You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/09/16 20:37:15 UTC

[tomcat] branch 8.5.x updated: Fix BZ 65577 - additional permissions required by security manager

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 92e9051  Fix BZ 65577 - additional permissions required by security manager
92e9051 is described below

commit 92e9051d614d430676ef8002e8b7ef4875d8017c
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Sep 16 21:33:16 2021 +0100

    Fix BZ 65577 - additional permissions required by security manager
---
 java/org/apache/catalina/security/SecurityClassLoad.java | 2 ++
 webapps/docs/changelog.xml                               | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/java/org/apache/catalina/security/SecurityClassLoad.java b/java/org/apache/catalina/security/SecurityClassLoad.java
index 144a869..c2cb0fc 100644
--- a/java/org/apache/catalina/security/SecurityClassLoad.java
+++ b/java/org/apache/catalina/security/SecurityClassLoad.java
@@ -194,6 +194,8 @@ public final class SecurityClassLoad {
         loader.loadClass(basePackage + "util.net.SocketWrapperBase$CompletionHandlerCall");
         loader.loadClass(basePackage + "util.net.SocketWrapperBase$CompletionState");
         loader.loadClass(basePackage + "util.net.SocketWrapperBase$VectoredIOCompletionHandler");
+        loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor");
+        loader.loadClass(basePackage + "util.net.TLSClientHelloExtractor$ExtractorResult");
         // security
         loader.loadClass(basePackage + "util.security.PrivilegedGetTccl");
         loader.loadClass(basePackage + "util.security.PrivilegedSetTccl");
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 80f8d02..5a1cd81 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -113,6 +113,10 @@
         incorrectly report that they had timed out waiting for an allocation
         from the connection flow control window. (markt)
       </fix>
+      <fix>
+        <bug>65577</bug>: Fix a <code>AccessControlException</code> reporting
+        when running an NIO2 connector with TLS enabled. (markt)
+      </fix>
     </changelog>
   </subsection>
 </section>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org