This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 58c3b5da1d Remove usages of classes in the deprecated-for-removal
package javax.security.cert.
58c3b5da1d is described below
commit 58c3b5da1dab993fd0fbf530ccfd82147a3dc229
Author: Eirik Bjorsnos <eir...@gmail.com>
AuthorDate: Tue Apr 11 13:42:40 2023 +0200
Remove usages of classes in the deprecated-for-removal package
javax.security.cert.
---
.../tomcat/util/net/openssl/OpenSSLEngine.java | 34 ----------------------
.../util/net/openssl/panama/OpenSSLEngine.java | 34 ----------------------
.../util/net/openssl/panama/OpenSSLEngine.java | 34 ----------------------
3 files changed, 102 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
index 39ee3f9130..1c38eebe0b 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
@@ -151,8 +151,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private volatile String applicationProtocol;
private volatile Certificate[] peerCerts;
- @Deprecated
- private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
// SSL Engine status variables
@@ -947,7 +945,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
handshakeFinished = false;
peerCerts = null;
- x509PeerCerts = null;
currentHandshake = SSL.getHandshakeCount(state.ssl);
int code2 = SSL.doHandshake(state.ssl);
if (code2 <= 0) {
@@ -1327,37 +1324,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
return EMPTY_CERTIFICATES;
}
- @Deprecated
- @Override
- public javax.security.cert.X509Certificate[] getPeerCertificateChain()
- throws SSLPeerUnverifiedException {
- // these are lazy created to reduce memory overhead
- javax.security.cert.X509Certificate[] c = x509PeerCerts;
- if (c == null) {
- byte[][] chain;
- synchronized (OpenSSLEngine.this) {
- if (destroyed || SSL.isInInit(state.ssl) != 0) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- chain = SSL.getPeerCertChain(state.ssl);
- }
- if (chain == null) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- javax.security.cert.X509Certificate[] peerCerts =
- new javax.security.cert.X509Certificate[chain.length];
- for (int i = 0; i < peerCerts.length; i++) {
- try {
- peerCerts[i] =
javax.security.cert.X509Certificate.getInstance(chain[i]);
- } catch (javax.security.cert.CertificateException e) {
- throw new IllegalStateException(e);
- }
- }
- c = x509PeerCerts = peerCerts;
- }
- return c;
- }
-
@Override
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
Certificate[] peer = getPeerCertificates();
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index c3755f0d40..1645f8f0b4 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -203,8 +203,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private volatile String applicationProtocol;
private volatile Certificate[] peerCerts;
- @Deprecated
- private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
// SSL Engine status variables
@@ -1006,7 +1004,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
handshakeFinished = false;
peerCerts = null;
- x509PeerCerts = null;
currentHandshake = state.handshakeCount;
int code2 = SSL_do_handshake(state.ssl);
if (code2 <= 0) {
@@ -1673,37 +1670,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
return EMPTY_CERTIFICATES;
}
- @Deprecated
- @Override
- public javax.security.cert.X509Certificate[] getPeerCertificateChain()
- throws SSLPeerUnverifiedException {
- // these are lazy created to reduce memory overhead
- javax.security.cert.X509Certificate[] c = x509PeerCerts;
- if (c == null) {
- byte[][] chain;
- synchronized (OpenSSLEngine.this) {
- if (destroyed || SSL_in_init(state.ssl) != 0) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- chain = getPeerCertChain();
- }
- if (chain == null) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- javax.security.cert.X509Certificate[] peerCerts =
- new javax.security.cert.X509Certificate[chain.length];
- for (int i = 0; i < peerCerts.length; i++) {
- try {
- peerCerts[i] =
javax.security.cert.X509Certificate.getInstance(chain[i]);
- } catch (javax.security.cert.CertificateException e) {
- throw new IllegalStateException(e);
- }
- }
- c = x509PeerCerts = peerCerts;
- }
- return c;
- }
-
@Override
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
Certificate[] peer = getPeerCertificates();
diff --git
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index 6691a14835..8880c73efc 100644
---
a/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-java17/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -201,8 +201,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private volatile String applicationProtocol;
private volatile Certificate[] peerCerts;
- @Deprecated
- private volatile javax.security.cert.X509Certificate[] x509PeerCerts;
private volatile ClientAuthMode clientAuth = ClientAuthMode.NONE;
// SSL Engine status variables
@@ -1063,7 +1061,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
}
handshakeFinished = false;
peerCerts = null;
- x509PeerCerts = null;
currentHandshake = state.handshakeCount;
int code2 = SSL_do_handshake(state.ssl);
if (code2 <= 0) {
@@ -1728,37 +1725,6 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
return EMPTY_CERTIFICATES;
}
- @Deprecated
- @Override
- public javax.security.cert.X509Certificate[] getPeerCertificateChain()
- throws SSLPeerUnverifiedException {
- // these are lazy created to reduce memory overhead
- javax.security.cert.X509Certificate[] c = x509PeerCerts;
- if (c == null) {
- byte[][] chain;
- synchronized (OpenSSLEngine.this) {
- if (destroyed || SSL_in_init(state.ssl) != 0) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- chain = getPeerCertChain();
- }
- if (chain == null) {
- throw new
SSLPeerUnverifiedException(sm.getString("engine.unverifiedPeer"));
- }
- javax.security.cert.X509Certificate[] peerCerts =
- new javax.security.cert.X509Certificate[chain.length];
- for (int i = 0; i < peerCerts.length; i++) {
- try {
- peerCerts[i] =
javax.security.cert.X509Certificate.getInstance(chain[i]);
- } catch (javax.security.cert.CertificateException e) {
- throw new IllegalStateException(e);
- }
- }
- c = x509PeerCerts = peerCerts;
- }
- return c;
- }
-
@Override
public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {
Certificate[] peer = getPeerCertificates();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
