Author: rjung Date: Wed Aug 9 18:35:58 2017 New Revision: 1804595 URL: http://svn.apache.org/viewvc?rev=1804595&view=rev Log: Fix an error not announcing the correct CA list for client certificates during a TLS handshake.
The result from loading the CA file was erroneously dismissed and instead the previous contents of ca_certs passed to SSL_CTX_set_client_CA_list(). Modified: tomcat/native/trunk/native/src/sslcontext.c tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Modified: tomcat/native/trunk/native/src/sslcontext.c URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslcontext.c?rev=1804595&r1=1804594&r2=1804595&view=diff ============================================================================== --- tomcat/native/trunk/native/src/sslcontext.c (original) +++ tomcat/native/trunk/native/src/sslcontext.c Wed Aug 9 18:35:58 2017 @@ -589,7 +589,7 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, c->ca_certs++; ca_certs = SSL_CTX_get_client_CA_list(c->ctx); if (ca_certs == NULL) { - SSL_load_client_CA_file(J2S(file)); + ca_certs = SSL_load_client_CA_file(J2S(file)); if (ca_certs != NULL) SSL_CTX_set_client_CA_list(c->ctx, ca_certs); } Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1804595&r1=1804594&r2=1804595&view=diff ============================================================================== --- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original) +++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Wed Aug 9 18:35:58 2017 @@ -36,6 +36,10 @@ </section> <section name="Changes in 1.2.13"> <changelog> + <fix> + Fix an error not announcing the correct CA list for client certificates + during TLS handshake. (rjung) + </fix> </changelog> </section> <section name="Changes in 1.2.12"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org