Browse code
patch to continue using jks as inmem keystore
Change-Id: I5be51cee018caf24819106de797c00ff6a239015
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4052
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Joao Lima
Reviewed-by: Sharath George
Priyesh Padmavilasom authored on 2017/10/17 08:39:49Showing 2 changed files
- SPECS/apache-tomcat/apache-tomcat-use-jks-as-inmem-keystore.patch
- SPECS/apache-tomcat/apache-tomcat.spec
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,18 @@ |
| 0 |
+--- a/java/org/apache/tomcat/util/net/jsse/JSSEUtil.java |
|
| 1 |
+@@ -241,13 +241,7 @@ public class JSSEUtil extends SSLUtilBase {
|
|
| 2 |
+ Key k = ks.getKey(keyAlias, keyPassArray); |
|
| 3 |
+ if (k != null && "PKCS#8".equalsIgnoreCase(k.getFormat())) {
|
|
| 4 |
+ // Switch to in-memory key store |
|
| 5 |
+- String provider = certificate.getCertificateKeystoreProvider(); |
|
| 6 |
+- if (provider == null) {
|
|
| 7 |
+- ksUsed = KeyStore.getInstance(certificate.getCertificateKeystoreType()); |
|
| 8 |
+- } else {
|
|
| 9 |
+- ksUsed = KeyStore.getInstance(certificate.getCertificateKeystoreType(), |
|
| 10 |
+- provider); |
|
| 11 |
+- } |
|
| 12 |
++ ksUsed = KeyStore.getInstance("JKS");
|
|
| 13 |
+ ksUsed.load(null, null); |
|
| 14 |
+ ksUsed.setKeyEntry(keyAlias, k, keyPassArray, ks.getCertificateChain(keyAlias)); |
|
| 15 |
+ } |
|
| 16 |
+ |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: Apache Tomcat |
| 2 | 2 |
Name: apache-tomcat |
| 3 | 3 |
Version: 8.5.23 |
| 4 |
-Release: 1%{?dist}
|
|
| 4 |
+Release: 2%{?dist}
|
|
| 5 | 5 |
License: Apache |
| 6 | 6 |
URL: http://tomcat.apache.org |
| 7 | 7 |
Group: Applications/System |
| ... | ... |
@@ -13,6 +13,7 @@ Source0: http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v%{version}/src/%{
|
| 13 | 13 |
# base-for-apache-tomcat is a cached -Dbase.path folder |
| 14 | 14 |
Source1: base-for-%{name}-%{version}.tar.gz
|
| 15 | 15 |
%define sha1 base=d920d15a8d3431dd396be0d635e329bc9817c6cf |
| 16 |
+Patch0: apache-tomcat-use-jks-as-inmem-keystore.patch |
|
| 16 | 17 |
BuildRequires: openjre8 |
| 17 | 18 |
BuildRequires: openjdk8 |
| 18 | 19 |
BuildRequires: apache-ant |
| ... | ... |
@@ -36,6 +37,7 @@ The Apache Tomcat package contains binaries for the Apache Tomcat servlet contai |
| 36 | 36 |
find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "*.gz" -o \ |
| 37 | 37 |
-name "*.jar" -o -name "*.war" -o -name "*.zip" \) -delete |
| 38 | 38 |
%setup -D -b 1 -n %{name}-%{version}-src
|
| 39 |
+%patch0 -p1 |
|
| 39 | 40 |
|
| 40 | 41 |
%build |
| 41 | 42 |
ant -Dbase.path="../base-for-%{name}-%{version}" deploy dist-prepare dist-source
|
| ... | ... |
@@ -90,6 +92,8 @@ rm -rf %{buildroot}/*
|
| 90 | 90 |
%{_logsdir}/catalina.out
|
| 91 | 91 |
|
| 92 | 92 |
%changelog |
| 93 |
+* Mon Oct 16 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 8.5.23-2 |
|
| 94 |
+- patch to keep using inmem keystore as jks. |
|
| 93 | 95 |
* Tue Oct 10 2017 Anish Swaminathan <anishs@vmware.com> 8.5.23-1 |
| 94 | 96 |
- Upgraded to version 8.5.23 |
| 95 | 97 |
* Wed Sep 27 2017 Alexey Makhalov <amakhalov@vmware.com> 8.5.20-3 |