This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 48522c8e08 Improve groups handling and log unknown groups
48522c8e08 is described below
commit 48522c8e082a8583200f6b3e3e6604a0ddb6d452
Author: remm <[email protected]>
AuthorDate: Fri Feb 20 16:31:27 2026 +0100
Improve groups handling and log unknown groups
---
.../apache/tomcat/util/net/LocalStrings.properties | 1 +
java/org/apache/tomcat/util/net/SSLHostConfig.java | 32 ++++++++++++----------
2 files changed, 19 insertions(+), 14 deletions(-)
diff --git a/java/org/apache/tomcat/util/net/LocalStrings.properties
b/java/org/apache/tomcat/util/net/LocalStrings.properties
index a07bfdd651..91e0908e48 100644
--- a/java/org/apache/tomcat/util/net/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/LocalStrings.properties
@@ -185,6 +185,7 @@ sslHostConfig.mismatch.trust=The trust configuration
property [{0}] was set on t
sslHostConfig.opensslconf.alreadyset=Attempt to set another OpenSSLConf ignored
sslHostConfig.opensslconf.null=Attempt to set null OpenSSLConf ignored
sslHostConfig.prefix_missing=The protocol [{0}] was added to the list of
protocols on the SSLHostConfig named [{1}]. Check if a +/- prefix is missing.
+sslHostConfig.unknownGroup=Unknown TLS group [{0}] was specified and will not
be enabled
sslHostConfigCertificate.mismatch=The property [{0}] was set on the
SSLHostConfigCertificate named [{1}] and is for certificate storage type [{2}]
but the certificate is being used with a storage of type [{3}]
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index 50c32f535c..8a39a6ecb8 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -754,19 +754,11 @@ public class SSLHostConfig implements Serializable {
/**
* Set the enabled named groups.
- * @param groupsString the case sensitive comma separated list of groups
+ * @param groups the case sensitive comma separated list of groups
*/
- public void setGroups(String groupsString) {
- if (groupsString != null) {
- LinkedHashSet<Group> groupList = new LinkedHashSet<>();
- String[] groupNames = groupsString.split(",");
- for (String groupName : groupNames) {
- Group group = Group.valueOf(groupName.trim());
- groupList.add(group);
- }
- this.groups = groupsString;
- this.groupList = groupList;
- }
+ public void setGroups(String groups) {
+ this.groups = groups;
+ this.groupList = null;
}
@@ -775,8 +767,20 @@ public class SSLHostConfig implements Serializable {
*/
public LinkedHashSet<Group> getGroupList() {
if (groupList == null) {
- // Initialize groups list with the default value
- setGroups(this.groups);
+ String groups = this.groups;
+ if (groups != null) {
+ LinkedHashSet<Group> groupList = new LinkedHashSet<>();
+ String[] groupNames = groups.split(",");
+ for (String groupName : groupNames) {
+ try {
+ Group group = Group.valueOf(groupName.trim());
+ groupList.add(group);
+ } catch (IllegalArgumentException e) {
+ log.warn(sm.getString("sslHostConfig.unknownGroup",
groupName));
+ }
+ }
+ this.groupList = groupList;
+ }
}
return this.groupList;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
