[tomcat] branch main updated: Remove usages of classes in the deprecated-for-removal package javax.security.cert.

markt Tue, 11 Apr 2023 05:42:19 -0700

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git



The following commit(s) were added to refs/heads/main by this push:
     new 58c3b5da1d Remove usages of classes in the deprecated-for-removal 
package javax.security.cert.
58c3b5da1d is described below

commit 58c3b5da1dab993fd0fbf530ccfd82147a3dc229
Author: Eirik Bjorsnos <[email protected]>
AuthorDate: Tue Apr 11 13:42:40 2023 +0200

    Remove usages of classes in the deprecated-for-removal package 
javax.security.cert.
---
 .../tomcat/util/net/openssl/OpenSSLEngine.java     | 34 ----------------------
 .../util/net/openssl/panama/OpenSSLEngine.java     | 34 ----------------------
 .../util/net/openssl/panama/OpenSSLEngine.java     | 34 ----------------------
 3 files changed, 102 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java 
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 39ee3f9130..1c38eebe0b 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -151,8 +151,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
     private volatile String applicationProtocol;
 
     private volatile Certificate[] peerCerts;
-    @Deprecated
-    private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
     private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
 
     // SSL Engine status variables
@@ -947,7 +945,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
         }
         handshakeFinished = false;
         peerCerts = null;
-        x509PeerCerts = null;
         currentHandshake = SSL.getHandshakeCount(state.ssl);
         int code2 = SSL.doHandshake(state.ssl);
         if (code2 <= 0) {
@@ -1327,37 +1324,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
             return EMPTY_CERTIFICATES;
         }
 
-        @Deprecated
-        @Override
-        public javax.security.cert.X509Certificate[] getPeerCertificateChain()
-                throws SSLPeerUnverifiedException {
-            // these are lazy created to reduce memory overhead
-            javax.security.cert.X509Certificate[] c = x509PeerCerts;
-            if (c == null) {
-                byte[][] chain;
-                synchronized (OpenSSLEngine.this) {
-                    if (destroyed || SSL.isInInit(state.ssl) != 0) {
-                        throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                    }
-                    chain = SSL.getPeerCertChain(state.ssl);
-                }
-                if (chain == null) {
-                    throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                }
-                javax.security.cert.X509Certificate[] peerCerts =
-                        new javax.security.cert.X509Certificate[chain.length];
-                for (int i = 0; i < peerCerts.length; i++) {
-                    try {
-                        peerCerts[i] = 
javax.security.cert.X509Certificate.getInstance(chain[i]);
-                    } catch (javax.security.cert.CertificateException e) {
-                        throw new IllegalStateException(e);
-                    }
-                }
-                c = x509PeerCerts = peerCerts;
-            }
-            return c;
-        }
-
         @Override
         public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
             Certificate[] peer = getPeerCertificates();
diff --git 
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
 
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index c3755f0d40..1645f8f0b4 100644
--- 
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ 
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -203,8 +203,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
     private volatile String applicationProtocol;
 
     private volatile Certificate[] peerCerts;
-    @Deprecated
-    private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
     private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
 
     // SSL Engine status variables
@@ -1006,7 +1004,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
         }
         handshakeFinished = false;
         peerCerts = null;
-        x509PeerCerts = null;
         currentHandshake = state.handshakeCount;
         int code2 = SSL_do_handshake(state.ssl);
         if (code2 <= 0) {
@@ -1673,37 +1670,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
             return EMPTY_CERTIFICATES;
         }
 
-        @Deprecated
-        @Override
-        public javax.security.cert.X509Certificate[] getPeerCertificateChain()
-                throws SSLPeerUnverifiedException {
-            // these are lazy created to reduce memory overhead
-            javax.security.cert.X509Certificate[] c = x509PeerCerts;
-            if (c == null) {
-                byte[][] chain;
-                synchronized (OpenSSLEngine.this) {
-                    if (destroyed || SSL_in_init(state.ssl) != 0) {
-                        throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                    }
-                    chain = getPeerCertChain();
-                }
-                if (chain == null) {
-                    throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                }
-                javax.security.cert.X509Certificate[] peerCerts =
-                        new javax.security.cert.X509Certificate[chain.length];
-                for (int i = 0; i < peerCerts.length; i++) {
-                    try {
-                        peerCerts[i] = 
javax.security.cert.X509Certificate.getInstance(chain[i]);
-                    } catch (javax.security.cert.CertificateException e) {
-                        throw new IllegalStateException(e);
-                    }
-                }
-                c = x509PeerCerts = peerCerts;
-            }
-            return c;
-        }
-
         @Override
         public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
             Certificate[] peer = getPeerCertificates();
diff --git 
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
 
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 6691a14835..8880c73efc 100644
--- 
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++ 
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -201,8 +201,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
     private volatile String applicationProtocol;
 
     private volatile Certificate[] peerCerts;
-    @Deprecated
-    private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
     private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
 
     // SSL Engine status variables
@@ -1063,7 +1061,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
         }
         handshakeFinished = false;
         peerCerts = null;
-        x509PeerCerts = null;
         currentHandshake = state.handshakeCount;
         int code2 = SSL_do_handshake(state.ssl);
         if (code2 <= 0) {
@@ -1728,37 +1725,6 @@ public final class OpenSSLEngine extends SSLEngine 
implements SSLUtil.ProtocolIn
             return EMPTY_CERTIFICATES;
         }
 
-        @Deprecated
-        @Override
-        public javax.security.cert.X509Certificate[] getPeerCertificateChain()
-                throws SSLPeerUnverifiedException {
-            // these are lazy created to reduce memory overhead
-            javax.security.cert.X509Certificate[] c = x509PeerCerts;
-            if (c == null) {
-                byte[][] chain;
-                synchronized (OpenSSLEngine.this) {
-                    if (destroyed || SSL_in_init(state.ssl) != 0) {
-                        throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                    }
-                    chain = getPeerCertChain();
-                }
-                if (chain == null) {
-                    throw new 
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
-                }
-                javax.security.cert.X509Certificate[] peerCerts =
-                        new javax.security.cert.X509Certificate[chain.length];
-                for (int i = 0; i < peerCerts.length; i++) {
-                    try {
-                        peerCerts[i] = 
javax.security.cert.X509Certificate.getInstance(chain[i]);
-                    } catch (javax.security.cert.CertificateException e) {
-                        throw new IllegalStateException(e);
-                    }
-                }
-                c = x509PeerCerts = peerCerts;
-            }
-            return c;
-        }
-
         @Override
         public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
             Certificate[] peer = getPeerCertificates();


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[tomcat] branch main updated: Remove usages of classes in the deprecated-for-removal package javax.security.cert.

Reply via email to