This is an automated email from the ASF dual-hosted git repository.

zrhoffman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git


The following commit(s) were added to refs/heads/master by this push:
     new 05eda4e  Upgrade Tomcat to 8.5.57 (#5013)
05eda4e is described below

commit 05eda4ea305e77aa8ead692b34a3cf87f151657d
Author: Joshua Zenn <[email protected]>
AuthorDate: Thu Sep 24 12:42:38 2020 -0400

    Upgrade Tomcat to 8.5.57 (#5013)
    
    * Update to latest version
    
    Updated all references to Tomcat packages to 8.5.57 (newest 8.5.x as of 
8/24/2020).
    
    * Fixed missing method names
    
    * Fixed issue with Tomcat changing how default certificates are initialized
    
    * Documented changes and removed unneeded code
---
 traffic_router/build/build_rpm.sh                                | 2 +-
 traffic_router/connector/pom.xml                                 | 4 ++--
 .../traffic_router/protocol/RouterNioEndpoint.java               | 5 ++---
 .../traffic_control/traffic_router/protocol/RouterSslUtil.java   | 9 ++++++++-
 traffic_router/core/pom.xml                                      | 6 +++---
 5 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/traffic_router/build/build_rpm.sh 
b/traffic_router/build/build_rpm.sh
index a6908e9..6eaf498 100755
--- a/traffic_router/build/build_rpm.sh
+++ b/traffic_router/build/build_rpm.sh
@@ -76,7 +76,7 @@ adaptEnvironment() {
        RPM="${PACKAGE}-${TC_VERSION}-${BUILD_NUMBER}.x86_64.rpm"
        RPM_TARGET_OS="${RPM_TARGET_OS:-linux}"
        TOMCAT_VERSION=8.5
-       TOMCAT_RELEASE=32
+       TOMCAT_RELEASE=57
        export PACKAGE TC_VERSION BUILD_NUMBER BUILD_LOCK WORKSPACE RPMBUILD 
DIST RPM RPM_TARGET_OS TOMCAT_VERSION TOMCAT_RELEASE
 
        echo "=================================================="
diff --git a/traffic_router/connector/pom.xml b/traffic_router/connector/pom.xml
index e58695e..3637e94 100644
--- a/traffic_router/connector/pom.xml
+++ b/traffic_router/connector/pom.xml
@@ -85,13 +85,13 @@
                <dependency>
                        <groupId>org.apache.tomcat</groupId>
                        <artifactId>tomcat-coyote</artifactId>
-                       <version>8.5.32</version>
+                       <version>8.5.57</version>
                        <scope>provided</scope>
                </dependency>
                <dependency>
                        <groupId>org.apache.tomcat</groupId>
                        <artifactId>tomcat-catalina</artifactId>
-                       <version>8.5.32</version>
+                       <version>8.5.57</version>
                        <scope>provided</scope>
                </dependency>
                <dependency>
diff --git 
a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterNioEndpoint.java
 
b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterNioEndpoint.java
index 810027d..28147af 100644
--- 
a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterNioEndpoint.java
+++ 
b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterNioEndpoint.java
@@ -68,9 +68,8 @@ public class RouterNioEndpoint extends NioEndpoint {
                        
sslHostConfig.setHostName(sslHostsData.get(alias).getHostname());
                        cert.setCertificateKeyAlias(alias);
                        sslHostConfig.addCertificate(cert);
-                       sslHostConfig.setCertificateKeyAlias(alias);
                        sslHostConfig.setProtocols(protocols != null ? 
protocols : "all");
-                       sslHostConfig.setConfigType(getSslConfigType());
+                       
sslHostConfig.setSslProtocol(sslHostConfig.getSslProtocol());
                        sslHostConfig.setCertificateVerification("none");
                        LOGGER.info("sslHostConfig: 
"+sslHostConfig.getHostName() + " " + sslHostConfig.getTruststoreAlgorithm());
 
@@ -106,7 +105,7 @@ public class RouterNioEndpoint extends NioEndpoint {
                        try{
                                final HandshakeData data = cr.get(alias);
                                final SSLHostConfig sslHostConfig = 
sslHostConfigs.get(data.getHostname());
-                               sslHostConfig.setConfigType(getSslConfigType());
+                               
sslHostConfig.setSslProtocol(sslHostConfig.getSslProtocol());
                                createSSLContext(sslHostConfig);
                        }
                        catch (Exception rfubar) {
diff --git 
a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslUtil.java
 
b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslUtil.java
index 2fec42d..3c66733 100644
--- 
a/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslUtil.java
+++ 
b/traffic_router/connector/src/main/java/com/comcast/cdn/traffic_control/traffic_router/protocol/RouterSslUtil.java
@@ -56,12 +56,19 @@ public class RouterSslUtil extends SSLUtilBase {
 
     @Override
     @SuppressWarnings({"PMD.SignatureDeclareThrowsException"})
-    public SSLContext createSSLContext(final List<String> negotiableProtocols) 
throws Exception {
+    public SSLContext createSSLContextInternal(final List<String> 
negotiableProtocols) throws Exception {
         return new OpenSSLContext(certificate, negotiableProtocols);
     }
 
     @Override
     @SuppressWarnings({"PMD.SignatureDeclareThrowsException"})
+    public boolean isTls13RenegAuthAvailable() {
+        // As per the Tomcat 8.5.57 source, this should be false for JSSE, and 
true for openSSL implementations.
+        return true;
+    }
+
+    @Override
+    @SuppressWarnings({"PMD.SignatureDeclareThrowsException"})
     public javax.net.ssl.KeyManager[] getKeyManagers() throws Exception {
         return new javax.net.ssl.KeyManager[] { new 
com.comcast.cdn.traffic_control.traffic_router.secure.KeyManager() };
     }
diff --git a/traffic_router/core/pom.xml b/traffic_router/core/pom.xml
index 781b416..bda1813 100644
--- a/traffic_router/core/pom.xml
+++ b/traffic_router/core/pom.xml
@@ -341,19 +341,19 @@
                <dependency>
                        <groupId>org.apache.tomcat</groupId>
                        <artifactId>tomcat-catalina</artifactId>
-                       <version>8.5.32</version>
+                       <version>8.5.57</version>
                        <scope>provided</scope>
                </dependency>
                <dependency>
                        <groupId>org.apache.tomcat</groupId>
                        <artifactId>tomcat-coyote</artifactId>
-                       <version>8.5.32</version>
+                       <version>8.5.57</version>
                        <scope>provided</scope>
                </dependency>
                <dependency>
                        <groupId>org.apache.tomcat</groupId>
                        <artifactId>tomcat-jni</artifactId>
-                       <version>8.5.32</version>
+                       <version>8.5.57</version>
                        <scope>provided</scope>
                </dependency>
                <dependency>

Reply via email to