rpms/tomcat9
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c10
tomcat9/rhel-158962.patch
AlmaLinux RelEng Bot b7d933898b import CS tomcat9-9.0.110-3.el10
2026-05-19 15:15:27 -04:00

47 lines
2.1 KiB
Diff
Raw Permalink Blame History

From 93fc51176bbcf643a46cc271b85ff49cbb01f1a6 Mon Sep 17 00:00:00 2001
From: remm <remm@apache.org>
Date: Wed, 3 Dec 2025 21:22:54 +0100
Subject: [PATCH] Avoid possible NPEs when using a TLS enabled custom connector
---
.../org/apache/tomcat/util/net/AbstractJsseEndpoint.java | 9 +++++++++
webapps/docs/changelog.xml | 7 +++++++
2 files changed, 16 insertions(+)
diff --git a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
index 1d639176eb17..9a4b8fa37fb5 100644
--- a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
@@ -127,8 +127,17 @@ protected void createSSLContext(SSLHostConfig sslHostConfig) throws IllegalArgum
protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers,
List<String> clientRequestedApplicationProtocols) {
List<String> clientRequestedProtocols = clientRequestedProtocolsThreadLocal.get();
+ if (clientRequestedProtocols == null) {
+ clientRequestedProtocols = new ArrayList<String>();
+ }
List<Group> clientSupportedGroups = clientSupportedGroupsThreadLocal.get();
+ if (clientSupportedGroups == null) {
+ clientSupportedGroups = new ArrayList<Group>();
+ }
List<SignatureScheme> clientSignatureSchemes = clientSignatureSchemesThreadLocal.get();
+ if (clientSignatureSchemes == null) {
+ clientSignatureSchemes = new ArrayList<SignatureScheme>();
+ }
SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName);
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 9ef3d9b04912..03be8d1358ae 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -155,6 +155,9 @@
Store HTTP request headers using the original case for the header name
rather than forcing it to lower case. (markt)
</fix>
+ <fix>
+ Avoid possible NPEs when using a TLS enabled custom connector. (remm)
+ </fix>
</changelog>
</subsection>
<subsection name="Cluster">
Reference in New Issue View Git Blame Copy Permalink