tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java
Date Thu, 10 Nov 2011 00:32:41 GMT
Mark,

On 11/9/11 2:12 PM, Mark Thomas wrote:
> What happens if I try this with 1.1.22?

Here is the behavior under various circumstances:

1.1.23, openssl-fips, FIPSMode!="on" : regular startup
1.1.23, openssl-fips, FIPSMode="on" : enter FIPS mode
1.1.23, openssl, FIPSMode!="on" : regular startup
1.1.23, openssl, FIPSMode="on", error:
   java.lang.Exception: FIPS was not available to tcnative at build
   time. You will need to re-build tcnative against an OpenSSL with
   FIPS.
1.1.22, any combination: UnsatisfiedLinkError followed by SSL connector
        configuration NOT in FIPS mode :(

Honestly, I am surprised that the Connector comes up when
AprLifecycleListener fails to set sslAvailable = true. I think I might
need to shut-down the SSL engine if there are any errors coming back
from setFIPSMode.

I think I might also want to set sslInitialized = true *after* all of
the initialization has actually occurred: AprLifecycleListener is/was
setting sslInitialized=true *before* any initialization actually occurs.

I see several ways to move forward, here, not necessarily mutually
exclusive:

1. terminate SSL on FIPS error
2. set sslInitialized after initialization is complete (including
   FIPS), not before
3. set error state in SSL class to prevent connectors from using
   an improperly-initialized SSL environment

Comments?

-chris


Mime
View raw message