Am 02.11.2015 um 18:26 schrieb Emmanuel Bourg:
Le 02/11/2015 18:11, Emmanuel Bourg a écrit :
src/ssl.c: In function 'Java_org_apache_tomcat_jni_SSL_setVerify':
src/ssl.c:1557:16: error: 'ctx' undeclared (first use in this function)
TCN_ASSERT(ctx != 0);
I applied this patch to fix the error, is this correct?
--- a/native/src/ssl.c
+++ b/native/src/ssl.c
@@ -1554,7 +1554,7 @@
verify = SSL_VERIFY_NONE;
UNREFERENCED(o);
- TCN_ASSERT(ctx != 0);
+ TCN_ASSERT(c->ctx != 0);
c->verify_mode = level;
if (c->verify_mode == SSL_CVERIFY_UNSET)
The problem happens, because you do a DEBUG build, maybe using
--enable-maintainer-mode for configure. In normal build the TCN_ASSERT
will be removed automatically.
The wrong ASSERT is in the file from the first commit of the setVerify()
function. I'd say instead one would like to check c for not being NULL.
A TCN_ASSERT() could be used for TCN_ASSERT(ssl != 0), but the function
already does "SSL *ssl_ = J2P(ssl, SSL *);" and directly next checks for
"ssl_ == NULL" and throws an exception if that is the case. So ssl_
should be safe. The next step is "c = SSL_get_app_data2(ssl_);" and then
using the pointer c. So as a safety check, one could check against c
being NULL and throw an exception if it is.
So something like
@@ -1554,7 +1554,11 @@
verify = SSL_VERIFY_NONE;
UNREFERENCED(o);
- TCN_ASSERT(ctx != 0);
+
+ if (c == NULL) {
+ tcn_ThrowException(e, "context is null");
+ return;
+ }
c->verify_mode = level;
if (c->verify_mode == SSL_CVERIFY_UNSET)
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org