This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new 250d50e Fix Gump failures. OpenSSL master has removed support for 5
ciphers.
250d50e is described below
commit 250d50e8be0c4e5d0913b71dbfad1c1c69c74244
Author: Mark Thomas <[email protected]>
AuthorDate: Mon Apr 13 17:13:59 2020 +0100
Fix Gump failures. OpenSSL master has removed support for 5 ciphers.
Strictly, they have been moved to the legacy provider but for the
purposes of our test, treat them as removed.
---
.../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
index 95ab187..97c27b1 100644
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
@@ -307,6 +307,18 @@ public class TesterOpenSSL {
unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384);
}
+ if (VERSION < 30000) {
+ // No new ciphers in 3.0.0 so far
+ } else {
+ // These were moved to the legacy provided in 3.0.0 so won't be
+ // available from that version onwards.
+ unimplemented.add(Cipher.TLS_RSA_WITH_IDEA_CBC_SHA);
+ unimplemented.add(Cipher.TLS_DH_anon_WITH_SEED_CBC_SHA);
+ unimplemented.add(Cipher.TLS_DHE_DSS_WITH_SEED_CBC_SHA);
+ unimplemented.add(Cipher.TLS_RSA_WITH_SEED_CBC_SHA);
+ unimplemented.add(Cipher.TLS_DHE_RSA_WITH_SEED_CBC_SHA);
+ }
+
String skipCiphers =
System.getProperty("tomcat.test.openssl.unimplemented", "");
if (!skipCiphers.isEmpty()) {
String[] skip = skipCiphers.split(",");
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
