Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Minor cleanup SecureRequestCustomizer (#5660) 

* For #5650 protect from bad SslSession

Better protection from a bad SslSession like seen in #5650

* review indicated that there is too much depth to defend.  So just a little cleanup in this PR.
This commit is contained in:
Greg Wilkins 2020-11-17 13:21:03 +01:00 committed by GitHub
parent 3c4e259dc2
commit 71087e53a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
jetty-server/src/main/java/org/eclipse/jetty/server/SecureRequestCustomizer.java
View File

@ -333,10 +333,11 @@ public class SecureRequestCustomizer implements HttpConfiguration.Customizer
try
{
_certs = getSslSessionData().getCerts();
SslSessionData sslSessionData = getSslSessionData();
_certs = sslSessionData.getCerts();
_cipherSuite = _session.getCipherSuite();
_keySize = getSslSessionData().getKeySize();
_sessionId = getSslSessionData().getIdStr();
_keySize = sslSessionData.getKeySize();
_sessionId = sslSessionData.getIdStr();
_sessionAttribute = getSslSessionAttribute();
}
catch (Exception e)