You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by sc...@apache.org on 2011/11/10 18:35:22 UTC
svn commit: r1200445 -
/tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
Author: schultz
Date: Thu Nov 10 17:35:22 2011
New Revision: 1200445
URL: http://svn.apache.org/viewvc?rev=1200445&view=rev
Log:
Made FIPS-related errors fatal to AprLifecycleListener.
Modified:
tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
Modified: tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java?rev=1200445&r1=1200444&r2=1200445&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java Thu Nov 10 17:35:22 2011
@@ -108,8 +108,19 @@ public class AprLifecycleListener
try {
initializeSSL();
} catch (Throwable t) {
- ExceptionUtils.handleThrowable(t);
- log.error(sm.getString("aprListener.sslInit"), t);
+ // FIPS Errors are always fatal
+ if("on".equalsIgnoreCase(FIPSMode)
+ && !isFIPSModeActive()) {
+ if(t instanceof Error)
+ throw (Error)t;
+ else if(t instanceof RuntimeException)
+ throw (RuntimeException)t;
+ else
+ throw new IllegalStateException(sm.getString("aprListener.sslInit"), t);
+ } else {
+ ExceptionUtils.handleThrowable(t);
+ log.error(sm.getString("aprListener.sslInit"), t);
+ }
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org