2011/11/10 Christopher Schultz <ch...@christopherschultz.net>: >> >> There is java.lang.UnsatisfiedLinkError (and not the >> IllegalStateException that the code throws). >> >> Despite this error, Tomcat startup sequence continues. >> >> I guess that from FIPS PoV the failure to initialize FIPS mode should >> be more fatal, regardless of its cause. >> Be it because of native lib returning error code or this tc-native >> version mismatch. >> Maybe even throw an error if SSLEngine was not "on". Now it just >> causes the FIPS mode to be ignored. >> >> I do not know why UnsatisfiedLinkError error was not enough to break it. > > Because the AprLifecycleListener's code looks like this: > > if (Lifecycle.BEFORE_INIT_EVENT.equals(event.getType())) { > synchronized (lock) { > init(); > if (aprAvailable) { > try { > initializeSSL(); > } catch (Throwable t) { > ExceptionUtils.handleThrowable(t); > log.error(sm.getString("aprListener.sslInit"), t); > } > } > } > > > The error is caught, logged, and execution continues. > > I did not feel that this was an appropriate patch to include changes to > exception handling within the AprLivecycleListener. >
Maybe add explicit FIPS mode status check below the above error handling? Something like: if ("on".equalsIgnoreCase(FIPSMode) && !fipsModeActive) { fail fatally; } Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org