This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 5f2bf30d66 Allocate API changes
5f2bf30d66 is described below
commit 5f2bf30d66d041af1f149e16a14a88014cf629cb
Author: remm <[email protected]>
AuthorDate: Thu Jul 20 12:07:38 2023 +0200
Allocate API changes
---
.../util/net/openssl/panama/OpenSSLContext.java | 56 +++++++++++-----------
.../util/net/openssl/panama/OpenSSLEngine.java | 18 +++----
.../openssl/panama/OpenSSLLifecycleListener.java | 14 +++---
.../net/openssl/panama/OpenSSLSessionContext.java | 4 +-
.../apache/tomcat/util/openssl/constants$29.java | 2 +-
5 files changed, 47 insertions(+), 47 deletions(-)
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 4419bbfe8f..c95ae98595 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -223,7 +223,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
long errCode = ERR_get_error();
if (errCode != 0) {
try (var localArena = Arena.ofConfined()) {
- var buf =
localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
+ var buf =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
log.error(sm.getString("openssl.errorLoadingCertificate", buf.getString(0)));
}
@@ -405,11 +405,11 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if (name.equals("NO_OCSP_CHECK")) {
rc = 1;
} else {
- int code = SSL_CONF_cmd_value_type(state.confCtx,
localArena.allocateString(name));
+ int code = SSL_CONF_cmd_value_type(state.confCtx,
localArena.allocateFrom(name));
rc = 1;
long errCode = ERR_get_error();
if (errCode != 0) {
- var buf =
localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
+ var buf =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
log.error(sm.getString("opensslconf.checkFailed",
buf.getString(0)));
rc = 0;
@@ -481,11 +481,11 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
noOcspCheck = Boolean.valueOf(value);
rc = 1;
} else {
- rc = SSL_CONF_cmd(state.confCtx,
localArena.allocateString(name),
- localArena.allocateString(value));
+ rc = SSL_CONF_cmd(state.confCtx,
localArena.allocateFrom(name),
+ localArena.allocateFrom(value));
long errCode = ERR_get_error();
if (rc <= 0 || errCode != 0) {
- var buf =
localArena.allocateArray(ValueLayout.JAVA_BYTE, new byte[128]);
+ var buf =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(errCode, buf);
log.error(sm.getString("opensslconf.commandError",
name, value, buf.getString(0)));
rc = 0;
@@ -565,13 +565,13 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
// List the ciphers that the client is permitted to negotiate
if (minTlsVersion <= TLS1_2_VERSION()) {
if (SSL_CTX_set_cipher_list(state.sslCtx,
- localArena.allocateString(sslHostConfig.getCiphers()))
<= 0) {
+ localArena.allocateFrom(sslHostConfig.getCiphers()))
<= 0) {
log.warn(sm.getString("engine.failedCipherList",
sslHostConfig.getCiphers()));
}
}
if (maxTlsVersion >= TLS1_3_VERSION() &&
(sslHostConfig.getCiphers() != SSLHostConfig.DEFAULT_TLS_CIPHERS)) {
if (SSL_CTX_set_ciphersuites(state.sslCtx,
- localArena.allocateString(sslHostConfig.getCiphers()))
<= 0) {
+ localArena.allocateFrom(sslHostConfig.getCiphers()))
<= 0) {
log.warn(sm.getString("engine.failedCipherSuite",
sslHostConfig.getCiphers()));
}
}
@@ -627,8 +627,8 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
// an acceptable certificate
for (X509Certificate caCert :
state.x509TrustManager.getAcceptedIssuers()) {
//SSLContext.addClientCACertificateRaw(state.ctx,
caCert.getEncoded());
- var rawCACertificate =
localArena.allocateArray(ValueLayout.JAVA_BYTE, caCert.getEncoded());
- var rawCACertificatePointer =
localArena.allocate(ValueLayout.ADDRESS, rawCACertificate);
+ var rawCACertificate =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, caCert.getEncoded());
+ var rawCACertificatePointer =
localArena.allocateFrom(ValueLayout.ADDRESS, rawCACertificate);
var x509CACert = d2i_X509(MemorySegment.NULL,
rawCACertificatePointer, rawCACertificate.byteSize());
if (MemorySegment.NULL.equals(x509CACert)) {
logLastError(localArena,
"openssl.errorLoadingCertificate");
@@ -644,9 +644,9 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
//
SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()),
//
SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath()));
MemorySegment caCertificateFileNative =
sslHostConfig.getCaCertificateFile() != null
- ?
localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()))
: null;
+ ?
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificateFile()))
: null;
MemorySegment caCertificatePathNative =
sslHostConfig.getCaCertificatePath() != null
- ?
localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath()))
: null;
+ ?
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath()))
: null;
if ((sslHostConfig.getCaCertificateFile() != null ||
sslHostConfig.getCaCertificatePath() != null)
&& SSL_CTX_load_verify_locations(state.sslCtx,
caCertificateFileNative == null ?
MemorySegment.NULL : caCertificateFileNative,
@@ -843,7 +843,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
try (var localArena = Arena.ofConfined()) {
for (int i = 0; i < len; i++) {
MemorySegment/*(X509*)*/ x509 = OPENSSL_sk_value(sk, i);
- MemorySegment bufPointer =
localArena.allocate(ValueLayout.ADDRESS, MemorySegment.NULL);
+ MemorySegment bufPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
int length = i2d_X509(x509, bufPointer);
if (length < 0) {
certificateChain[i] = new byte[0];
@@ -959,7 +959,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
String callbackPassword = callbackPasswordTheadLocal.get();
if (callbackPassword != null && callbackPassword.length() > 0) {
try (var localArena = Arena.ofConfined()) {
- MemorySegment callbackPasswordNative =
localArena.allocateString(callbackPassword);
+ MemorySegment callbackPasswordNative =
localArena.allocateFrom(callbackPassword);
if (callbackPasswordNative.byteSize() > bufsiz) {
// The password is too long
log.error(sm.getString("openssl.passwordTooLong"));
@@ -983,9 +983,9 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
//
SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()),
//
SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()),
// certificate.getCertificateKeyPassword(),
getCertificateIndex(certificate));
- var certificateFileNative =
localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()));
+ var certificateFileNative =
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(certificate.getCertificateFile()));
var certificateKeyFileNative =
(certificate.getCertificateKeyFile() == null) ? certificateFileNative
- :
localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()));
+ :
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(certificate.getCertificateKeyFile()));
MemorySegment bio;
MemorySegment cert = MemorySegment.NULL;
MemorySegment key = MemorySegment.NULL;
@@ -1009,7 +1009,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
int passwordLength = 0;
String callbackPassword =
certificate.getCertificateKeyPassword();
if (callbackPassword != null && callbackPassword.length() > 0)
{
- passwordAddress =
localArena.allocateString(callbackPassword);
+ passwordAddress =
localArena.allocateFrom(callbackPassword);
passwordLength = (int) (passwordAddress.byteSize() - 1);
}
if (PKCS12_verify_mac(p12, passwordAddress, passwordLength) <=
0) {
@@ -1112,7 +1112,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
}
// Try to read DH parameters from the (first) SSLCertificateFile
if (index == SSL_AIDX_RSA) {
- bio = BIO_new_file(certificateFileNative,
localArena.allocateString("r"));
+ bio = BIO_new_file(certificateFileNative,
localArena.allocateFrom("r"));
var dh = PEM_read_bio_DHparams(bio, MemorySegment.NULL,
MemorySegment.NULL, MemorySegment.NULL);
BIO_free(bio);
// # define SSL_CTX_set_tmp_dh(sslCtx,dh) \
@@ -1123,7 +1123,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
}
}
// Similarly, try to read the ECDH curve name from
SSLCertificateFile...
- bio = BIO_new_file(certificateFileNative,
localArena.allocateString("r"));
+ bio = BIO_new_file(certificateFileNative,
localArena.allocateFrom("r"));
var ecparams = PEM_read_bio_ECPKParameters(bio,
MemorySegment.NULL, MemorySegment.NULL, MemorySegment.NULL);
BIO_free(bio);
if (!MemorySegment.NULL.equals(ecparams)) {
@@ -1142,7 +1142,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
// Set certificate chain file
if (certificate.getCertificateChainFile() != null) {
var certificateChainFileNative =
-
localArena.allocateString(SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()));
+
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()));
// SSLContext.setCertificateChainFile(state.ctx,
//
SSLHostConfig.adjustRelativePath(certificate.getCertificateChainFile()), false);
if (SSL_CTX_use_certificate_chain_file(state.sslCtx,
certificateChainFileNative) <= 0) {
@@ -1159,7 +1159,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if (sslHostConfig.getCertificateRevocationListFile() != null) {
MemorySegment x509Lookup =
X509_STORE_add_lookup(certificateStore, X509_LOOKUP_file());
var certificateRevocationListFileNative =
-
localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListFile()));
+
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListFile()));
//X509_LOOKUP_ctrl(lookup,X509_L_FILE_LOAD,file,type,NULL)
if (X509_LOOKUP_ctrl(x509Lookup, X509_L_FILE_LOAD(),
certificateRevocationListFileNative,
X509_FILETYPE_PEM(), MemorySegment.NULL) <= 0) {
@@ -1169,7 +1169,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
if (sslHostConfig.getCertificateRevocationListPath() != null) {
MemorySegment x509Lookup =
X509_STORE_add_lookup(certificateStore, X509_LOOKUP_hash_dir());
var certificateRevocationListPathNative =
-
localArena.allocateString(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListPath()));
+
localArena.allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCertificateRevocationListPath()));
//X509_LOOKUP_ctrl(lookup,X509_L_ADD_DIR,path,type,NULL)
if (X509_LOOKUP_ctrl(x509Lookup, X509_L_ADD_DIR(),
certificateRevocationListPathNative,
X509_FILETYPE_PEM(), MemorySegment.NULL) <= 0) {
@@ -1195,9 +1195,9 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
//SSLContext.setCertificateRaw(state.ctx, chain[0].getEncoded(),
// sb.toString().getBytes(StandardCharsets.US_ASCII),
// getCertificateIndex(certificate));
- var rawCertificate =
localArena.allocateArray(ValueLayout.JAVA_BYTE, chain[0].getEncoded());
- var rawCertificatePointer =
localArena.allocate(ValueLayout.ADDRESS, rawCertificate);
- var rawKey = localArena.allocateArray(ValueLayout.JAVA_BYTE,
sb.toString().getBytes(StandardCharsets.US_ASCII));
+ var rawCertificate =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, chain[0].getEncoded());
+ var rawCertificatePointer =
localArena.allocateFrom(ValueLayout.ADDRESS, rawCertificate);
+ var rawKey = localArena.allocateFrom(ValueLayout.JAVA_BYTE,
sb.toString().getBytes(StandardCharsets.US_ASCII));
var x509cert = d2i_X509(MemorySegment.NULL, rawCertificatePointer,
rawCertificate.byteSize());
if (MemorySegment.NULL.equals(x509cert)) {
logLastError(localArena, "openssl.errorLoadingCertificate");
@@ -1229,8 +1229,8 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
SSL_CTX_set_tmp_dh_callback(state.sslCtx, openSSLCallbackTmpDH);
for (int i = 1; i < chain.length; i++) {
//SSLContext.addChainCertificateRaw(state.ctx,
chain[i].getEncoded());
- var rawCertificateChain =
localArena.allocateArray(ValueLayout.JAVA_BYTE, chain[i].getEncoded());
- var rawCertificateChainPointer =
localArena.allocate(ValueLayout.ADDRESS, rawCertificateChain);
+ var rawCertificateChain =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, chain[i].getEncoded());
+ var rawCertificateChainPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, rawCertificateChain);
var x509certChain = d2i_X509(MemorySegment.NULL,
rawCertificateChainPointer, rawCertificateChain.byteSize());
if (MemorySegment.NULL.equals(x509certChain)) {
logLastError(localArena,
"openssl.errorLoadingCertificate");
@@ -1309,7 +1309,7 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
private static void logLastError(SegmentAllocator allocator, String
string) {
- var buf = allocator.allocateArray(ValueLayout.JAVA_BYTE, new
byte[128]);
+ var buf = allocator.allocateFrom(ValueLayout.JAVA_BYTE, new byte[128]);
ERR_error_string(ERR_get_error(), buf);
String err = buf.getString(0);
log.error(sm.getString(string, err));
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
index e60795c36e..a3b6ce301d 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -109,7 +109,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
var sslCtx = SSL_CTX_new(TLS_server_method());
try {
SSL_CTX_set_options(sslCtx, SSL_OP_ALL());
- SSL_CTX_set_cipher_list(sslCtx,
localArena.allocateString("ALL"));
+ SSL_CTX_set_cipher_list(sslCtx,
localArena.allocateFrom("ALL"));
var ssl = SSL_new(sslCtx);
SSL_set_accept_state(ssl);
try {
@@ -767,7 +767,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
final String cipherSuiteSpec = buf.toString();
try (var localArena = Arena.ofConfined()) {
- SSL_set_cipher_list(state.ssl,
localArena.allocateString(cipherSuiteSpec));
+ SSL_set_cipher_list(state.ssl,
localArena.allocateFrom(cipherSuiteSpec));
} catch (Exception e) {
throw new
IllegalStateException(sm.getString("engine.failedCipherSuite",
cipherSuiteSpec), e);
}
@@ -905,7 +905,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private byte[] getPeerCertificate() {
try (var localArena = Arena.ofConfined()) {
MemorySegment/*(X509*)*/ x509 = (OpenSSLContext.OPENSSL_3 ?
SSL_get1_peer_certificate(state.ssl) : SSL_get_peer_certificate(state.ssl));
- MemorySegment bufPointer =
localArena.allocate(ValueLayout.ADDRESS, MemorySegment.NULL);
+ MemorySegment bufPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
int length = i2d_X509(x509, bufPointer);
if (length <= 0) {
return null;
@@ -928,7 +928,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
try (var localArena = Arena.ofConfined()) {
for (int i = 0; i < len; i++) {
MemorySegment/*(X509*)*/ x509 = OPENSSL_sk_value(sk, i);
- MemorySegment bufPointer =
localArena.allocate(ValueLayout.ADDRESS, MemorySegment.NULL);
+ MemorySegment bufPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
int length = i2d_X509(x509, bufPointer);
if (length < 0) {
certificateChain[i] = new byte[0];
@@ -946,7 +946,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
private String getProtocolNegotiated() {
try (var localArena = Arena.ofConfined()) {
MemorySegment lenAddress =
localArena.allocate(ValueLayout.JAVA_INT, 0);
- MemorySegment protocolPointer =
localArena.allocate(ValueLayout.ADDRESS, MemorySegment.NULL);
+ MemorySegment protocolPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
SSL_get0_alpn_selected(state.ssl, protocolPointer, lenAddress);
if (MemorySegment.NULL.equals(protocolPointer)) {
return null;
@@ -1046,7 +1046,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
try (var localArena = Arena.ofConfined()) {
do {
// Loop until getLastErrorNumber() returns SSL_ERROR_NONE
- var buf = localArena.allocateArray(ValueLayout.JAVA_BYTE,
new byte[128]);
+ var buf = localArena.allocateFrom(ValueLayout.JAVA_BYTE,
new byte[128]);
ERR_error_string(error, buf);
String err = buf.getString(0);
if (sslError == null) {
@@ -1410,7 +1410,7 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
if (MemorySegment.NULL.equals(ocspOneReq)) {
return V_OCSP_CERTSTATUS_UNKNOWN();
}
- MemorySegment bufPointer =
localArena.allocate(ValueLayout.ADDRESS, MemorySegment.NULL);
+ MemorySegment bufPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
int requestLength = i2d_OCSP_REQUEST(ocspRequest, bufPointer);
if (requestLength <= 0) {
return V_OCSP_CERTSTATUS_UNKNOWN();
@@ -1441,8 +1441,8 @@ public final class OpenSSLEngine extends SSLEngine
implements SSLUtil.ProtocolIn
baos.write(responseBuf, 0, read);
}
byte[] responseData = baos.toByteArray();
- var nativeResponseData =
localArena.allocateArray(ValueLayout.JAVA_BYTE, responseData);
- var nativeResponseDataPointer =
localArena.allocate(ValueLayout.ADDRESS, nativeResponseData);
+ var nativeResponseData =
localArena.allocateFrom(ValueLayout.JAVA_BYTE, responseData);
+ var nativeResponseDataPointer =
localArena.allocateFrom(ValueLayout.ADDRESS, nativeResponseData);
ocspResponse = d2i_OCSP_RESPONSE(MemorySegment.NULL,
nativeResponseDataPointer, responseData.length);
if (!MemorySegment.NULL.equals(ocspResponse)) {
if (OCSP_response_status(ocspResponse) ==
OCSP_RESPONSE_STATUS_SUCCESSFUL()) {
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
index deb90343af..1ab172db1c 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLifecycleListener.java
@@ -239,13 +239,13 @@ public class OpenSSLLifecycleListener implements
LifecycleListener {
if ("auto".equals(engineName)) {
ENGINE_register_all_complete();
} else {
- var engine = memorySession.allocateString(engineName);
+ var engine = memorySession.allocateFrom(engineName);
enginePointer = ENGINE_by_id(engine);
if (MemorySegment.NULL.equals(enginePointer)) {
- enginePointer =
ENGINE_by_id(memorySession.allocateString("dynamic"));
+ enginePointer =
ENGINE_by_id(memorySession.allocateFrom("dynamic"));
if (enginePointer != null) {
- if (ENGINE_ctrl_cmd_string(enginePointer,
memorySession.allocateString("SO_PATH"), engine, 0) == 0
- ||
ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateString("LOAD"),
+ if (ENGINE_ctrl_cmd_string(enginePointer,
memorySession.allocateFrom("SO_PATH"), engine, 0) == 0
+ ||
ENGINE_ctrl_cmd_string(enginePointer, memorySession.allocateFrom("LOAD"),
MemorySegment.NULL, 0) == 0) {
// Engine load error
ENGINE_free(enginePointer);
@@ -269,14 +269,14 @@ public class OpenSSLLifecycleListener implements
LifecycleListener {
// Set the random seed, translated to the Java way
boolean seedDone = false;
if (SSLRandomSeed != null || SSLRandomSeed.length() != 0 ||
!"builtin".equals(SSLRandomSeed)) {
- var randomSeed =
memorySession.allocateString(SSLRandomSeed);
+ var randomSeed = memorySession.allocateFrom(SSLRandomSeed);
seedDone = RAND_load_file(randomSeed, 128) > 0;
}
if (!seedDone) {
// Use a regular random to get some bytes
SecureRandom random = new SecureRandom();
byte[] randomBytes = random.generateSeed(128);
-
RAND_seed(memorySession.allocateArray(ValueLayout.JAVA_BYTE, randomBytes), 128);
+
RAND_seed(memorySession.allocateFrom(ValueLayout.JAVA_BYTE, randomBytes), 128);
}
initDHParameters();
@@ -289,7 +289,7 @@ public class OpenSSLLifecycleListener implements
LifecycleListener {
final boolean enterFipsMode;
int fipsModeState = FIPS_OFF;
if (usingProviders) {
- var md = EVP_MD_fetch(MemorySegment.NULL,
memorySession.allocateString("SHA-512"), MemorySegment.NULL);
+ var md = EVP_MD_fetch(MemorySegment.NULL,
memorySession.allocateFrom("SHA-512"), MemorySegment.NULL);
var provider = EVP_MD_get0_provider(md);
String name =
OSSL_PROVIDER_get0_name(provider).getString(0);
EVP_MD_free(md);
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLSessionContext.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLSessionContext.java
index 713bb88673..b6583f6511 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLSessionContext.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLSessionContext.java
@@ -67,7 +67,7 @@ public class OpenSSLSessionContext implements
SSLSessionContext {
throw new
IllegalArgumentException(sm.getString("sessionContext.invalidTicketKeysLength",
keys.length));
}
try (var memorySession = Arena.ofConfined()) {
- var array = memorySession.allocateArray(ValueLayout.JAVA_BYTE,
keys);
+ var array = memorySession.allocateFrom(ValueLayout.JAVA_BYTE,
keys);
// #define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen)
// SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,
(keylen), (keys))
SSL_CTX_ctrl(context.getSSLContext(),
SSL_CTRL_SET_TLSEXT_TICKET_KEYS(), TICKET_KEYS_SIZE, array);
@@ -144,7 +144,7 @@ public class OpenSSLSessionContext implements
SSLSessionContext {
*/
public boolean setSessionIdContext(byte[] sidCtx) {
try (var memorySession = Arena.ofConfined()) {
- var array = memorySession.allocateArray(ValueLayout.JAVA_BYTE,
sidCtx);
+ var array = memorySession.allocateFrom(ValueLayout.JAVA_BYTE,
sidCtx);
return (SSL_CTX_set_session_id_context(context.getSSLContext(),
array, sidCtx.length) == 1);
}
}
diff --git
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
index c9ed2b9aad..860f7429d0 100644
---
a/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
+++
b/modules/openssl-foreign/src/main/java/org/apache/tomcat/util/openssl/constants$29.java
@@ -28,7 +28,7 @@ final class constants$29 {
// Suppresses default constructor, ensuring non-instantiability.
private constants$29() {}
- static final MemorySegment OPENSSL_FILE$SEGMENT =
RuntimeHelper.CONSTANT_ALLOCATOR.allocateString("/tmp/jextract$5975327931591344605.h");
+ static final MemorySegment OPENSSL_FILE$SEGMENT =
RuntimeHelper.CONSTANT_ALLOCATOR.allocateFrom("/tmp/jextract$5975327931591344605.h");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
