You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/11/10 13:06:27 UTC
[tomcat] branch 9.0.x updated: Improve error handling
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 24ca7c1 Improve error handling
24ca7c1 is described below
commit 24ca7c139ddddd0131b53e97b4cb53bb7780daab
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Nov 10 13:04:41 2021 +0000
Improve error handling
While this is in the vicinity of the current CI failures for the
TestSSLHostConfigCompat tests, I don't think it is the root cause of the
test failures. It might be the root cause of the some of the JVM
crashes.
Whether it is the root cause of failures and/or crashes or not, ignoring
the return value when it may indicate an error needs improvement.
---
java/org/apache/tomcat/util/net/AprEndpoint.java | 6 +++++-
java/org/apache/tomcat/util/net/LocalStrings.properties | 1 +
webapps/docs/changelog.xml | 8 ++++++++
3 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 79ef971..ace5cd9 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -705,7 +705,11 @@ public class AprEndpoint extends AbstractEndpoint<Long,Long> implements SNICallB
// 2: SSL handshake
step = 2;
if (sslContext != 0) {
- SSLSocket.attach(sslContext, socket);
+ int rv = SSLSocket.attach(sslContext, socket);
+ if (rv != Status.APR_SUCCESS) {
+ log.warn(sm.getString("endpoint.err.attach", Integer.valueOf(rv)));
+ return false;
+ }
if (SSLSocket.handshake(socket) != 0) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("endpoint.err.handshake") + ": " + SSL.getLastError());
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties b/java/org/apache/tomcat/util/net/LocalStrings.properties
index f3f1619..5d8652c 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -79,6 +79,7 @@ endpoint.debug.unlock.fail=Caught exception trying to unlock accept on port [{0}
endpoint.debug.unlock.localFail=Unable to determine local address for [{0}]
endpoint.debug.unlock.localNone=Failed to unlock acceptor for [{0}] because the local address was not available
endpoint.duplicateSslHostName=Multiple SSLHostConfig elements were provided for the host name [{0}]. Host names must be unique.
+endpoint.err.attach=Failed to attach SSLContext to socket - error [{0}]
endpoint.err.close=Caught exception trying to close socket
endpoint.err.handshake=Handshake failed
endpoint.err.unexpected=Unexpected error processing socket
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d7d383d..2ea791b 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,14 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 9.0.56 (remm)" rtext="in development">
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ Improve error handling if APR/Native fails to attach TLS capabilities to
+ a TLS enabled client connection. (markt)
+ </fix>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 9.0.55 (remm)" rtext="in progress 2021-11-10">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org