This is an automated email from the ASF dual-hosted git repository.
markt-asf pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/11.0.x by this push:
new a47811c754 PHA plumbing for Panama with JSSE based trust
a47811c754 is described below
commit a47811c7542b9054797d0fc48dcf208172df93a6
Author: Mark Thomas <[email protected]>
AuthorDate: Mon Jun 15 19:51:59 2026 +0100
PHA plumbing for Panama with JSSE based trust
---
.../org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 1 +
java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java | 8 ++++++++
2 files changed, 9 insertions(+)
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 349b6997d9..c27265ff24 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -816,6 +816,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
X509Certificate[] peerCerts = certificates(certificateChain);
try {
x509TrustManager.checkClientTrusted(peerCerts, authMethod);
+ OpenSSLEngine.markPostHandshakeAuthComplete(ssl);
return 1;
} catch (Exception e) {
if (log.isDebugEnabled()) {
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 3e7e9dbda0..34adadcafb 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -1444,6 +1444,14 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
+ static void markPostHandshakeAuthComplete(MemorySegment ssl) {
+ EngineState state = getState(ssl);
+ if (state != null) {
+ state.phaState = PHAState.COMPLETE;
+ }
+ }
+
+
private class OpenSSLSession implements SSLSession {
// lazy init for memory reasons
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
