This is an automated email from the ASF dual-hosted git repository. remm pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push: new fe073bc124 Fix bad symbol lookup use fe073bc124 is described below commit fe073bc1247e71b21417f2026c30a134100e2887 Author: remm <r...@apache.org> AuthorDate: Fri Feb 23 12:45:35 2024 +0100 Fix bad symbol lookup use Depending on how OpenSSL is available in the system, this could cause a failure since one lookup is different from the others. --- .../apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 4 ++-- java/org/apache/tomcat/util/openssl/openssl_h_Macros.java | 10 ++++++++++ webapps/docs/changelog.xml | 7 +++++++ 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java index f156f1951f..961d2a76cf 100644 --- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java +++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java @@ -22,7 +22,6 @@ import java.io.IOException; import java.io.InputStreamReader; import java.lang.foreign.Arena; import java.lang.foreign.MemorySegment; -import java.lang.foreign.SymbolLookup; import java.lang.foreign.ValueLayout; import java.lang.ref.Cleaner; import java.lang.ref.Cleaner.Cleanable; @@ -68,6 +67,7 @@ import org.apache.tomcat.util.openssl.SSL_CTX_set_alpn_select_cb$cb; import org.apache.tomcat.util.openssl.SSL_CTX_set_cert_verify_callback$cb; import org.apache.tomcat.util.openssl.SSL_CTX_set_tmp_dh_callback$dh; import org.apache.tomcat.util.openssl.SSL_CTX_set_verify$callback; +import org.apache.tomcat.util.openssl.openssl_h_Macros; import org.apache.tomcat.util.openssl.pem_password_cb; import org.apache.tomcat.util.res.StringManager; @@ -1081,7 +1081,7 @@ public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext { // Set callback for DH parameters SSL_CTX_set_tmp_dh_callback(state.sslCtx, SSL_CTX_set_tmp_dh_callback$dh.allocate(new TmpDHCallback(), contextArena)); } else { - var d2i_ECPKParameters = SymbolLookup.loaderLookup().find("d2i_ECPKParameters").get(); + var d2i_ECPKParameters = openssl_h_Macros.findOrThrow("d2i_ECPKParameters"); var ecparams = PEM_ASN1_read_bio(d2i_ECPKParameters, PEM_STRING_ECPARAMETERS(), certificateBIO, MemorySegment.NULL, MemorySegment.NULL, MemorySegment.NULL); if (!MemorySegment.NULL.equals(ecparams)) { diff --git a/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java b/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java index e84d50b27b..acae96ac72 100644 --- a/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java +++ b/java/org/apache/tomcat/util/openssl/openssl_h_Macros.java @@ -28,6 +28,16 @@ import static org.apache.tomcat.util.openssl.openssl_h.*; public class openssl_h_Macros { + /** + * Publicly accessible find. + * @param symbol the symbol to find + * @return the symbol + */ + public static MemorySegment findOrThrow(String symbol) { + return openssl_h.findOrThrow(symbol); + } + + /** * Set maximum protocol version on the given context. * {@snippet lang = c : # define SSL_CTX_set_max_proto_version(sslCtx, version) \ diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 241ac0f4bc..89e5be6a97 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -112,6 +112,13 @@ </update> </changelog> </subsection> + <subsection name="Coyote"> + <changelog> + <fix> + Fix bad symbol lookup use in the OpenSSL FFM code. (remm) + </fix> + </changelog> + </subsection> <subsection name="Jasper"> <changelog> <add> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org