Blame SOURCES/jakarta-commons-httpclient-CVE-2015-5262.patch
|
 |
02831b |
diff --git a/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java b/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
|
|
|
02831b |
index e6ce513..b7550a2 100644
|
|
|
02831b |
--- a/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
|
|
|
02831b |
+++ b/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
|
|
|
02831b |
@@ -152,7 +152,9 @@ public class SSLProtocolSocketFactory implements SecureProtocolSocketFactory {
|
|
|
02831b |
}
|
|
|
02831b |
int timeout = params.getConnectionTimeout();
|
|
|
02831b |
if (timeout == 0) {
|
|
|
02831b |
- Socket sslSocket = createSocket(host, port, localAddress, localPort);
|
|
|
02831b |
+ Socket sslSocket = SSLSocketFactory.getDefault().createSocket(
|
|
|
02831b |
+ host, port, localAddress, localPort);
|
|
|
02831b |
+ sslSocket.setSoTimeout(params.getSoTimeout());
|
|
|
02831b |
verifyHostName(host, (SSLSocket) sslSocket);
|
|
|
02831b |
return sslSocket;
|
|
|
02831b |
} else {
|
|
|
02831b |
@@ -163,6 +165,7 @@ public class SSLProtocolSocketFactory implements SecureProtocolSocketFactory {
|
|
|
02831b |
sslSocket = ControllerThreadSocketFactory.createSocket(
|
|
|
02831b |
this, host, port, localAddress, localPort, timeout);
|
|
|
02831b |
}
|
|
|
02831b |
+ sslSocket.setSoTimeout(params.getSoTimeout());
|
|
|
02831b |
verifyHostName(host, (SSLSocket) sslSocket);
|
|
|
02831b |
return sslSocket;
|
|
|
02831b |
}
|