Avoid using APR strings since the connector has been removed

apache · Jan 24, 2024 · 025cb59 · 025cb59
1 parent 9addc69
commit 025cb59
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 8 deletions.
diff --git a/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties b/java/org/apache/tomcat/util/net/openssl/LocalStrings.properties
@@ -46,6 +46,8 @@ openssl.errApplyConf=Could not apply OpenSSLConf to SSL context
 openssl.errCheckConf=Error during OpenSSLConf check
 openssl.errMakeConf=Could not create OpenSSLConf context
 openssl.errorSSLCtxInit=Error initializing SSL context
+openssl.failSslContextMake=Unable to create SSLContext. Check that SSLEngine is enabled in the AprLifecycleListener, the AprLifecycleListener has initialised correctly and that a valid SSLProtocol has been specified
+openssl.invalidSslProtocol=An invalid value [{0}] was provided for the SSLProtocol attribute
 openssl.keyManagerMissing=No key manager found
 openssl.keyManagerMissing.warn=No key manager found. TLS will work but the certificate will not be visible to Tomcat so management/monitoring features will not work for this certificate
 openssl.makeConf=Creating OpenSSLConf context

diff --git a/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
@@ -50,7 +50,6 @@
 import org.apache.tomcat.jni.SSL;
 import org.apache.tomcat.jni.SSLConf;
 import org.apache.tomcat.jni.SSLContext;
-import org.apache.tomcat.util.net.AbstractEndpoint;
 import org.apache.tomcat.util.net.Constants;
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfig.CertificateVerification;
@@ -62,9 +61,6 @@
 public class OpenSSLContext implements org.apache.tomcat.util.net.SSLContext {
 
     private static final Log log = LogFactory.getLog(OpenSSLContext.class);
-
-    // Note: this uses the main "net" package strings as many are common with APR
-    private static final StringManager netSm = StringManager.getManager(AbstractEndpoint.class);
     private static final StringManager sm = StringManager.getManager(OpenSSLContext.class);
 
     private static final String defaultProtocol = "TLS";
@@ -144,8 +140,7 @@ public OpenSSLContext(SSLHostConfigCertificate certificate, List<String> negotia
                 } else {
                     // Should not happen since filtering to build
                     // enabled protocols removes invalid values.
-                    throw new Exception(netSm.getString(
-                            "endpoint.apr.invalidSslProtocol", protocol));
+                    throw new Exception(sm.getString("openssl.invalidSslProtocol", protocol));
                 }
             }
 
@@ -156,8 +151,7 @@ public OpenSSLContext(SSLHostConfigCertificate certificate, List<String> negotia
                 // If the sslEngine is disabled on the AprLifecycleListener
                 // there will be an Exception here but there is no way to check
                 // the AprLifecycleListener settings from here
-                throw new Exception(
-                        netSm.getString("endpoint.apr.failSslContextMake"), e);
+                throw new Exception(sm.getString("openssl.failSslContextMake"), e);
             }
 
             this.negotiableProtocols = negotiableProtocols;