You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2022/10/26 13:57:59 UTC
[tomcat] branch main updated: Fix OpenSSL 3 exception on shutdown
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new a77cff9e52 Fix OpenSSL 3 exception on shutdown
a77cff9e52 is described below
commit a77cff9e528f3317db18b00ec390021ec02a9278
Author: remm <re...@apache.org>
AuthorDate: Wed Oct 26 15:57:37 2022 +0200
Fix OpenSSL 3 exception on shutdown
The version check was missing and the removed fips API was called,
causing a harmless (but ugly obviously) linker exception.
---
.../tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java | 4 +++-
.../tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
index 98d6c527c4..57b427031c 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
@@ -395,7 +395,9 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
if (!MemorySegment.NULL.equals(enginePointer)) {
ENGINE_free(enginePointer);
}
- FIPS_mode_set(0);
+ if (OpenSSL_version_num() < 0x3000000fL) {
+ FIPS_mode_set(0);
+ }
} finally {
OpenSSLStatus.setInitialized(false);
fipsModeActive = false;
diff --git a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
index 9da964d8e6..3ae03a50e6 100644
--- a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
+++ b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
@@ -396,7 +396,9 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
if (!MemoryAddress.NULL.equals(enginePointer)) {
ENGINE_free(enginePointer);
}
- FIPS_mode_set(0);
+ if (OpenSSL_version_num() < 0x3000000fL) {
+ FIPS_mode_set(0);
+ }
} finally {
OpenSSLStatus.setInitialized(false);
fipsModeActive = false;
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org