This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.0.x by this push: new 3c4a8f3 Refactor JNI out of bean classes 3c4a8f3 is described below commit 3c4a8f3fbb8d7ecee516de53365884b20395b280 Author: remm <r...@apache.org> AuthorDate: Wed Oct 6 16:59:59 2021 +0200 Refactor JNI out of bean classes They are used in SSLHostConfig, so this ties everything to the JNI code. --- .../tomcat/util/net/openssl/OpenSSLConf.java | 91 ---------------------- .../tomcat/util/net/openssl/OpenSSLContext.java | 88 ++++++++++++++++++++- 2 files changed, 86 insertions(+), 93 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLConf.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLConf.java index 8ab720c..f234e03 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLConf.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLConf.java @@ -20,18 +20,10 @@ import java.io.Serializable; import java.util.ArrayList; import java.util.List; -import org.apache.juli.logging.Log; -import org.apache.juli.logging.LogFactory; -import org.apache.tomcat.jni.SSLConf; -import org.apache.tomcat.util.res.StringManager; - public class OpenSSLConf implements Serializable { private static final long serialVersionUID = 1L; - private static final Log log = LogFactory.getLog(OpenSSLConf.class); - private static final StringManager sm = StringManager.getManager(OpenSSLConf.class); - private final List<OpenSSLConfCmd> commands = new ArrayList<>(); public void addCmd(OpenSSLConfCmd cmd) { @@ -42,87 +34,4 @@ public class OpenSSLConf implements Serializable { return commands; } - public boolean check(long cctx) throws Exception { - boolean result = true; - OpenSSLConfCmd cmd; - String name; - String value; - int rc; - for (OpenSSLConfCmd command : commands) { - cmd = command; - name = cmd.getName(); - value = cmd.getValue(); - if (name == null) { - log.error(sm.getString("opensslconf.noCommandName", value)); - result = false; - continue; - } - if (log.isDebugEnabled()) { - log.debug(sm.getString("opensslconf.checkCommand", name, value)); - } - try { - rc = SSLConf.check(cctx, name, value); - } catch (Exception e) { - log.error(sm.getString("opensslconf.checkFailed")); - return false; - } - if (rc <= 0) { - log.error(sm.getString("opensslconf.failedCommand", name, value, - Integer.toString(rc))); - result = false; - } else if (log.isDebugEnabled()) { - log.debug(sm.getString("opensslconf.resultCommand", name, value, - Integer.toString(rc))); - } - } - if (!result) { - log.error(sm.getString("opensslconf.checkFailed")); - } - return result; - } - - public boolean apply(long cctx, long ctx) throws Exception { - boolean result = true; - SSLConf.assign(cctx, ctx); - OpenSSLConfCmd cmd; - String name; - String value; - int rc; - for (OpenSSLConfCmd command : commands) { - cmd = command; - name = cmd.getName(); - value = cmd.getValue(); - if (name == null) { - log.error(sm.getString("opensslconf.noCommandName", value)); - result = false; - continue; - } - if (log.isDebugEnabled()) { - log.debug(sm.getString("opensslconf.applyCommand", name, value)); - } - try { - rc = SSLConf.apply(cctx, name, value); - } catch (Exception e) { - log.error(sm.getString("opensslconf.applyFailed")); - return false; - } - if (rc <= 0) { - log.error(sm.getString("opensslconf.failedCommand", name, value, - Integer.toString(rc))); - result = false; - } else if (log.isDebugEnabled()) { - log.debug(sm.getString("opensslconf.resultCommand", name, value, - Integer.toString(rc))); - } - } - rc = SSLConf.finish(cctx); - if (rc <= 0) { - log.error(sm.getString("opensslconf.finishFailed", Integer.toString(rc))); - result = false; - } - if (!result) { - log.error(sm.getString("opensslconf.applyFailed")); - } - return result; - } } diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java index 7e6d198..8040731 100644 --- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java @@ -196,6 +196,90 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { } } + protected static boolean checkConf(OpenSSLConf conf, long cctx) throws Exception { + boolean result = true; + OpenSSLConfCmd cmd; + String name; + String value; + int rc; + for (OpenSSLConfCmd command : conf.getCommands()) { + cmd = command; + name = cmd.getName(); + value = cmd.getValue(); + if (name == null) { + log.error(sm.getString("opensslconf.noCommandName", value)); + result = false; + continue; + } + if (log.isDebugEnabled()) { + log.debug(sm.getString("opensslconf.checkCommand", name, value)); + } + try { + rc = SSLConf.check(cctx, name, value); + } catch (Exception e) { + log.error(sm.getString("opensslconf.checkFailed")); + return false; + } + if (rc <= 0) { + log.error(sm.getString("opensslconf.failedCommand", name, value, + Integer.toString(rc))); + result = false; + } else if (log.isDebugEnabled()) { + log.debug(sm.getString("opensslconf.resultCommand", name, value, + Integer.toString(rc))); + } + } + if (!result) { + log.error(sm.getString("opensslconf.checkFailed")); + } + return result; + } + + protected static boolean applyConf(OpenSSLConf conf, long cctx, long ctx) throws Exception { + boolean result = true; + SSLConf.assign(cctx, ctx); + OpenSSLConfCmd cmd; + String name; + String value; + int rc; + for (OpenSSLConfCmd command : conf.getCommands()) { + cmd = command; + name = cmd.getName(); + value = cmd.getValue(); + if (name == null) { + log.error(sm.getString("opensslconf.noCommandName", value)); + result = false; + continue; + } + if (log.isDebugEnabled()) { + log.debug(sm.getString("opensslconf.applyCommand", name, value)); + } + try { + rc = SSLConf.apply(cctx, name, value); + } catch (Exception e) { + log.error(sm.getString("opensslconf.applyFailed")); + return false; + } + if (rc <= 0) { + log.error(sm.getString("opensslconf.failedCommand", name, value, + Integer.toString(rc))); + result = false; + } else if (log.isDebugEnabled()) { + log.debug(sm.getString("opensslconf.resultCommand", name, value, + Integer.toString(rc))); + } + } + rc = SSLConf.finish(cctx); + if (rc <= 0) { + log.error(sm.getString("opensslconf.finishFailed", Integer.toString(rc))); + result = false; + } + if (!result) { + log.error(sm.getString("opensslconf.applyFailed")); + } + return result; + } + /** * Setup the SSL_CTX. * @@ -316,7 +400,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { log.debug(sm.getString("openssl.checkConf")); } try { - if (!openSslConf.check(cctx)) { + if (!checkConf(openSslConf, cctx)) { log.error(sm.getString("openssl.errCheckConf")); throw new Exception(sm.getString("openssl.errCheckConf")); } @@ -327,7 +411,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { log.debug(sm.getString("openssl.applyConf")); } try { - if (!openSslConf.apply(cctx, ctx)) { + if (!applyConf(openSslConf, cctx, ctx)) { log.error(sm.getString("openssl.errApplyConf")); throw new SSLException(sm.getString("openssl.errApplyConf")); } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org