)
diff --git a/native/src/ssl.c b/native/src/ssl.c
index 4faae7f55..9d1e6aa09 100644
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1390,6 +1390,25 @@ TCN_IMPLEMENT_CALL(jint, SSL,
getPostHandshakeAuthInProgress)(TCN_STDARGS,
/*** End Twitter API Additions ***/
+TCN_IMPLEMENT_CALL(void, SSL, markPostHandshakeAuthComplete)(TCN_STDARGS,
+ jlong ssl /* SSL
* */) {
+#if defined(SSL_OP_NO_TLSv1_3)
+ SSL *ssl_ = J2P(ssl, SSL *);
+ tcn_ssl_conn_t *con;
+
+ if (ssl_ == NULL) {
+ tcn_ThrowException(e, "ssl is null");
+ return;
+ }
+
+ UNREFERENCED(o);
+
+ con = (tcn_ssl_conn_t *)SSL_get_app_data(ssl_);
+
+ con->pha_state = PHA_COMPLETE;
+#endif
+}
+
/*** Apple API Additions ***/
TCN_IMPLEMENT_CALL(jstring, SSL, getAlpnSelected)(TCN_STDARGS,
@@ -2084,6 +2103,12 @@ TCN_IMPLEMENT_CALL(jint, SSL,
getPostHandshakeAuthInProgress)(TCN_STDARGS, jlong
/*** End Twitter 1:1 API addition ***/
+TCN_IMPLEMENT_CALL(jint, SSL, markPostHandshakeAuthComplete)(TCN_STDARGS,
jlong ssl) {
+ UNREFERENCED(o);
+ UNREFERENCED(ssl);
+ tcn_ThrowException(e, "Not implemented");
+}
+
/*** Begin Apple 1:1 API addition ***/
TCN_IMPLEMENT_CALL(jstring, SSL, getAlpnSelected)(TCN_STDARGS, jlong ssl) {
diff --git a/xdocs/miscellaneous/changelog.xml
b/xdocs/miscellaneous/changelog.xml
index f98c311c8..44cf7df40 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -41,6 +41,10 @@
Fix two potential memory leaks on error paths identified by Copilot.
(markt)
</fix>
+ <fix>
+ <bug>69988</bug>: Fix post handshake authentication when Tomcat is
+ configured with a trust store using JSSE style configuration. (markt)
+ </fix>
<fix>
<bug>70102</bug>: Correct expected size of tickets when calling
<code>SSLContext.setSessionTicketKeys</code>. (markt)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
