This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new 4a7977e6e2 Clear error earlier
4a7977e6e2 is described below
commit 4a7977e6e24209d50ec78f962f1824c1d270147c
Author: remm <r...@apache.org>
AuthorDate: Tue Jun 18 16:40:41 2024 +0200
Clear error earlier
---
.../tomcat/util/net/openssl/panama/LocalStrings.properties | 1 +
.../apache/tomcat/util/net/openssl/panama/OpenSSLContext.java | 11 ++++++++++-
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git
a/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties
b/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties
index 307fa3f4a2..c0923cbda0 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/openssl/panama/LocalStrings.properties
@@ -58,6 +58,7 @@ openssl.errorLoadingCertificateWithError=Error loading
certificate [{0}] with er
openssl.errorLoadingPassword=Error loading password file: [{0}]
openssl.errorLoadingPrivateKey=Error loading private key: [{0}]
openssl.errorPrivateKeyCheck=Private key does not match the certificate public
key: [{0}]
+openssl.errorReadingPEMParameters=Failed reading PEM parameters [{0}] for
certificate [{1}]
openssl.errorSSLCtxInit=Error initializing SSL context
openssl.invalidSslProtocol=An invalid value [{0}] was provided for the
SSLProtocol attribute
openssl.keyManagerMissing=No key manager found
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
index 9a8ba2ea2b..3dedf0fd22 100644
--- a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
+++ b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -1068,6 +1068,10 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
log.debug(sm.getString("openssl.setCustomDHParameters",
Integer.valueOf(numBits), certificate.getCertificateFile()));
}
} else {
+ String errMessage = OpenSSLLibrary.getLastError();
+ if (errMessage != null) {
+
log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage,
certificate.getCertificateFile()));
+ }
SSL_CTX_ctrl(state.sslCtx, SSL_CTRL_SET_DH_AUTO(),
1, MemorySegment.NULL);
}
}
@@ -1220,9 +1224,14 @@ public class OpenSSLContext implements
org.apache.tomcat.util.net.SSLContext {
EVP_PKEY_free(pkey);
} else {
log.debug(sm.getString("openssl.setCustomDHParameters",
Integer.valueOf(numBits),
- certificate.getCertificateFile()));
+ x509KeyManager.toString()));
}
} else {
+ String errMessage = OpenSSLLibrary.getLastError();
+ if (errMessage != null) {
+
log.debug(sm.getString("openssl.errorReadingPEMParameters", errMessage,
+ x509KeyManager.toString()));
+ }
SSL_CTX_ctrl(state.sslCtx, SSL_CTRL_SET_DH_AUTO(), 1,
MemorySegment.NULL);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
