changelog.xml

markt Thu, 25 Aug 2016 09:45:04 -0700

Author: markt
Date: Thu Aug 25 16:44:38 2016
New Revision: 1757727

URL: http://svn.apache.org/viewvc?rev=1757727&view=rev
Log: (empty)


Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1757727&r1=1757726&r2=1757727&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 Thu Aug 25 16:44:38 2016
@@ -421,6 +421,10 @@ public class OpenSSLCipherConfigurationP
         List<Cipher> allCiphersList = Arrays.asList(Cipher.values());
         Collections.reverse(allCiphersList);
         LinkedHashSet<Cipher> allCiphers = defaultSort(new 
LinkedHashSet<>(allCiphersList));
+        // OpenSSL has disabled 3DES by default so remove it from the set of
+        // known ciphers
+        allCiphers.removeAll(filterByEncryption(allCiphers, 
Collections.singleton(Encryption.TRIPLE_DES)));
+
         addListAlias(eNULL, filterByEncryption(allCiphers, 
Collections.singleton(Encryption.eNULL)));
         LinkedHashSet<Cipher> all = new LinkedHashSet<>(allCiphers);
         remove(all, eNULL);

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1757727&r1=1757726&r2=1757727&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Aug 25 16:44:38 2016
@@ -221,6 +221,10 @@
         Small logging optimization in the <code>Rfc6265CookieProcessor</code>.
         Patch provided by Svetlin Zarev. (markt)
       </fix>
+      <fix>
+        OpenSSl now disables 3DES by default so reflect this when using OpenSSL
+        syntax to select ciphers. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1757727 - in /tomcat/trunk: java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java webapps/docs/changelog.xml

Reply via email to