On Wed, Jul 5, 2017 at 8:51 AM, <[email protected]> wrote: > Author: markt > Date: Wed Jul 5 13:51:27 2017 > New Revision: 1800874 > > URL: http://svn.apache.org/viewvc?rev=1800874&view=rev > Log: > Follow-up to r1800867 > Avoid NPE when no alias is specified. > Now an in memory key store with a single key is used, there is no need for > the JSSEKeyManager - so remove it. >
https://bz.apache.org/bugzilla/show_bug.cgi?id=59910 So this was about not hardcoding a default to "tomcat" then. Rémy > > Removed: > tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEKeyManager.java > Modified: > tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java > tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ > OpenSSLContext.java > > Modified: tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/ > tomcat/util/net/jsse/JSSEUtil.java?rev=1800874&r1=1800873& > r2=1800874&view=diff > ============================================================ > ================== > --- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java > (original) > +++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java Wed > Jul 5 13:51:27 2017 > @@ -52,7 +52,6 @@ import javax.net.ssl.ManagerFactoryParam > import javax.net.ssl.SSLSessionContext; > import javax.net.ssl.TrustManager; > import javax.net.ssl.TrustManagerFactory; > -import javax.net.ssl.X509KeyManager; > > import org.apache.juli.logging.Log; > import org.apache.juli.logging.LogFactory; > @@ -171,7 +170,6 @@ public class JSSEUtil extends SSLUtilBas > > @Override > public KeyManager[] getKeyManagers() throws Exception { > - String keystoreType = certificate.getCertificateKeystoreType(); > String keyAlias = certificate.getCertificateKeyAlias(); > String algorithm = sslHostConfig.getKeyManagerAlgorithm(); > String keyPass = certificate.getCertificateKeyPassword(); > @@ -181,8 +179,6 @@ public class JSSEUtil extends SSLUtilBas > keyPass = certificate.getCertificateKeystorePassword(); > } > > - KeyManager[] kms = null; > - > KeyStore ks = certificate.getCertificateKeystore(); > > /* > @@ -219,6 +215,8 @@ public class JSSEUtil extends SSLUtilBas > } else { > if (keyAlias != null && !ks.isKeyEntry(keyAlias)) { > throw new IOException(sm.getString("jsse.alias_no_key_entry", > keyAlias)); > + } else if (keyAlias == null) { > + keyAlias = "tomcat"; > } > > inMemoryKeyStore.setKeyEntry(keyAlias, ks.getKey(keyAlias, > keyPassArray), keyPassArray, > @@ -229,23 +227,7 @@ public class JSSEUtil extends SSLUtilBas > KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm); > kmf.init(inMemoryKeyStore, keyPassArray); > > - kms = kmf.getKeyManagers(); > - if (kms == null) { > - return kms; > - } > - > - if (keyAlias != null) { > - String alias = keyAlias; > - // JKS keystores always convert the alias name to lower case > - if ("JKS".equals(keystoreType)) { > - alias = alias.toLowerCase(Locale.ENGLISH); > - } > - for(int i = 0; i < kms.length; i++) { > - kms[i] = new JSSEKeyManager((X509KeyManager)kms[i], > alias); > - } > - } > - > - return kms; > + return kmf.getKeyManagers(); > } > > > > Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ > OpenSSLContext.java > URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/ > tomcat/util/net/openssl/OpenSSLContext.java?rev= > 1800874&r1=1800873&r2=1800874&view=diff > ============================================================ > ================== > --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java > (original) > +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java > Wed Jul 5 13:51:27 2017 > @@ -50,7 +50,6 @@ import org.apache.tomcat.util.net.Consta > import org.apache.tomcat.util.net.SSLHostConfig; > import org.apache.tomcat.util.net.SSLHostConfigCertificate; > import org.apache.tomcat.util.net.SSLHostConfigCertificate.Type; > -import org.apache.tomcat.util.net.jsse.JSSEKeyManager; > import org.apache.tomcat.util.net.openssl.ciphers. > OpenSSLCipherConfigurationParser; > import org.apache.tomcat.util.res.StringManager; > > @@ -365,11 +364,6 @@ public class OpenSSLContext implements o > > private static X509KeyManager chooseKeyManager(KeyManager[] managers) > throws Exception { > for (KeyManager manager : managers) { > - if (manager instanceof JSSEKeyManager) { > - return (JSSEKeyManager) manager; > - } > - } > - for (KeyManager manager : managers) { > if (manager instanceof X509KeyManager) { > return (X509KeyManager) manager; > } > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
