[tomcat] 01/02: Simplify configuration style checks

Thu, 28 Feb 2019 13:38:56 -0800 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit de5854d4af75aed5ae5cf737f89303bddbb85b16
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Feb 28 20:28:19 2019 +0000

    Simplify configuration style checks
    
    Now all TLS capable connectors support both JSSE and OpenSSL
    configuration styles, the code that checks for a compatible
    configuration style can be a lot simpler.
---
 .../apache/tomcat/util/net/AbstractEndpoint.java   |  3 --
 .../tomcat/util/net/AbstractJsseEndpoint.java      | 13 --------
 java/org/apache/tomcat/util/net/AprEndpoint.java   |  8 -----
 java/org/apache/tomcat/util/net/SSLHostConfig.java | 37 ++--------------------
 4 files changed, 2 insertions(+), 59 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
index fd8ee01..603bb47 100644
--- a/java/org/apache/tomcat/util/net/AbstractEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractEndpoint.java
@@ -241,7 +241,6 @@ public abstract class AbstractEndpoint<S> {
         }
         if (bindState != BindState.UNBOUND && bindState != 
BindState.SOCKET_CLOSED_ON_STOP &&
                 isSSLEnabled()) {
-            sslHostConfig.setConfigType(getSslConfigType());
             try {
                 createSSLContext(sslHostConfig);
             } catch (Exception e) {
@@ -320,8 +319,6 @@ public abstract class AbstractEndpoint<S> {
         return sslHostConfigs.values().toArray(new SSLHostConfig[0]);
     }
 
-    protected abstract SSLHostConfig.Type getSslConfigType();
-
     /**
      * Create the SSLContextfor the the given SSLHostConfig.
      *
diff --git a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java 
b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
index 431c8dd..5f95cfa 100644
--- a/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
@@ -29,7 +29,6 @@ import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLParameters;
 
 import org.apache.tomcat.util.compat.JreCompat;
-import org.apache.tomcat.util.net.SSLHostConfig.Type;
 import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
 import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
 
@@ -65,23 +64,11 @@ public abstract class AbstractJsseEndpoint<S> extends 
AbstractEndpoint<S> {
     }
 
 
-
-    @Override
-    protected Type getSslConfigType() {
-        if 
(OpenSSLImplementation.class.getName().equals(sslImplementationName)) {
-            return SSLHostConfig.Type.EITHER;
-        } else {
-            return SSLHostConfig.Type.JSSE;
-        }
-    }
-
-
     protected void initialiseSsl() throws Exception {
         if (isSSLEnabled()) {
             sslImplementation = 
SSLImplementation.getInstance(getSslImplementationName());
 
             for (SSLHostConfig sslHostConfig : sslHostConfigs.values()) {
-                sslHostConfig.setConfigType(getSslConfigType());
                 createSSLContext(sslHostConfig);
             }
 
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java 
b/java/org/apache/tomcat/util/net/AprEndpoint.java
index e78eb44..470cf46 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -55,7 +55,6 @@ import org.apache.tomcat.util.buf.ByteBufferUtils;
 import org.apache.tomcat.util.collections.SynchronizedStack;
 import org.apache.tomcat.util.net.AbstractEndpoint.Acceptor.AcceptorState;
 import org.apache.tomcat.util.net.AbstractEndpoint.Handler.SocketState;
-import org.apache.tomcat.util.net.SSLHostConfig.Type;
 import org.apache.tomcat.util.net.openssl.OpenSSLContext;
 import org.apache.tomcat.util.net.openssl.OpenSSLUtil;
 
@@ -192,12 +191,6 @@ public class AprEndpoint extends AbstractEndpoint<Long> 
implements SNICallBack {
 
 
     @Override
-    protected Type getSslConfigType() {
-        return SSLHostConfig.Type.EITHER;
-    }
-
-
-    @Override
     public InetSocketAddress getLocalAddress() throws IOException {
         long s = serverSock;
         if (s == 0) {
@@ -372,7 +365,6 @@ public class AprEndpoint extends AbstractEndpoint<Long> 
implements SNICallBack {
         // Initialize SSL if needed
         if (isSSLEnabled()) {
             for (SSLHostConfig sslHostConfig : sslHostConfigs.values()) {
-                sslHostConfig.setConfigType(getSslConfigType());
                 createSSLContext(sslHostConfig);
             }
             SSLHostConfig defaultSSLHostConfig = 
sslHostConfigs.get(getDefaultSSLHostConfigName());
diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java 
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index f25cca1..eba04ab 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -22,11 +22,9 @@ import java.io.IOException;
 import java.io.Serializable;
 import java.security.KeyStore;
 import java.security.UnrecoverableKeyException;
-import java.util.HashMap;
 import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 
 import javax.management.ObjectName;
@@ -68,8 +66,6 @@ public class SSLHostConfig implements Serializable {
     }
 
     private Type configType = null;
-    private Type currentConfigType = null;
-    private Map<Type,Set<String>> configuredProperties = new HashMap<>();
 
     private String hostName = DEFAULT_SSL_HOST_NAME;
 
@@ -155,39 +151,11 @@ public class SSLHostConfig implements Serializable {
     public String getConfigType() {
         return configType.name();
     }
-    public void setConfigType(Type configType) {
-        this.configType = configType;
-        if (configType == Type.EITHER) {
-            if (configuredProperties.remove(Type.JSSE) == null) {
-                configuredProperties.remove(Type.OPENSSL);
-            }
-        } else {
-            configuredProperties.remove(configType);
-        }
-        for (Map.Entry<Type,Set<String>> entry : 
configuredProperties.entrySet()) {
-            for (String property : entry.getValue()) {
-                log.warn(sm.getString("sslHostConfig.mismatch",
-                        property, getHostName(), entry.getKey(), configType));
-            }
-        }
-    }
 
 
     void setProperty(String name, Type configType) {
         if (this.configType == null) {
-            Set<String> properties = configuredProperties.get(configType);
-            if (properties == null) {
-                properties = new HashSet<>();
-                configuredProperties.put(configType, properties);
-            }
-            properties.add(name);
-        } else if (this.configType == Type.EITHER) {
-            if (currentConfigType == null) {
-                currentConfigType = configType;
-            } else if (currentConfigType != configType) {
-                log.warn(sm.getString("sslHostConfig.mismatch",
-                        name, getHostName(), configType, currentConfigType));
-            }
+            this.configType = configType;
         } else {
             if (configType != this.configType) {
                 log.warn(sm.getString("sslHostConfig.mismatch",
@@ -883,8 +851,7 @@ public class SSLHostConfig implements Serializable {
 
     public enum Type {
         JSSE,
-        OPENSSL,
-        EITHER
+        OPENSSL
     }
 
 


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to