You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2021/04/01 13:23:06 UTC

[tomcat-native] branch master updated: Fix a regression in the previous fix for BZ 65181

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git


The following commit(s) were added to refs/heads/master by this push:
     new 7bd89b3  Fix a regression in the previous fix for BZ 65181
7bd89b3 is described below

commit 7bd89b3bca3b544c32eb32868ae7bcec677ba440
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Apr 1 11:57:25 2021 +0100

    Fix a regression in the previous fix for BZ 65181
    
    https://bz.apache.org/bugzilla/show_bug.cgi?id=65181
---
 native/src/sslcontext.c           | 4 ++--
 xdocs/miscellaneous/changelog.xml | 7 +++++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/native/src/sslcontext.c b/native/src/sslcontext.c
index 5d08a78..6c8d18b 100644
--- a/native/src/sslcontext.c
+++ b/native/src/sslcontext.c
@@ -1036,9 +1036,9 @@ TCN_IMPLEMENT_CALL(jboolean, SSLContext, setCertificate)(TCN_STDARGS, jlong ctx,
     else {
         if ((c->keys[idx] = load_pem_key(c, key_file)) == NULL
 #ifndef OPENSSL_NO_ENGINE
-                && tcn_ssl_engine != NULL &&
+                && (tcn_ssl_engine == NULL ||
                 (c->keys[idx] = ENGINE_load_private_key(tcn_ssl_engine, key_file,
-                                                        NULL, NULL)) == NULL
+                                                        NULL, NULL)) == NULL)
 #endif
                 ) {
             ERR_error_string(SSL_ERR_get(), err);
diff --git a/xdocs/miscellaneous/changelog.xml b/xdocs/miscellaneous/changelog.xml
index c73f7a9..fb5eaf3 100644
--- a/xdocs/miscellaneous/changelog.xml
+++ b/xdocs/miscellaneous/changelog.xml
@@ -35,6 +35,13 @@
   </p>
 </section>
 <section name="Changes in 1.2.28">
+  <changelog>
+    <fix>
+      Correct a regression in the fix for <bug>65181</bug> that prevented an
+      error message from being displayed if an invalid key file was provided
+      and no OpenSSL Engine was configured. (markt)
+    </fix>
+  </changelog>
 </section>
 <section name="Changes in 1.2.27">
   <changelog>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org