Skip to content

Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts#912

Merged
markt-asf merged 4 commits into
apache:mainfrom
aogburn:04290882
Oct 30, 2025
Merged

Fix BZ 69866 - Use separate CertificateVerifier class to avoid strong JNI reference to OpenSSLContexts#912
markt-asf merged 4 commits into
apache:mainfrom
aogburn:04290882

Conversation

@aogburn

@aogburn aogburn commented Oct 27, 2025

Copy link
Copy Markdown
Contributor

@ChristopherSchultz

Copy link
Copy Markdown
Contributor

LGTM, I'm just running the CI before merging.

Please run "ant validate" next time to make sure CheckStyle is happy.

@markt-asf

Copy link
Copy Markdown
Contributor

Either OpenSSLContext.certificates(byte[][]) is duplicated (in which case it should shared instead) or it becomes unused in which case it should be removed.

Comment thread java/org/apache/tomcat/util/net/openssl/OpenSSLCertificateVerifier.java Outdated
@aogburn

aogburn commented Oct 28, 2025

Copy link
Copy Markdown
Contributor Author

Either OpenSSLContext.certificates(byte[][]) is duplicated (in which case it should shared instead) or it becomes unused in which case it should be removed.

D'oh, it's now unused there so it was my intention to remove it. Thanks for catching that. Fixed.

@aogburn aogburn closed this Oct 28, 2025
@aogburn aogburn reopened this Oct 28, 2025
@markt-asf
markt-asf merged commit cf94b36 into apache:main Oct 30, 2025
markt-asf added a commit that referenced this pull request Oct 30, 2025
@markt-asf

Copy link
Copy Markdown
Contributor

There were some follow-up changes required. See: c19b057
I'm seeing some possibly unrelated test failures. I want to look into those before back-porting this fix.

@markt-asf

Copy link
Copy Markdown
Contributor

They were unrelated (and have been fixed). This fix has been back-ported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants