[tomcat] branch 9.0.x updated: Fix possible NPEs

Wed, 13 Sep 2023 08:40:39 -0700 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new f7229575fa Fix possible NPEs
f7229575fa is described below

commit f7229575fac65b1a89c4efa0d58b04740d7fd1a9
Author: remm <r...@apache.org>
AuthorDate: Wed Sep 13 17:38:23 2023 +0200

    Fix possible NPEs
---
 .../catalina/valves/rewrite/ResolverImpl.java       | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java 
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index ce66f860a7..b6fa2d01cc 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -171,14 +171,16 @@ public class ResolverImpl extends Resolver {
                 return sslSupport.getCipherSuite();
             } else if (key.equals("SSL_CIPHER_EXPORT")) {
                 String cipherSuite = sslSupport.getCipherSuite();
-                Set<Cipher> cipherList = 
OpenSSLCipherConfigurationParser.parse(cipherSuite);
-                if (cipherList.size() == 1) {
-                    Cipher cipher = cipherList.iterator().next();
-                    if (cipher.getLevel().equals(EncryptionLevel.EXP40)
-                            || 
cipher.getLevel().equals(EncryptionLevel.EXP56)) {
-                        return "true";
-                    } else {
-                        return "false";
+                if (cipherSuite != null) {
+                    Set<Cipher> cipherList = 
OpenSSLCipherConfigurationParser.parse(cipherSuite);
+                    if (cipherList.size() == 1) {
+                        Cipher cipher = cipherList.iterator().next();
+                        if (cipher.getLevel().equals(EncryptionLevel.EXP40)
+                                || 
cipher.getLevel().equals(EncryptionLevel.EXP56)) {
+                            return "true";
+                        } else {
+                            return "false";
+                        }
                     }
                 }
             } else if (key.equals("SSL_CIPHER_ALGKEYSIZE")) {
@@ -189,7 +191,8 @@ public class ResolverImpl extends Resolver {
                     return String.valueOf(cipher.getAlg_bits());
                 }
             } else if (key.equals("SSL_CIPHER_USEKEYSIZE")) {
-                return sslSupport.getKeySize().toString();
+                Integer keySize = sslSupport.getKeySize();
+                return (keySize == null) ? null : 
sslSupport.getKeySize().toString();
             } else if (key.startsWith("SSL_CLIENT_")) {
                 X509Certificate[] certificates = 
sslSupport.getPeerCertificateChain();
                 if (certificates != null && certificates.length > 0) {


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to