Author: markt
Date: Wed Mar 2 14:22:08 2016
New Revision: 1733297
URL: http://svn.apache.org/viewvc?rev=1733297&view=rev
Log:
Sync OpenSSL<->JSSE cipher handling with 9.0.x
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java?rev=1733297&r1=1733296&r2=1733297&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/Cipher.java
Wed Mar 2 14:22:08 2016
@@ -21,6 +21,7 @@ import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
@@ -1290,7 +1291,7 @@ public enum Cipher {
false,
56,
128,
- new String[] {"SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD"},
+ new String[] {"SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5"},
null
),
// Cipher 62
@@ -4651,7 +4652,7 @@ public enum Cipher {
} else {
this.openSSLAltNames = Collections.emptySet();
}
- Set<String> jsseNames = new HashSet<>();
+ Set<String> jsseNames = new LinkedHashSet<>();
if (jsseAltNames != null && jsseAltNames.length != 0) {
jsseNames.addAll(Arrays.asList(jsseAltNames));
}
Modified:
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1733297&r1=1733296&r2=1733297&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
(original)
+++
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
Wed Mar 2 14:22:08 2016
@@ -704,7 +704,8 @@ public class OpenSSLCipherConfigurationP
}
/**
- * Parse the specified expression according to the OpenSSL syntax and
returns a list of standard cipher names.
+ * Parse the specified expression according to the OpenSSL syntax and
+ * returns a list of standard JSSE cipher names.
*
* @param expression the openssl expression to define a list of cipher.
* @return the corresponding list of ciphers.
Modified:
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java?rev=1733297&r1=1733296&r2=1733297&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
(original)
+++
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
Wed Mar 2 14:22:08 2016
@@ -331,6 +331,29 @@ public class TesterOpenSSL {
unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA);
unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA);
unimplemented.add(Cipher.TLS_DH_RSA_WITH_SEED_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_NULL_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_RC4_128_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_RC4_128_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_NULL_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_RC4_128_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256);
+ unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256);
+ unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384);
+
unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256);
+
unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384);
+
unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+
unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384);
}
OPENSSL_UNIMPLEMENTED_CIPHERS =
Collections.unmodifiableSet(unimplemented);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
