Author: markt
Date: Tue Jan 5 21:02:37 2016
New Revision: 1723165
URL: http://svn.apache.org/viewvc?rev=1723165&view=rev
Log:
Fix the connector cipher listing in the Manager app. It isn't ideal. It lists
configured rather than available ciphers but it is better than the NPE.
Modified:
tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
Modified: tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java?rev=1723165&r1=1723164&r2=1723165&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java (original)
+++ tomcat/trunk/java/org/apache/catalina/manager/ManagerServlet.java Tue Jan
5 21:02:37 2016
@@ -24,7 +24,6 @@ import java.io.IOException;
import java.io.PrintWriter;
import java.util.Enumeration;
import java.util.HashMap;
-import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
@@ -61,6 +60,8 @@ import org.apache.catalina.util.ServerIn
import org.apache.tomcat.util.Diagnostics;
import org.apache.tomcat.util.ExceptionUtils;
import org.apache.tomcat.util.modeler.Registry;
+import org.apache.tomcat.util.net.SSLHostConfig;
+import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
import org.apache.tomcat.util.res.StringManager;
@@ -562,16 +563,19 @@ public class ManagerServlet extends Http
writer.print(Diagnostics.getThreadDump(requestedLocales));
}
- protected void sslConnectorCiphers(PrintWriter writer,
- StringManager smClient) {
- writer.println(smClient.getString(
- "managerServlet.sslConnectorCiphers"));
- Map<String,Set<String>> connectorCiphers = getConnectorCiphers();
- for (Map.Entry<String,Set<String>> entry :
connectorCiphers.entrySet()) {
+ protected void sslConnectorCiphers(PrintWriter writer, StringManager
smClient) {
+
writer.println(smClient.getString("managerServlet.sslConnectorCiphers"));
+ Map<String,Set<Cipher>> connectorCiphers = getConnectorCiphers();
+ for (Map.Entry<String,Set<Cipher>> entry :
connectorCiphers.entrySet()) {
writer.println(entry.getKey());
- for (String cipher : entry.getValue()) {
+ if (entry.getValue() == null) {
writer.print(" ");
- writer.println(cipher);
+
writer.println(smClient.getString("managerServlet.notSslConnector"));
+ } else {
+ for (Cipher cipher : entry.getValue()) {
+ writer.print(" ");
+ writer.println(cipher);
+ }
}
}
}
@@ -1650,24 +1654,23 @@ public class ManagerServlet extends Http
}
- protected Map<String,Set<String>> getConnectorCiphers() {
- Map<String,Set<String>> result = new HashMap<>();
+ protected Map<String,Set<Cipher>> getConnectorCiphers() {
+ // TODO: Returned available ciphers rather than configured ciphers.
+ Map<String,Set<Cipher>> result = new HashMap<>();
Engine e = (Engine) host.getParent();
Service s = e.getService();
Connector connectors[] = s.findConnectors();
for (Connector connector : connectors) {
- Set<String> cipherList = new HashSet<>();
if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
- String[] ciphersUsed =
- (String[]) connector.getProperty("ciphersUsed");
- for (String cipherUsed : ciphersUsed) {
- cipherList.add(cipherUsed);
+ SSLHostConfig[] sslHostConfigs =
connector.getProtocolHandler().findSslHostConfigs();
+ for (SSLHostConfig sslHostConfig : sslHostConfigs) {
+ result.put(connector.toString() + "-" +
sslHostConfig.getHostName(),
+ sslHostConfig.getCipherList());
}
} else {
- cipherList.add(sm.getString("managerServlet.notSslConnector"));
+ result.put(connector.toString(), null);
}
- result.put(connector.toString(), cipherList);
}
return result;
}
Modified: tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp?rev=1723165&r1=1723164&r2=1723165&view=diff
==============================================================================
--- tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp (original)
+++ tomcat/trunk/webapps/manager/WEB-INF/jsp/connectorCiphers.jsp Tue Jan 5
21:02:37 2016
@@ -19,12 +19,13 @@
<%@page import="java.util.Map" %>
<%@page import="java.util.Map.Entry" %>
<%@page import="java.util.Set" %>
+<%@page import="org.apache.tomcat.util.net.openssl.ciphers.Cipher" %>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en">
-<% Map<String,Set<String>> cipherList = (Map<String,Set<String>>)
request.getAttribute("cipherList");
+<% Map<String,Set<Cipher>> cipherList = (Map<String,Set<Cipher>>)
request.getAttribute("cipherList");
%>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
@@ -43,21 +44,27 @@
<thead>
<tr>
<th>Connector</th>
- <th>Enabled Ciphers</th>
+ <th>Configured Ciphers</th>
</tr>
</thead>
<tbody>
<%
- for (Map.Entry<String, Set<String>> entry : cipherList.entrySet()) {
+ for (Map.Entry<String, Set<Cipher>> entry : cipherList.entrySet()) {
%>
<tr>
<td><%=entry.getKey()%></td>
<td>
<%
- for (String cipher : entry.getValue()) {
- %>
- <p><%=cipher%></p>
- <%
+ if (entry.getValue() == null) {
+ %>
+ <p>Not an SSL connector.</p>
+ <%
+ } else {
+ for (Cipher cipher : entry.getValue()) {
+ %>
+ <p><%=cipher%></p>
+ <%
+ }
}
%>
</td>
@@ -68,6 +75,10 @@
</tbody>
</table>
+<p>Note: The actual ciphers available for clients to use will be the subset of
+those listed above that are supported by the SSL implementation configured for
+the connector.</p>
+
<form method="get" action="<%=request.getContextPath()%>/html">
<p style="text-align: center;">
<input type="submit" value="Return to main page" />
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
