From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Mon, 15 Feb 2010 17:14:27 +0000 (+0000)
Subject: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48545
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=bc1753077a20d9bcb57bab65d44dcbe00bb38dd6;p=tomcat7.0

Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=48545
Truststores don't have to have passwords
Based on a patch by 'smmwpf54'

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@910266 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java b/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
index cd800a994..96b48b3b4 100644
--- a/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
+++ b/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
@@ -310,9 +310,6 @@ public class JSSESocketFactory
             truststorePassword =
                 System.getProperty("javax.net.ssl.trustStorePassword");
         }
-        if( truststorePassword == null ) {
-            truststorePassword = getKeystorePassword();
-        }
         if(log.isDebugEnabled()) {
             log.debug("TrustPass = " + truststorePassword);
         }
@@ -343,7 +340,7 @@ public class JSSESocketFactory
             log.debug("trustProvider = " + truststoreProvider);
         }
 
-        if (truststoreFile != null && truststorePassword != null){
+        if (truststoreFile != null){
             trustStore = getStore(truststoreType, truststoreProvider,
                     truststoreFile, truststorePassword);
         }
@@ -374,8 +371,12 @@ public class JSSESocketFactory
                 }
                 istream = new FileInputStream(keyStoreFile);
             }
-
-            ks.load(istream, pass.toCharArray());
+            
+            char[] storePass = null;
+            if (pass != null) {
+                storePass = pass.toCharArray(); 
+            }
+            ks.load(istream, storePass);
         } catch (FileNotFoundException fnfe) {
             log.error(sm.getString("jsse.keystore_load_failed", type, path,
                     fnfe.getMessage()), fnfe);
diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml
index 1227a1f54..2a7b5a1f5 100644
--- a/webapps/docs/config/http.xml
+++ b/webapps/docs/config/http.xml
@@ -921,9 +921,7 @@
     <attribute name="truststorePass" required="false">
       <p>The password to access the trust store. The default is the value of the
       <code>javax.net.ssl.trustStorePassword</code> system property. If that
-      property is null, the value of <code>keystorePass</code> is used as the
-      default. If neither this attribute, the default system property nor
-      <code>keystorePass</code>is set, no trust store will be configured.</p>
+      property is null, no trust store password will be configured.</p>
     </attribute>
 
     <attribute name="truststoreProvider" required="false">