You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2011/11/11 04:42:48 UTC

svn commit: r1200725 - in /tomcat/trunk: java/org/apache/catalina/core/AprLifecycleListener.java webapps/docs/config/listeners.xml

Author: kkolinko
Date: Fri Nov 11 03:42:47 2011
New Revision: 1200725

URL: http://svn.apache.org/viewvc?rev=1200725&view=rev
Log:
If FIPSMode="on", treat its initialization failure as fatal, regardless of the cause,
be it implementation failure or missing tc-native.

Implementation note:
- Message should be logged before throwing. When Bootstrap terminates it does not print the error in the usual catalina log file. It must be written here.
- Throwing an IllegalStateException is not fatal. Throwing an Error is fatal.

Tested with TCNative 1.1.22 that does not have FIPS support.

Modified:
    tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
    tomcat/trunk/webapps/docs/config/listeners.xml

Modified: tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java?rev=1200725&r1=1200724&r2=1200725&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java Fri Nov 11 03:42:47 2011
@@ -108,21 +108,18 @@ public class AprLifecycleListener
                     try {
                         initializeSSL();
                     } catch (Throwable t) {
-                        // FIPS Errors are always fatal
-                        if("on".equalsIgnoreCase(FIPSMode)
-                           && !isFIPSModeActive()) {
-                            if(t instanceof Error)
-                               throw (Error)t;
-                            else if(t instanceof RuntimeException)
-                                throw (RuntimeException)t;
-                            else
-                                throw new IllegalStateException(sm.getString("aprListener.sslInit"), t);
-                        } else {
-                            ExceptionUtils.handleThrowable(t);
-                            log.error(sm.getString("aprListener.sslInit"), t);
-                        }
+                        ExceptionUtils.handleThrowable(t);
+                        log.error(sm.getString("aprListener.sslInit"), t);
                     }
                 }
+                // Failure to initialize FIPS mode is fatal
+                if ("on".equalsIgnoreCase(FIPSMode) && !isFIPSModeActive()) {
+                    Error e = new Error(
+                            sm.getString("aprListener.initializeFIPSFailed"));
+                    // Log here, because thrown error might be not logged
+                    log.fatal(e.getMessage(), e);
+                    throw e;
+                }
             }
         } else if (Lifecycle.AFTER_DESTROY_EVENT.equals(event.getType())) {
             synchronized (lock) {

Modified: tomcat/trunk/webapps/docs/config/listeners.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/listeners.xml?rev=1200725&r1=1200724&r2=1200725&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/listeners.xml (original)
+++ tomcat/trunk/webapps/docs/config/listeners.xml Fri Nov 11 03:42:47 2011
@@ -95,11 +95,12 @@
     <attributes>
 
       <attribute name="SSLEngine" required="false">
-        <p>Name of the SSLEngine to use. off: Do not use SSL, on: Use SSL but no
-        specific ENGINE. The default value is <b>on</b>. This initializes the
+        <p>Name of the SSLEngine to use. <code>off</code>: do not use SSL,
+        <code>on</code>: use SSL but no specific ENGINE.</p>
+        <p>The default value is <b>on</b>. This initializes the
         native SSL engine, which must be enabled in the APR/native connector by
         the use of the <code>SSLEnabled</code> attribute.</p>
-        <p>See the <a href="http://www.openssl.org">Official OpenSSL website</a>
+        <p>See the <a href="http://www.openssl.org/">Official OpenSSL website</a>
         for more details on supported SSL hardware engines and manufacturers.
         </p>
       </attribute>
@@ -111,11 +112,12 @@
       </attribute>
 
       <attribute name="FIPSMode" required="false">
-        <p>Set to "on" to instruct OpenSSL to go into FIPS mode.
-        FIPS mode <i>requires you to have a FIPS-capable OpenSSL library which
-        you must build yourself</i>.
+        <p>Set to <code>on</code> to instruct OpenSSL to go into FIPS mode.
+        FIPS mode <em>requires you to have a FIPS-capable OpenSSL library which
+        you must build yourself</em>.
         FIPS mode also requires Tomcat native library version 1.1.23 or later,
-        which <i>must be built against the FIPS-compatible OpenSSL</i> library.
+        which <em>must be built against the FIPS-compatible OpenSSL</em> library.
+        If this attribute is "on", <b>SSLEngine</b> must be enabled as well.
         The default value is <code>off</code>.</p>
       </attribute>
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org