tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: svn commit: r1199980 - in /tomcat/trunk/java/org/apache: catalina/core/AprLifecycleListener.java catalina/core/LocalStrings.properties tomcat/jni/SSL.java
Date Thu, 10 Nov 2011 00:35:21 GMT
All,

On 11/9/11 4:32 PM, Christopher Schultz wrote:
> I see several ways to move forward, here, not necessarily mutually
> exclusive:
> 
> 1. terminate SSL on FIPS error
> 2. set sslInitialized after initialization is complete (including
>    FIPS), not before
> 3. set error state in SSL class to prevent connectors from using
>    an improperly-initialized SSL environment

I forgot one:

4. Have an explicit check in lifecycleEvent() that throws an error
   instead of merely logging the error.

-chris


Mime
View raw message