You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2023/06/14 19:39:38 UTC
[tomcat] branch main updated: Minor Panama API updates
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 4b7fdaa488 Minor Panama API updates
4b7fdaa488 is described below
commit 4b7fdaa488f5996db7b8311ecca783c7dd62284a
Author: remm <re...@apache.org>
AuthorDate: Wed Jun 14 21:39:10 2023 +0200
Minor Panama API updates
---
modules/openssl-foreign/pom.xml | 4 +--
.../util/net/openssl/panama/OpenSSLContext.java | 42 +++++++++++-----------
.../util/net/openssl/panama/OpenSSLEngine.java | 16 ++++-----
.../openssl/panama/OpenSSLLifecycleListener.java | 16 ++++-----
.../apache/tomcat/util/openssl/Constants$root.java | 1 -
.../apache/tomcat/util/openssl/constants$29.java | 2 +-
6 files changed, 40 insertions(+), 41 deletions(-)
diff --git a/modules/openssl-foreign/pom.xml b/modules/openssl-foreign/pom.xml
index e48b5536b0..89b4a2bc73 100644
--- a/modules/openssl-foreign/pom.xml
+++ b/modules/openssl-foreign/pom.xml
@@ -78,8 +78,8 @@
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<configuration>
- <source>21</source>
- <target>21</target>
+ <source>22</source>
+ <target>22</target>
<compilerArgs>
<arg>--enable-preview</arg>
</compilerArgs>
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 61d953a1c4..4419bbfe8f 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -186,7 +186,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
for (int i = 0; i < len; i++) {
MemorySegment cipher = OPENSSL_sk_value(sk, i);
MemorySegment cipherName = SSL_CIPHER_get_name(cipher);
- ciphers.add(cipherName.getUtf8String(0));
+ ciphers.add(cipherName.getString(0));
}
return ciphers.toArray(new String[0]);
}
@@ -225,7 +225,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
try (var localArena = Arena.ofConfined()) {
var buf = localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
- log.error(sm.getString("openssl.errorLoadingCertificate", buf.getUtf8String(0)));
+ log.error(sm.getString("openssl.errorLoadingCertificate", buf.getString(0)));
}
}
SSL_CONF_CTX_set_flags(confCtx, SSL_CONF_FLAG_FILE() |
@@ -405,13 +405,13 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
if (name.equals("NO_OCSP_CHECK")) {
rc = 1;
} else {
- int code = SSL_CONF_cmd_value_type(state.confCtx, localArena.allocateUtf8String(name));
+ int code = SSL_CONF_cmd_value_type(state.confCtx, localArena.allocateString(name));
rc = 1;
long errCode = ERR_get_error();
if (errCode != 0) {
var buf = localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
- log.error(sm.getString("opensslconf.checkFailed", buf.getUtf8String(0)));
+ log.error(sm.getString("opensslconf.checkFailed", buf.getString(0)));
rc = 0;
}
if (code == SSL_CONF_TYPE_UNKNOWN()) {
@@ -481,13 +481,13 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
noOcspCheck = Boolean.valueOf(value);
rc = 1;
} else {
- rc = SSL_CONF_cmd(state.confCtx, localArena.allocateUtf8String(name),
- localArena.allocateUtf8String(value));
+ rc = SSL_CONF_cmd(state.confCtx, localArena.allocateString(name),
+ localArena.allocateString(value));
long errCode = ERR_get_error();
if (rc <= 0 || errCode != 0) {
var buf = localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
- log.error(sm.getString("opensslconf.commandError", name, value, buf.getUtf8String(0)));
+ log.error(sm.getString("opensslconf.commandError", name, value, buf.getString(0)));
rc = 0;
}
}
@@ -565,13 +565,13 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
// List the ciphers that the client is permitted to negotiate
if (minTlsVersion <= TLS1_2_VERSION()) {
if (SSL_CTX_set_cipher_list(state.sslCtx,
- localArena.allocateUtf8String(sslHostConfig.getCiphers())) <= 0) {
+ localArena.allocateString(sslHostConfig.getCiphers())) <= 0) {
log.warn(sm.getString("engine.failedCipherList", sslHostConfig.getCiphers()));
}
}
if (maxTlsVersion >= TLS1_3_VERSION() && (sslHostConfig.getCiphers() != SSLHostConfig.DEFAULT_TLS_CIPHERS)) {
if (SSL_CTX_set_ciphersuites(state.sslCtx,
- localArena.allocateUtf8String(sslHostConfig.getCiphers())) <= 0) {
+ localArena.allocateString(sslHostConfig.getCiphers())) <= 0) {
log.warn(sm.getString("engine.failedCipherSuite", sslHostConfig.getCiphers()));
}
}
@@ -644,9 +644,9 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
// SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()),
// SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath()));
MemorySegment caCertificateFileNative = sslHostConfig.getCaCertificateFile() != null
- ? localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : null;
+ ? localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile())) : null;
MemorySegment caCertificatePathNative = sslHostConfig.getCaCertificatePath() != null
- ? localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : null;
+ ? localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) : null;
if ((sslHostConfig.getCaCertificateFile() != null || sslHostConfig.getCaCertificatePath() != null)
&& SSL_CTX_load_verify_locations(state.sslCtx,
caCertificateFileNative == null ? MemorySegment.NULL : caCertificateFileNative,
@@ -959,7 +959,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
String callbackPassword = callbackPasswordTheadLocal.get();
if (callbackPassword != null && callbackPassword.length() > 0) {
try (var localArena = Arena.ofConfined()) {
- MemorySegment callbackPasswordNative = localArena.allocateUtf8String(callbackPassword);
+ MemorySegment callbackPasswordNative = localArena.allocateString(callbackPassword);
if (callbackPasswordNative.byteSize() > bufsiz) {
// The password is too long
log.error(sm.getString("openssl.passwordTooLong"));
@@ -983,9 +983,9 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
// SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()),
// SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()),
// certificate.getCertificateKeyPassword(), getCertificateIndex(certificate));
- var certificateFileNative = localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()));
+ var certificateFileNative = localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()));
var certificateKeyFileNative = (certificate.getCertificateKeyFile() == null) ? certificateFileNative
- : localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()));
+ : localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()));
MemorySegment bio;
MemorySegment cert = MemorySegment.NULL;
MemorySegment key = MemorySegment.NULL;
@@ -1009,7 +1009,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
int passwordLength = 0;
String callbackPassword = certificate.getCertificateKeyPassword();
if (callbackPassword != null && callbackPassword.length() > 0) {
- passwordAddress = localArena.allocateUtf8String(callbackPassword);
+ passwordAddress = localArena.allocateString(callbackPassword);
passwordLength = (int) (passwordAddress.byteSize() - 1);
}
if (PKCS12_verify_mac(p12, passwordAddress, passwordLength) <= 0) {
@@ -1112,7 +1112,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
}
// Try to read DH parameters from the (first) SSLCertificateFile
if (index == SSL_AIDX_RSA) {
- bio = BIO_new_file(certificateFileNative, localArena.allocateUtf8String("r"));
+ bio = BIO_new_file(certificateFileNative, localArena.allocateString("r"));
var dh = PEM_read_bio_DHparams(bio, MemorySegment.NULL, MemorySegment.NULL, MemorySegment.NULL);
BIO_free(bio);
// # define SSL_CTX_set_tmp_dh(sslCtx,dh) \
@@ -1123,7 +1123,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
}
}
// Similarly, try to read the ECDH curve name from SSLCertificateFile...
- bio = BIO_new_file(certificateFileNative, localArena.allocateUtf8String("r"));
+ bio = BIO_new_file(certificateFileNative, localArena.allocateString("r"));
var ecparams = PEM_read_bio_ECPKParameters(bio, MemorySegment.NULL, MemorySegment.NULL, MemorySegment.NULL);
BIO_free(bio);
if (!MemorySegment.NULL.equals(ecparams)) {
@@ -1142,7 +1142,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
// Set certificate chain file
if (certificate.getCertificateChainFile() != null) {
var certificateChainFileNative =
- localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()));
+ localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()));
// SSLContext.setCertificateChainFile(state.ctx,
// SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()), false);
if (SSL_CTX_use_certificate_chain_file(state.sslCtx, certificateChainFileNative) <= 0) {
@@ -1159,7 +1159,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
if (sslHostConfig.getCertificateRevocationListFile() != null) {
MemorySegment x509Lookup = X509_STORE_add_lookup(certificateStore, X509_LOOKUP_file());
var certificateRevocationListFileNative =
- localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListFile()));
+ localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListFile()));
//X509_LOOKUP_ctrl(lookup,X509_L_FILE_LOAD,file,type,NULL)
if (X509_LOOKUP_ctrl(x509Lookup, X509_L_FILE_LOAD(), certificateRevocationListFileNative,
X509_FILETYPE_PEM(), MemorySegment.NULL) <= 0) {
@@ -1169,7 +1169,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
if (sslHostConfig.getCertificateRevocationListPath() != null) {
MemorySegment x509Lookup = X509_STORE_add_lookup(certificateStore, X509_LOOKUP_hash_dir());
var certificateRevocationListPathNative =
- localArena.allocateUtf8String(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListPath()));
+ localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListPath()));
//X509_LOOKUP_ctrl(lookup,X509_L_ADD_DIR,path,type,NULL)
if (X509_LOOKUP_ctrl(x509Lookup, X509_L_ADD_DIR(), certificateRevocationListPathNative,
X509_FILETYPE_PEM(), MemorySegment.NULL) <= 0) {
@@ -1311,7 +1311,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
private static void logLastError(SegmentAllocator allocator, String string) {
var buf = allocator.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(ERR_get_error(), buf);
- String err = buf.getUtf8String(0);
+ String err = buf.getString(0);
log.error(sm.getString(string, err));
}
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index b7e6c15578..e60795c36e 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -109,7 +109,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
var sslCtx = SSL_CTX_new(TLS_server_method());
try {
SSL_CTX_set_options(sslCtx, SSL_OP_ALL());
- SSL_CTX_set_cipher_list(sslCtx, localArena.allocateUtf8String("ALL"));
+ SSL_CTX_set_cipher_list(sslCtx, localArena.allocateString("ALL"));
var ssl = SSL_new(sslCtx);
SSL_set_accept_state(ssl);
try {
@@ -152,7 +152,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
for (int i = 0; i < len; i++) {
MemorySegment cipher = OPENSSL_sk_value(sk, i);
MemorySegment cipherName = SSL_CIPHER_get_name(cipher);
- ciphers.add(cipherName.getUtf8String(0));
+ ciphers.add(cipherName.getString(0));
}
return ciphers.toArray(new String[0]);
}
@@ -767,7 +767,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
final String cipherSuiteSpec = buf.toString();
try (var localArena = Arena.ofConfined()) {
- SSL_set_cipher_list(state.ssl, localArena.allocateUtf8String(cipherSuiteSpec));
+ SSL_set_cipher_list(state.ssl, localArena.allocateString(cipherSuiteSpec));
} catch (Exception e) {
throw new IllegalStateException(sm.getString("engine.failedCipherSuite", cipherSuiteSpec), e);
}
@@ -992,7 +992,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
}
clearLastError();
int code;
- if (SSL_get_version(state.ssl).getUtf8String(0).equals(Constants.SSL_PROTO_TLSv1_3)) {
+ if (SSL_get_version(state.ssl).getString(0).equals(Constants.SSL_PROTO_TLSv1_3)) {
state.phaState = PHAState.START;
code = SSL_verify_client_post_handshake(state.ssl);
} else {
@@ -1048,7 +1048,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
// Loop until getLastErrorNumber() returns SSL_ERROR_NONE
var buf = localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(error, buf);
- String err = buf.getUtf8String(0);
+ String err = buf.getString(0);
if (sslError == null) {
sslError = err;
}
@@ -1123,7 +1123,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
selectedProtocol = getProtocolNegotiated();
}
session.lastAccessedTime = System.currentTimeMillis();
- version = SSL_get_version(state.ssl).getUtf8String(0);
+ version = SSL_get_version(state.ssl).getString(0);
handshakeFinished = true;
return SSLEngineResult.HandshakeStatus.FINISHED;
}
@@ -1702,7 +1702,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
if (destroyed) {
return INVALID_CIPHER;
}
- ciphers = SSL_CIPHER_get_name(SSL_get_current_cipher(state.ssl)).getUtf8String(0);
+ ciphers = SSL_CIPHER_get_name(SSL_get_current_cipher(state.ssl)).getString(0);
}
String c = OpenSSLCipherConfigurationParser.openSSLToJsse(ciphers);
if (c != null) {
@@ -1726,7 +1726,7 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
String version = null;
synchronized (OpenSSLEngine.this) {
if (!destroyed) {
- version = SSL_get_version(state.ssl).getUtf8String(0);
+ version = SSL_get_version(state.ssl).getString(0);
}
}
if (applicationProtocol.isEmpty()) {
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
index 3c2dbdda94..deb90343af 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
@@ -239,13 +239,13 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
if ("auto".equals(engineName)) {
ENGINE_register_all_complete();
} else {
- var engine = memorySession.allocateUtf8String(engineName);
+ var engine = memorySession.allocateString(engineName);
enginePointer = ENGINE_by_id(engine);
if (MemorySegment.NULL.equals(enginePointer)) {
- enginePointer = ENGINE_by_id(memorySession.allocateUtf8String("dynamic"));
+ enginePointer = ENGINE_by_id(memorySession.allocateString("dynamic"));
if (enginePointer != null) {
- if (ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateUtf8String("SO_PATH"), engine, 0) == 0
- || ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateUtf8String("LOAD"),
+ if (ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateString("SO_PATH"), engine, 0) == 0
+ || ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateString("LOAD"),
MemorySegment.NULL, 0) == 0) {
// Engine load error
ENGINE_free(enginePointer);
@@ -269,7 +269,7 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
// Set the random seed, translated to the Java way
boolean seedDone = false;
if (SSLRandomSeed != null || SSLRandomSeed.length() != 0 || !"builtin".equals(SSLRandomSeed)) {
- var randomSeed = memorySession.allocateUtf8String(SSLRandomSeed);
+ var randomSeed = memorySession.allocateString(SSLRandomSeed);
seedDone = RAND_load_file(randomSeed, 128) > 0;
}
if (!seedDone) {
@@ -289,9 +289,9 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
final boolean enterFipsMode;
int fipsModeState = FIPS_OFF;
if (usingProviders) {
- var md = EVP_MD_fetch(MemorySegment.NULL, memorySession.allocateUtf8String("SHA-512"), MemorySegment.NULL);
+ var md = EVP_MD_fetch(MemorySegment.NULL, memorySession.allocateString("SHA-512"), MemorySegment.NULL);
var provider = EVP_MD_get0_provider(md);
- String name = OSSL_PROVIDER_get0_name(provider).getUtf8String(0);
+ String name = OSSL_PROVIDER_get0_name(provider).getString(0);
EVP_MD_free(md);
if ("fips".equals(name)) {
fipsModeState = FIPS_ON;
@@ -376,7 +376,7 @@ public class OpenSSLLifecycleListener implements LifecycleListener {
}
}
- log.info(sm.getString("listener.initializedOpenSSL", OpenSSL_version(0).getUtf8String(0)));
+ log.info(sm.getString("listener.initializedOpenSSL", OpenSSL_version(0).getString(0)));
OpenSSLStatus.setAvailable(true);
}
}
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/Constants$root.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/Constants$root.java
index 7dac29f661..e69dc262f3 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/Constants$root.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/Constants$root.java
@@ -36,7 +36,6 @@ final class Constants$root {
static final OfLong C_LONG_LONG$LAYOUT = JAVA_LONG;
static final OfFloat C_FLOAT$LAYOUT = JAVA_FLOAT;
static final OfDouble C_DOUBLE$LAYOUT = JAVA_DOUBLE;
- static final AddressLayout C_POINTER$LAYOUT = ADDRESS.withBitAlignment(64).withTargetLayout(MemoryLayout.sequenceLayout(Constants$root.C_CHAR$LAYOUT));
}
diff --git a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
index 71ff4b643e..c9ed2b9aad 100644
--- a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
+++ b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
@@ -28,7 +28,7 @@ final class constants$29 {
// Suppresses default constructor, ensuring non-instantiability.
private constants$29() {}
- static final MemorySegment OPENSSL_FILE$SEGMENT = RuntimeHelper.CONSTANT_ALLOCATOR.allocateUtf8String("/tmp/jextract$5975327931591344605.h");
+ static final MemorySegment OPENSSL_FILE$SEGMENT = RuntimeHelper.CONSTANT_ALLOCATOR.allocateString("/tmp/jextract$5975327931591344605.h");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org