Apply standard code formatting

markt-asf · markt-asf · commit b79827b6d302 · 2026-03-18T08:43:22.000Z
(to minimise differences between versions)
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLContext.java
@@ -265,8 +265,8 @@ public OpenSSLContext(SSLHostConfigCertificate certificate, List<String> negotia
 
             // Set server groups
             // Note: It is also possible to override setSSLParameters in OpenSSLEngine to set the final
-            //  list of groups per connection, but this is less efficient than setting the configured
-            //  group list on the SSL context and letting OpenSSL figure it out.
+            // list of groups per connection, but this is less efficient than setting the configured
+            // group list on the SSL context and letting OpenSSL figure it out.
             if (sslHostConfig.getGroupList() != null) {
                 StringBuilder sb = new StringBuilder();
                 boolean first = true;
@@ -532,7 +532,8 @@ public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) throws K
             }
             if (maxTlsVersion >= TLS1_3_VERSION()) {
                 try {
-                    if (SSL_CTX_set_ciphersuites(state.sslCtx, localArena.allocateFrom(sslHostConfig.getCipherSuites())) <= 0) {
+                    if (SSL_CTX_set_ciphersuites(state.sslCtx,
+                            localArena.allocateFrom(sslHostConfig.getCipherSuites())) <= 0) {
                         tls13Warning = sm.getString("engine.failedCipherSuite", sslHostConfig.getCipherSuites());
                     } else {
                         ciphersSet = true;
@@ -611,7 +612,8 @@ public void init(KeyManager[] kms, TrustManager[] tms, SecureRandom sr) throws K
                         localArena
                                 .allocateFrom(SSLHostConfig.adjustRelativePath(sslHostConfig.getCaCertificatePath())) :
                         MemorySegment.NULL;
-                if (SSL_CTX_load_verify_locations(state.sslCtx, caCertificateFileNative, caCertificatePathNative) <= 0) {
+                if (SSL_CTX_load_verify_locations(state.sslCtx, caCertificateFileNative,
+                        caCertificatePathNative) <= 0) {
                     logLastError("openssl.errorConfiguringLocations");
                 } else {
                     var caCerts = SSL_CTX_get_client_CA_list(state.sslCtx);
@@ -1368,8 +1370,8 @@ public SSLSessionContext getServerSessionContext() {
     public SSLEngine createSSLEngine() {
         return new OpenSSLEngine(cleaner, state.sslCtx, defaultProtocol, false, sessionContext, alpn, initialized,
                 sslHostConfig.getCertificateVerificationDepth(),
-                sslHostConfig.getCertificateVerification() == CertificateVerification.OPTIONAL_NO_CA,
-                noOcspCheck, ocspSoftFail, ocspTimeout, ocspVerifyFlags);
+                sslHostConfig.getCertificateVerification() == CertificateVerification.OPTIONAL_NO_CA, noOcspCheck,
+                ocspSoftFail, ocspTimeout, ocspVerifyFlags);
     }
 
     @Override
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLEngine.java
@@ -87,9 +87,9 @@ public final class OpenSSLEngine extends SSLEngine implements SSLUtil.ProtocolIn
         final Set<String> availableCipherSuites = new LinkedHashSet<>(128);
         availableCipherSuites.addAll(OpenSSLLibrary.findCiphers("ALL"));
         AVAILABLE_CIPHER_SUITES = Collections.unmodifiableSet(availableCipherSuites);
-        IMPLEMENTED_PROTOCOLS_SET = Set.of(Constants.SSL_PROTO_SSLv2Hello, Constants.SSL_PROTO_SSLv3,
-                Constants.SSL_PROTO_TLSv1, Constants.SSL_PROTO_TLSv1_1, Constants.SSL_PROTO_TLSv1_2,
-                Constants.SSL_PROTO_TLSv1_3);
+        IMPLEMENTED_PROTOCOLS_SET =
+                Set.of(Constants.SSL_PROTO_SSLv2Hello, Constants.SSL_PROTO_SSLv3, Constants.SSL_PROTO_TLSv1,
+                        Constants.SSL_PROTO_TLSv1_1, Constants.SSL_PROTO_TLSv1_2, Constants.SSL_PROTO_TLSv1_3);
     }
 
     private static final int MAX_PLAINTEXT_LENGTH = 16 * 1024; // 2^14
@@ -185,8 +185,8 @@ private enum PHAState {
      */
     OpenSSLEngine(Cleaner cleaner, MemorySegment sslCtx, String fallbackApplicationProtocol, boolean clientMode,
             OpenSSLSessionContext sessionContext, boolean alpn, boolean initialized, int certificateVerificationDepth,
-            boolean certificateVerificationOptionalNoCA, boolean noOcspCheck, boolean ocspSoftFail,
-            int ocspTimeout, int ocspVerifyFlags) {
+            boolean certificateVerificationOptionalNoCA, boolean noOcspCheck, boolean ocspSoftFail, int ocspTimeout,
+            int ocspVerifyFlags) {
         if (sslCtx == null) {
             throw new IllegalArgumentException(sm.getString("engine.noSSLContext"));
         }
@@ -832,8 +832,8 @@ private byte[] getPeerCertificate() {
         try (var localArena = Arena.ofConfined()) {
             // Use the new SSL_get0_peer_certificate call for OpenSSL 3+ to avoid having to call free
             MemorySegment/* (X509*) */ x509 =
-                    (openssl_h_Compatibility.OPENSSL3) ? SSL_get0_peer_certificate(state.ssl)
-                            : openssl_h_Compatibility.SSL_get_peer_certificate(state.ssl);
+                    (openssl_h_Compatibility.OPENSSL3) ? SSL_get0_peer_certificate(state.ssl) :
+                            openssl_h_Compatibility.SSL_get_peer_certificate(state.ssl);
             MemorySegment bufPointer = localArena.allocateFrom(ValueLayout.ADDRESS, MemorySegment.NULL);
             int length = i2d_X509(x509, bufPointer);
             if (length <= 0) {
@@ -1145,7 +1145,8 @@ public int apply(int preverify_ok, MemorySegment /* X509_STORE_CTX */ x509ctx) {
                     (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN()) ||
                     (errnum == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY()) ||
                     (errnum == X509_V_ERR_CERT_UNTRUSTED()) || (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE());
-            if ((verifyErrorIsOptional || errnum == X509_V_OK()) && (state.certificateVerifyMode == OpenSSLContext.OPTIONAL_NO_CA)) {
+            if ((verifyErrorIsOptional || errnum == X509_V_OK()) &&
+                    (state.certificateVerifyMode == OpenSSLContext.OPTIONAL_NO_CA)) {
                 ok = 1;
                 openssl_h_Compatibility.SSL_set_verify_result(state.ssl, X509_V_OK());
             }
@@ -1247,7 +1248,8 @@ private static int processOCSP(EngineState state, MemorySegment /* X509_STORE_CT
                                     for (String urlString : urls) {
                                         try {
                                             URL url = (new URI(urlString)).toURL();
-                                            ocspResponse = processOCSPRequest(state, url, issuer, x509, x509ctx, localArena);
+                                            ocspResponse =
+                                                    processOCSPRequest(state, url, issuer, x509, x509ctx, localArena);
                                             if (log.isDebugEnabled()) {
                                                 log.debug(sm.getString("engine.ocspResponse", urlString,
                                                         Integer.toString(ocspResponse)));
@@ -1376,7 +1378,8 @@ private static int processOCSPRequest(EngineState state, URL url, MemorySegment
                         return V_OCSP_CERTSTATUS_UNKNOWN();
                     }
                     MemorySegment certStack = OCSP_resp_get0_certs(basicResponse);
-                    if (OCSP_basic_verify(basicResponse, certStack, X509_STORE_CTX_get0_store(x509ctx), state.ocspVerifyFlags) <= 0) {
+                    if (OCSP_basic_verify(basicResponse, certStack, X509_STORE_CTX_get0_store(x509ctx),
+                            state.ocspVerifyFlags) <= 0) {
                         X509_STORE_CTX_set_error(x509ctx, X509_V_ERR_OCSP_SIGNATURE_FAILURE());
                         return V_OCSP_CERTSTATUS_UNKNOWN();
                     }
diff --git a/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java b/java/org/apache/tomcat/util/net/openssl/panama/OpenSSLUtil.java
@@ -105,6 +105,4 @@ public KeyManager[] getKeyManagers() throws Exception {
             throw e;
         }
     }
-
-
 }

Original file line number	Diff line number	Diff line change
`@@ -105,6 +105,4 @@ public KeyManager[] getKeyManagers() throws Exception {`
`105`	`105`	`throw e;`
`106`	`106`	`}`
`107`	`107`	`}`
`108`		`-`
`109`		`-`
`110`	`108`	`}`