Am 02.11.2015 um 18:26 schrieb Emmanuel Bourg:
Le 02/11/2015 18:11, Emmanuel Bourg a écrit :
   src/ssl.c: In function 'Java_org_apache_tomcat_jni_SSL_setVerify':
   src/ssl.c:1557:16: error: 'ctx' undeclared (first use in this function)
        TCN_ASSERT(ctx != 0);
I applied this patch to fix the error, is this correct?

--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1554,7 +1554,7 @@
      verify = SSL_VERIFY_NONE;

      UNREFERENCED(o);
-    TCN_ASSERT(ctx != 0);
+    TCN_ASSERT(c->ctx != 0);
      c->verify_mode = level;

      if (c->verify_mode == SSL_CVERIFY_UNSET)
The problem happens, because you do a DEBUG build, maybe using 
--enable-maintainer-mode for configure. In normal build the TCN_ASSERT 
will be removed automatically.
The wrong ASSERT is in the file from the first commit of the setVerify() 
function. I'd say instead one would like to check c for not being NULL.
A TCN_ASSERT() could be used for TCN_ASSERT(ssl != 0), but the function 
already does "SSL *ssl_ = J2P(ssl, SSL *);" and directly next checks for 
"ssl_ == NULL" and throws an exception if that is the case. So ssl_ 
should be safe. The next step is "c = SSL_get_app_data2(ssl_);" and then 
using the pointer c. So as a safety check, one could check against c 
being NULL and throw an exception if it is.
So something like

@@ -1554,7 +1554,11 @@
     verify = SSL_VERIFY_NONE;

     UNREFERENCED(o);
-    TCN_ASSERT(ctx != 0);
+
+    if (c == NULL) {
+        tcn_ThrowException(e, "context is null");
+        return;
+    }
     c->verify_mode = level;

     if (c->verify_mode == SSL_CVERIFY_UNSET)


Regards,

Rainer

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to