You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/07/03 21:21:20 UTC
[tomcat] branch 8.5.x updated: Refactor fix for
https://bz.apache.org/bugzilla/show_bug.cgi?id=63205
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new c4c62d4 Refactor fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=63205
c4c62d4 is described below
commit c4c62d48cfb27a4c3f625436fd2b2da5942c2936
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Jul 3 22:20:19 2019 +0100
Refactor fix for https://bz.apache.org/bugzilla/show_bug.cgi?id=63205
JRE bug only applies to PKCS12 so only use with workaround with PKCS12
keystores due to regressions with other keystore types
---
java/org/apache/tomcat/util/security/KeyStoreUtil.java | 6 +++---
webapps/docs/changelog.xml | 5 +++++
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/java/org/apache/tomcat/util/security/KeyStoreUtil.java b/java/org/apache/tomcat/util/security/KeyStoreUtil.java
index c58245d..862ef22 100644
--- a/java/org/apache/tomcat/util/security/KeyStoreUtil.java
+++ b/java/org/apache/tomcat/util/security/KeyStoreUtil.java
@@ -52,9 +52,7 @@ public class KeyStoreUtil {
*/
public static void load(KeyStore keystore, InputStream is, char[] storePass)
throws NoSuchAlgorithmException, CertificateException, IOException {
- if (is == null) {
- keystore.load(null, storePass);
- } else {
+ if (keystore.getType().equals("PKCS12")) {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte[] buf = new byte[8192];
int numRead;
@@ -67,6 +65,8 @@ public class KeyStoreUtil {
ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
keystore.load(bais, storePass);
+ } else {
+ keystore.load(is, storePass);
}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e622fd0..781ee9a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -123,6 +123,11 @@
Fix to avoid the possibility of long poll times for individual pollers
when using mutliple pollers with APR. (markt)
</fix>
+ <fix>
+ Refactor the fix for <bug>63205</bug> so it only applies when using
+ PKCS12 keystores as regressions have been reported with some other
+ keystore types. (markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Jasper">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org