rpms / tomcat

Clone
Source Code
GIT

Files

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c7-beta
  2.   SOURCES
  3.   tomcat-7.0.76-CVE-2018-8034.patch
Blob Blame History Raw 
commit 2c522795166c930741a9cecca76797bf48cb1634
Author: Mark Thomas <markt@apache.org>
Date:   Mon Jun 18 19:45:13 2018 +0000

    Enable host name verification for secure WebSocket client connections by default.
    
    git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1833760 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/java/org/apache/tomcat/websocket/WsWebSocketContainer.java b/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
index ac5122a89c..b526022958 100644
--- java/org/apache/tomcat/websocket/WsWebSocketContainer.java
+++ java/org/apache/tomcat/websocket/WsWebSocketContainer.java
@@ -53,6 +53,7 @@ import java.util.concurrent.TimeoutException;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLParameters;
 import javax.net.ssl.TrustManagerFactory;
 import javax.websocket.ClientEndpoint;
 import javax.websocket.ClientEndpointConfig;
@@ -363,7 +364,7 @@ public class WsWebSocketContainer
             // proxy CONNECT, need to use TLS from this point on so wrap the
             // original AsynchronousSocketChannel
             SSLEngine sslEngine = createSSLEngine(
-                    clientEndpointConfiguration.getUserProperties());
+                    clientEndpointConfiguration.getUserProperties(), host, port);
             channel = new AsyncChannelWrapperSecure(socketChannel, sslEngine);
         } else if (channel == null) {
             // Only need to wrap as this point if it wasn't wrapped to process a
@@ -931,7 +932,7 @@ public class WsWebSocketContainer
     }
 
 
-    private SSLEngine createSSLEngine(Map<String,Object> userProperties)
+    private SSLEngine createSSLEngine(Map<String,Object> userProperties, String host, int port)
             throws DeploymentException {
 
         try {
@@ -979,7 +980,7 @@ public class WsWebSocketContainer
                 }
             }
 
-            SSLEngine engine = sslContext.createSSLEngine();
+            SSLEngine engine = sslContext.createSSLEngine(host, port);
 
             String sslProtocolsValue =
                     (String) userProperties.get(SSL_PROTOCOLS_PROPERTY);
@@ -989,6 +990,14 @@ public class WsWebSocketContainer
 
             engine.setUseClientMode(true);
 
+            // Enable host verification
+            // Start with current settings (returns a copy)
+            SSLParameters sslParams = engine.getSSLParameters();
+            // Use HTTPS since WebSocket starts over HTTP(S)
+            sslParams.setEndpointIdentificationAlgorithm("HTTPS");
+            // Write the parameters back
+            engine.setSSLParameters(sslParams);
+
             return engine;
         } catch (Exception e) {
             throw new DeploymentException(sm.getString(
diff -up webapps/docs/changelog.xml.orig webapps/docs/changelog.xml
--- webapps/docs/changelog.xml.orig	2019-03-01 09:38:54.202817893 -0500
+++ webapps/docs/changelog.xml	2019-03-01 09:39:29.413704569 -0500
@@ -84,6 +84,14 @@
       </fix>
     </changelog>
   </subsection>
+  <subsection name="WebSocket">
+    <changelog>
+      <fix>
+        Enable host name verification when using TLS with the WebSocket client.
+        (markt)
+      </fix>
+    </changelog>
+  </subsection>
 </section>
 <section name="Tomcat 7.0.76-8 (csutherl)">
   <subsection name="Catalina">
diff -up webapps/docs/web-socket-howto.xml.orig webapps/docs/web-socket-howto.xml
--- webapps/docs/web-socket-howto.xml.orig	2019-03-01 12:46:34.515904379 -0500
+++ webapps/docs/web-socket-howto.xml	2019-03-01 12:51:00.900175575 -0500
@@ -148,10 +148,21 @@ implement its own timeout mechanism to h
      <li><code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code></li>
    </ul>
    <p>The default truststore password is <code>changeit</code>.</p>
-   <p>If the <code>org.apache.tomcat.websocket.SSL_CONTEXT</code> property is
-      set then the <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code> and
-      <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code> properties
-      will be ignored.</p>
+
+<p>If the <code>org.apache.tomcat.websocket.SSL_CONTEXT</code> property is
+   set then the <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code> and
+   <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code> properties
+   will be ignored.</p>
+
+<p>For secure server end points, host name verification is enabled by default.
+   To bypass this verification (not recommended), it is necessary to provide a
+   custom <code>SSLContext</code> via the
+   <code>org.apache.tomcat.websocket.SSL_CONTEXT</code> user property. The
+   custom <code>SSLContext</code> must be configured with a custom
+   <code>TrustManager</code> that extends
+   <code>javax.net.ssl.X509ExtendedTrustManager</code>. The desired verification
+   (or lack of verification) can then be controlled by appropriate
+   implementations of the individual abstract methods.</p>
 </section>
 
 <section name="Deprecated proprietary API">

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation