Author: markt
Date: Wed Sep 12 18:49:31 2018
New Revision: 1840737
URL: http://svn.apache.org/viewvc?rev=1840737&view=rev
Log:
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=62712
Correct NPE in Manager application when attempting to view configured
certificates for an APR/native TLS connector.
Modified:
tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1840737&r1=1840736&r2=1840737&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Wed Sep
12 18:49:31 2018
@@ -1806,25 +1806,33 @@ public class ManagerServlet extends Http
if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
SSLHostConfig[] sslHostConfigs =
connector.getProtocolHandler().findSslHostConfigs();
for (SSLHostConfig sslHostConfig : sslHostConfigs) {
- Set<SSLHostConfigCertificate> sslHostConfigCerts =
- sslHostConfig.getCertificates();
- for (SSLHostConfigCertificate sslHostConfigCert :
sslHostConfigCerts) {
- String name = connector.toString() + "-" +
sslHostConfig.getHostName() +
- "-" + sslHostConfigCert.getType();
- List<String> certList = new ArrayList<>();
- SSLContext sslContext =
sslHostConfigCert.getSslContext();
- String alias =
sslHostConfigCert.getCertificateKeyAlias();
- if (alias == null) {
- alias = "tomcat";
- }
- X509Certificate[] certs =
sslContext.getCertificateChain(alias);
- if (certs == null) {
-
certList.add(sm.getString("managerServlet.certsNotAvailable"));
- } else {
- for (Certificate cert : certs) {
- certList.add(cert.toString());
+ if (sslHostConfig.getOpenSslContext().longValue() == 0) {
+ // Not set. Must be JSSE based.
+ Set<SSLHostConfigCertificate> sslHostConfigCerts =
+ sslHostConfig.getCertificates();
+ for (SSLHostConfigCertificate sslHostConfigCert :
sslHostConfigCerts) {
+ String name = connector.toString() + "-" +
sslHostConfig.getHostName() +
+ "-" + sslHostConfigCert.getType();
+ List<String> certList = new ArrayList<>();
+ SSLContext sslContext =
sslHostConfigCert.getSslContext();
+ String alias =
sslHostConfigCert.getCertificateKeyAlias();
+ if (alias == null) {
+ alias = "tomcat";
}
+ X509Certificate[] certs =
sslContext.getCertificateChain(alias);
+ if (certs == null) {
+
certList.add(sm.getString("managerServlet.certsNotAvailable"));
+ } else {
+ for (Certificate cert : certs) {
+ certList.add(cert.toString());
+ }
+ }
+ result.put(name, certList);
}
+ } else {
+ List<String> certList = new ArrayList<>();
+
certList.add(sm.getString("managerServlet.certsNotAvailable"));
+ String name = connector.toString() + "-" +
sslHostConfig.getHostName();
result.put(name, certList);
}
}
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1840737&r1=1840736&r2=1840737&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Sep 12 18:49:31 2018
@@ -70,6 +70,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Web applications">
+ <changelog>
+ <fix>
+ <bug>62712</bug>: Correct NPE in Manager application when attempting to
+ view configured certificates for an APR/native TLS connector. (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Other">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
