(tomcat) branch 9.0.x updated: Throw KeyManagementException on errors in SSLContext.init

Fri, 25 Oct 2024 15:45:40 -0700 

This is an automated email from the ASF dual-hosted git repository.

remm pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new a370079465 Throw KeyManagementException on errors in SSLContext.init
a370079465 is described below

commit a37007946572010b7de3e4fbd72d0ec6094ced39
Author: remm <r...@apache.org>
AuthorDate: Sat Oct 26 00:36:56 2024 +0200

    Throw KeyManagementException on errors in SSLContext.init
    
    Align with JSSE.
---
 java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java       | 7 +++++--
 .../org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 8 ++++++--
 webapps/docs/changelog.xml                                        | 7 +++++++
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java 
b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
index 42924c0413..a4fe9d7ac1 100644
--- a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -20,6 +20,7 @@ import java.io.BufferedReader;
 import java.io.FileInputStream;
 import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
+import java.security.KeyManagementException;
 import java.security.PrivateKey;
 import java.security.SecureRandom;
 import java.security.cert.CertificateException;
@@ -302,9 +303,11 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
      * @param tms Must contain a TrustManager of the type
      *            {@code X509TrustManager}
      * @param sr Is not used for this implementation.
+     * @throws KeyManagementException if an error occurs
      */
     @Override
-    public synchronized void init(KeyManager[] kms, TrustManager[] tms, 
SecureRandom sr) {
+    public synchronized void init(KeyManager[] kms, TrustManager[] tms, 
SecureRandom sr)
+        throws KeyManagementException {
         if (initialized) {
             log.warn(sm.getString("openssl.doubleInit"));
             return;
@@ -467,8 +470,8 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
             sslHostConfig.setOpenSslContext(Long.valueOf(ctx));
             initialized = true;
         } catch (Exception e) {
-            log.warn(sm.getString("openssl.errorSSLCtxInit"), e);
             destroy();
+            throw new 
KeyManagementException(sm.getString("openssl.errorSSLCtxInit"), e);
         }
     }
 
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java 
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 1823fd99e9..2fa18d1e6d 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -26,6 +26,7 @@ import java.lang.foreign.ValueLayout;
 import java.lang.ref.Cleaner;
 import java.lang.ref.Cleaner.Cleanable;
 import java.nio.charset.StandardCharsets;
+import java.security.KeyManagementException;
 import java.security.SecureRandom;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -456,14 +457,16 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
      * @param tms Must contain a TrustManager of the type
      *            {@code X509TrustManager}
      * @param sr Is not used for this implementation.
+     * @throws KeyManagementException if an error occurs
      */
     @Override
-    public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) {
+    public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) 
throws KeyManagementException {
         if (initialized) {
             log.warn(sm.getString("openssl.doubleInit"));
             return;
         }
         boolean success = true;
+        Exception cause = null;
         try (var localArena = Arena.ofConfined()) {
             if (sslHostConfig.getInsecureRenegotiation()) {
                 openssl_h_Compatibility.SSL_CTX_set_options(state.sslCtx, 
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION());
@@ -662,11 +665,12 @@ public class OpenSSLContext implements 
org.apache.tomcat.util.net.SSLContext {
             
sslHostConfig.setOpenSslContext(Long.valueOf(state.sslCtx.address()));
             initialized = true;
         } catch (Exception e) {
-            log.warn(sm.getString("openssl.errorSSLCtxInit"), e);
+            cause = e;
             success = false;
         }
         if (!success) {
             destroy();
+            throw new 
KeyManagementException(sm.getString("openssl.errorSSLCtxInit"), cause);
         }
     }
 
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 8a008e2ceb..cf11152a58 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -215,6 +215,13 @@
         behavior was introduced on a previous refactoring to improve HTTP/2
         performance. (remm)
       </fix>
+      <fix>
+        <code>OpenSSLContext</code> will now throw a
+        <code>KeyManagementException</code> is something is known to have gone
+        wrong in the <code>init</code> method, which is the behavior
+        documented by <code>javax.net.ssl.SSLContext.init</code>. This makes
+        error handling more consistent. (remm)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Japser">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to