changelog.xml

schultz Mon, 08 Aug 2011 10:11:53 -0700

Author: schultz
Date: Mon Aug  8 17:11:28 2011
New Revision: 1155016

URL: http://svn.apache.org/viewvc?rev=1155016&view=rev
Log:
Back-ported FIPS patch from trunk.


Modified:
    tomcat/native/branches/1.1.x/native/src/ssl.c
    tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml

Modified: tomcat/native/branches/1.1.x/native/src/ssl.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/ssl.c?rev=1155016&r1=1155015&r2=1155016&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/ssl.c (original)
+++ tomcat/native/branches/1.1.x/native/src/ssl.c Mon Aug  8 17:11:28 2011
@@ -607,6 +607,32 @@ TCN_IMPLEMENT_CALL(void, SSL, randSet)(T
     }
     TCN_FREE_CSTRING(file);
 }
+
+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode)
+{
+    int r = 0;
+    UNREFERENCED(o);
+
+#ifdef OPENSSL_FIPS
+    if(1 != (r = (jint)FIPS_mode_set((int)mode))) {
+      /* arrange to get a human-readable error message */
+      unsigned long err = ERR_get_error();
+      char msg[256];
+
+      /* ERR_load_crypto_strings() already called in initialize() */
+
+      ERR_error_string_n(err, msg, 256);
+
+      tcn_ThrowException(e, msg);
+    }
+#else
+    /* FIPS is unavailable */
+    tcn_ThrowException(e, "FIPS was not available to tcnative at build time. 
You will need to re-build tcnative against an OpenSSL with FIPS.");
+#endif
+
+    return r;
+}
+
 /* OpenSSL Java Stream BIO */
 
 typedef struct  {
@@ -980,6 +1006,14 @@ TCN_IMPLEMENT_CALL(void, SSL, randSet)(T
     UNREFERENCED(file);
 }
 
+TCN_IMPLEMENT_CALL(jint, SSL, fipsModeSet)(TCN_STDARGS, jint mode)
+{
+    UNREFERENCED_STDARGS;
+    UNREFERENCED(mode);
+
+    return 0;
+}
+
 TCN_IMPLEMENT_CALL(jlong, SSL, newBIO)(TCN_STDARGS, jlong pool,
                                        jobject callback)
 {

Modified: tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml?rev=1155016&r1=1155015&r2=1155016&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml Mon Aug  8 
17:11:28 2011
@@ -36,6 +36,13 @@
   new documentation project for Tomcat Native was started.
   </p>
 </section>
+<section name="Changes between 1.1.22 and 1.1.23">
+  <changelog>
+    <update>
+      <bug>50570</bug>: Allow explicit use of FIPS mode in APR lifecycle 
listener (native support only in this update; Java support to follow). Based 
upon a patch from Chris Beckey. (schultz)
+    </update>
+  </changelog>
+</section>
 <section name="Changes between 1.1.21 and 1.1.22">
   <changelog>
     <fix>



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1155016 - in /tomcat/native/branches/1.1.x: native/src/ssl.c xdocs/miscellaneous/changelog.xml

Reply via email to