From 342984c6cd0419dec50f2c7254b6a40ac85815a4 Mon Sep 17 00:00:00 2001 From: markt Date: Fri, 23 Sep 2011 16:58:50 +0000 Subject: [PATCH] Fix SSL + BIO + Java 7 The implementation of InputStream.read(byte[0]) has changed so it always returns zero without checking for EOF. This broke the old way of doing things. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1174884 13f79535-47bb-0310-9956-ffa450edef68 --- java/org/apache/tomcat/util/net/jsse/JSSESupport.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java index 6d9edbdad..f0fcfd9c3 100644 --- a/java/org/apache/tomcat/util/net/jsse/JSSESupport.java +++ b/java/org/apache/tomcat/util/net/jsse/JSSESupport.java @@ -175,7 +175,7 @@ class JSSESupport implements SSLSupport, SSLSessionManager { InputStream in = ssl.getInputStream(); int oldTimeout = ssl.getSoTimeout(); ssl.setSoTimeout(1000); - byte[] b = new byte[0]; + byte[] b = new byte[1]; listener.reset(); ssl.startHandshake(); int maxTries = 60; // 60 * 1000 = example 1 minute time out @@ -183,7 +183,14 @@ class JSSESupport implements SSLSupport, SSLSessionManager { if (log.isTraceEnabled()) log.trace("Reading for try #" + i); try { - in.read(b); + int read = in.read(b); + if (read > 0) { + // Shouldn't happen as all input should have been swallowed + // before trying to do the handshake. If it does, something + // went wrong so lets bomb out now. + throw new SSLException( + sm.getString("jsseSupport.unexpectedData")); + } } catch(SSLException sslex) { log.info(sm.getString("jsseSupport.clientCertError"), sslex); throw sslex; -- 2.11.0