[tomcat] branch 8.5.x updated: Fix possible NPEs

[remm]

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new a3ec97a0c2 Fix possible NPEs
a3ec97a0c2 is described below

commit a3ec97a0c284a1a149a7097dd21da0fa260c230f
Author: remm <r...@apache.org>
AuthorDate: Wed Sep 13 17:38:23 2023 +0200

    Fix possible NPEs
---
 .../catalina/valves/rewrite/ResolverImpl.java       | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java 
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index 0ceed2d762..43d9b75f93 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -171,14 +171,16 @@ public class ResolverImpl extends Resolver {
                 return sslSupport.getCipherSuite();
             } else if (key.equals("SSL_CIPHER_EXPORT")) {
                 String cipherSuite = sslSupport.getCipherSuite();
-                Set<Cipher> cipherList = 
OpenSSLCipherConfigurationParser.parse(cipherSuite);
-                if (cipherList.size() == 1) {
-                    Cipher cipher = cipherList.iterator().next();
-                    if (cipher.getLevel().equals(EncryptionLevel.EXP40)
-                            || 
cipher.getLevel().equals(EncryptionLevel.EXP56)) {
-                        return "true";
-                    } else {
-                        return "false";
+                if (cipherSuite != null) {
+                    Set<Cipher> cipherList = 
OpenSSLCipherConfigurationParser.parse(cipherSuite);
+                    if (cipherList.size() == 1) {
+                        Cipher cipher = cipherList.iterator().next();
+                        if (cipher.getLevel().equals(EncryptionLevel.EXP40)
+                                || 
cipher.getLevel().equals(EncryptionLevel.EXP56)) {
+                            return "true";
+                        } else {
+                            return "false";
+                        }
                     }
                 }
             } else if (key.equals("SSL_CIPHER_ALGKEYSIZE")) {
@@ -189,7 +191,8 @@ public class ResolverImpl extends Resolver {
                     return String.valueOf(cipher.getAlg_bits());
                 }
             } else if (key.equals("SSL_CIPHER_USEKEYSIZE")) {
-                return sslSupport.getKeySize().toString();
+                Integer keySize = sslSupport.getKeySize();
+                return (keySize == null) ? null : 
sslSupport.getKeySize().toString();
             } else if (key.startsWith("SSL_CLIENT_")) {
                 X509Certificate[] certificates = 
sslSupport.getPeerCertificateChain();
                 if (certificates != null && certificates.length > 0) {


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org