Author: costin
Date: Tue Nov 10 04:54:34 2009
New Revision: 834340
URL: http://svn.apache.org/viewvc?rev=834340&view=rev
Log:
Invalidate the session - so it can't be resumed.
Not sure what else we can do using this hook - we could switch to SSLEngine,
but that's pretty large change.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=834340&r1=834339&r2=834340&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Tue Nov 10 04:54:34 2009
@@ -178,6 +178,7 @@
if (completed) {
try {
log.warn("SSL renegotiation is disabled, closing
connection");
+ event.getSession().invalidate();
event.getSocket().close();
} catch (IOException e) {
// ignore
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
