Author: rjung
Date: Wed Aug 9 18:35:58 2017
New Revision: 1804595
URL: http://svn.apache.org/viewvc?rev=1804595&view=rev
Log:
Fix an error not announcing the correct CA list
for client certificates during a TLS handshake.
The result from loading the CA file was erroneously
dismissed and instead the previous contents of
ca_certs passed to SSL_CTX_set_client_CA_list().
Modified:
tomcat/native/trunk/native/src/sslcontext.c
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
Modified: tomcat/native/trunk/native/src/sslcontext.c
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1804595&r1=1804594&r2=1804595&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslcontext.c (original)
+++ tomcat/native/trunk/native/src/sslcontext.c Wed Aug 9 18:35:58 2017
@@ -589,7 +589,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext,
c->ca_certs++;
ca_certs = SSL_CTX_get_client_CA_list(c->ctx);
if (ca_certs == NULL) {
- SSL_load_client_CA_file(J2S(file));
+ ca_certs = SSL_load_client_CA_file(J2S(file));
if (ca_certs != NULL)
SSL_CTX_set_client_CA_list(c->ctx, ca_certs);
}
Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1804595&r1=1804594&r2=1804595&view=diff
==============================================================================
--- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Wed Aug 9 18:35:58
2017
@@ -36,6 +36,10 @@
</section>
<section name="Changes in 1.2.13">
<changelog>
+ <fix>
+ Fix an error not announcing the correct CA list for client certificates
+ during TLS handshake. (rjung)
+ </fix>
</changelog>
</section>
<section name="Changes in 1.2.12">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
