You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2013/11/10 21:24:52 UTC

svn commit: r1540543 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/util/net/AprEndpoint.java java/org/apache/tomcat/util/net/res/LocalStrings.properties webapps/docs/changelog.xml

Author: markt
Date: Sun Nov 10 20:24:51 2013
New Revision: 1540543

URL: http://svn.apache.org/r1540543
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55749
Improve error message when SSLEngine is disabled in AprLifecycleListener and SSL is configured for an APR/native connector.

Modified:
    tomcat/tc7.0.x/trunk/   (props changed)
    tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
    tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties
    tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml

Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1540539

Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1540543&r1=1540542&r2=1540543&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Sun Nov 10 20:24:51 2013
@@ -493,7 +493,15 @@ public class AprEndpoint extends Abstrac
             }
 
             // Create SSL Context
-            sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
+            try {
+                sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
+            } catch (Exception e) {
+                // If the sslEngine is disabled on the AprLifecycleListener
+                // there will be an Exception here but there is no way to check
+                // the AprLifecycleListener settings from here
+                throw new Exception(
+                        sm.getString("endpoint.apr.failSslContextMake"), e);
+            }
             if (SSLInsecureRenegotiation) {
                 boolean legacyRenegSupported = false;
                 try {

Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties?rev=1540543&r1=1540542&r2=1540543&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/res/LocalStrings.properties Sun Nov 10 20:24:51 2013
@@ -49,6 +49,7 @@ endpoint.process.fail=Error allocating s
 endpoint.sendfile.error=Unexpected sendfile error
 endpoint.sendfile.addfail=Sendfile failure: [{0}] {1}
 endpoint.timeout.err=Error processing socket timeout
+endpoint.apr.failSslContextMake=Unable to create SSLContext. Check SSLEngine is enabled in the AprLifecycleListener and that a valid SSLProtocol has been specified
 endpoint.apr.invalidSslProtocol=An invalid value [{0}] was provided for the SSLProtocol attribute
 endpoint.apr.noSslCertFile=Connector attribute SSLCertificateFile must be defined when using SSL with APR
 endpoint.apr.pollAddInvalid=Invalid attempted to add a socket [{0}] to the poller

Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1540543&r1=1540542&r2=1540543&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Sun Nov 10 20:24:51 2013
@@ -141,6 +141,11 @@
         processing threads to terminate before continuing with the connector
         stop process configurable. (markt)
       </add>
+      <fix>
+        <bug>55749</bug>: Improve the error message when <code>SSLEngine</code>
+        is disabled in the <code>AprLifecycleListener</code> and SSL is
+        configured for an APR/native connector. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Cluster">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org