Author: markt Date: Fri Jan 13 14:42:01 2017 New Revision: 1778603 URL: http://svn.apache.org/viewvc?rev=1778603&view=rev Log: Adding ALPN support for JSSE with Java 9 Add some plumbing to exposed the client requested application protocols to the method that configures the SSLEngine
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1778603&r1=1778602&r2=1778603&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java Fri Jan 13 14:42:01 2017 @@ -137,7 +137,8 @@ public abstract class AbstractJsseEndpoi } - protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers) { + protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers, + List<String> clientRequestedApplicationProtocols) { SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName); SSLHostConfigCertificate certificate = selectCertificate(sslHostConfig, clientRequestedCiphers); Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java?rev=1778603&r1=1778602&r2=1778603&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNio2Channel.java Fri Jan 13 14:42:01 2017 @@ -353,9 +353,12 @@ public class SecureNio2Channel extends N String hostName = null; List<Cipher> clientRequestedCiphers = null; + List<String> clientRequestedApplicationProtocols = null; switch (extractor.getResult()) { case COMPLETE: hostName = extractor.getSNIValue(); + clientRequestedApplicationProtocols = + extractor.getClientRequestedApplicationProtocols(); //$FALL-THROUGH$ to set the client requested ciphers case NOT_PRESENT: clientRequestedCiphers = extractor.getClientRequestedCiphers(); @@ -377,7 +380,8 @@ public class SecureNio2Channel extends N log.debug(sm.getString("channel.nio.ssl.sniHostName", hostName)); } - sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers); + sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers, + clientRequestedApplicationProtocols); // Ensure the application buffers (which have to be created earlier) are // big enough. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java?rev=1778603&r1=1778602&r2=1778603&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/SecureNioChannel.java Fri Jan 13 14:42:01 2017 @@ -290,9 +290,12 @@ public class SecureNioChannel extends Ni String hostName = null; List<Cipher> clientRequestedCiphers = null; + List<String> clientRequestedApplicationProtocols = null; switch (extractor.getResult()) { case COMPLETE: hostName = extractor.getSNIValue(); + clientRequestedApplicationProtocols = + extractor.getClientRequestedApplicationProtocols(); //$FALL-THROUGH$ to set the client requested ciphers case NOT_PRESENT: clientRequestedCiphers = extractor.getClientRequestedCiphers(); @@ -313,7 +316,8 @@ public class SecureNioChannel extends Ni log.debug(sm.getString("channel.nio.ssl.sniHostName", hostName)); } - sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers); + sslEngine = endpoint.createSSLEngine(hostName, clientRequestedCiphers, + clientRequestedApplicationProtocols); // Ensure the application buffers (which have to be created earlier) are // big enough. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org