This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push: new 4e0b1d2dba Port robustness improvement 4e0b1d2dba is described below commit 4e0b1d2dba79ea23e89b3e2126404cb85fa32d7a Author: remm <r...@apache.org> AuthorDate: Thu Jun 13 20:52:36 2024 +0200 Port robustness improvement Also tweak a bit destroy. --- .../catalina/core/OpenSSLLifecycleListener.java | 4 ---- .../util/net/openssl/panama/OpenSSLContext.java | 2 +- .../util/net/openssl/panama/OpenSSLLibrary.java | 12 ++++++++++ .../catalina/core/TestAprLifecycleListener.java | 28 ++++++++++++++++++---- 4 files changed, 36 insertions(+), 10 deletions(-) diff --git a/java/org/apache/catalina/core/OpenSSLLifecycleListener.java b/java/org/apache/catalina/core/OpenSSLLifecycleListener.java index 5b0ea02531..e8b42ee855 100644 --- a/java/org/apache/catalina/core/OpenSSLLifecycleListener.java +++ b/java/org/apache/catalina/core/OpenSSLLifecycleListener.java @@ -20,7 +20,6 @@ package org.apache.catalina.core; import org.apache.catalina.Lifecycle; import org.apache.catalina.LifecycleEvent; import org.apache.catalina.LifecycleListener; -import org.apache.catalina.Server; import org.apache.juli.logging.Log; import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.ExceptionUtils; @@ -83,9 +82,6 @@ public class OpenSSLLifecycleListener implements LifecycleListener { boolean initError = false; if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) { - if (!(event.getLifecycle() instanceof Server)) { - log.warn(sm.getString("listener.notServer", event.getLifecycle().getClass().getSimpleName())); - } synchronized (lock) { if (!JreCompat.isJre22Available()) { log.info(sm.getString("openssllistener.java22")); diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index 84b75a086b..4b21075c5b 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -690,7 +690,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { keylen = EVP_PKEY_bits(pkey); } for (int i = 0; i < OpenSSLLibrary.dhParameters.length; i++) { - if (keylen >= OpenSSLLibrary.dhParameters[i].min) { + if (OpenSSLLibrary.dhParameters[i] != null && keylen >= OpenSSLLibrary.dhParameters[i].min) { return OpenSSLLibrary.dhParameters[i].dh; } } diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLibrary.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLibrary.java index 45e3178fc7..f4501c7fa6 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLibrary.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLLibrary.java @@ -74,6 +74,9 @@ public class OpenSSLLibrary { protected static final Object lock = new Object(); + // Guarded by lock + private static int referenceCount = 0; + static MemorySegment enginePointer = MemorySegment.NULL; static void initLibrary() { @@ -159,6 +162,10 @@ public class OpenSSLLibrary { public static void init() { synchronized (lock) { + if (referenceCount++ != 0) { + // Already loaded (note test is performed before reference count is incremented) + return; + } if (OpenSSLStatus.isInitialized()) { return; } @@ -327,6 +334,10 @@ public class OpenSSLLibrary { public static void destroy() { synchronized (lock) { + if (--referenceCount != 0) { + // Still being used (note test is performed after reference count is decremented) + return; + } if (!OpenSSLStatus.isInitialized()) { return; } @@ -337,6 +348,7 @@ public class OpenSSLLibrary { freeDHParameters(); if (!MemorySegment.NULL.equals(enginePointer)) { ENGINE_free(enginePointer); + enginePointer = MemorySegment.NULL; } FIPS_mode_set(0); } diff --git a/test/org/apache/catalina/core/TestAprLifecycleListener.java b/test/org/apache/catalina/core/TestAprLifecycleListener.java index 946d7bddd1..93485abd01 100644 --- a/test/org/apache/catalina/core/TestAprLifecycleListener.java +++ b/test/org/apache/catalina/core/TestAprLifecycleListener.java @@ -16,9 +16,11 @@ */ package org.apache.catalina.core; +import org.junit.Assume; import org.junit.Test; import org.apache.catalina.startup.Tomcat; +import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.net.TesterSupport; import org.apache.tomcat.util.net.openssl.OpenSSLImplementation; @@ -26,27 +28,43 @@ public class TestAprLifecycleListener { @Test public void testMultipleServerInstancesUsingTomcatNativeLibrary01() throws Exception { - doTestMultipleServerInstancesUsingTomcatNativeLibrary(false); + doTestMultipleServerInstancesUsingTomcatNativeLibrary(false, false); } @Test public void testMultipleServerInstancesUsingTomcatNativeLibrary02() throws Exception { - doTestMultipleServerInstancesUsingTomcatNativeLibrary(true); + doTestMultipleServerInstancesUsingTomcatNativeLibrary(true, false); } - private void doTestMultipleServerInstancesUsingTomcatNativeLibrary(boolean reverseShutdownOrder) throws Exception { + @Test + public void testMultipleServerInstancesUsingFFM01() throws Exception { + Assume.assumeTrue(JreCompat.isJre22Available()); + doTestMultipleServerInstancesUsingTomcatNativeLibrary(false, true); + } + + + @Test + public void testMultipleServerInstancesUsingFFM02() throws Exception { + Assume.assumeTrue(JreCompat.isJre22Available()); + doTestMultipleServerInstancesUsingTomcatNativeLibrary(true, true); + } + + + private void doTestMultipleServerInstancesUsingTomcatNativeLibrary(boolean reverseShutdownOrder, boolean ffm) throws Exception { Tomcat tomcat1 = new Tomcat(); tomcat1.setPort(0); TesterSupport.initSsl(tomcat1); - TesterSupport.configureSSLImplementation(tomcat1, OpenSSLImplementation.class.getName(), true); + TesterSupport.configureSSLImplementation(tomcat1, + ffm ? "org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation" : OpenSSLImplementation.class.getName(), true); tomcat1.init(); Tomcat tomcat2 = new Tomcat(); tomcat2.setPort(0); TesterSupport.initSsl(tomcat2); - TesterSupport.configureSSLImplementation(tomcat2, OpenSSLImplementation.class.getName(), true); + TesterSupport.configureSSLImplementation(tomcat2, + ffm ? "org.apache.tomcat.util.net.openssl.panama.OpenSSLImplementation" : OpenSSLImplementation.class.getName(), true); tomcat2.init(); // Start 1, then 2 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org