svn commit: r1615089 - in /tomcat/trunk: java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java

Fri, 01 Aug 2014 06:07:42 -0700 

Author: markt
Date: Fri Aug  1 13:06:46 2014
New Revision: 1615089

URL: http://svn.apache.org/r1615089
Log:
DEFAULT alias also excludes SSLv2 although the OpenSSL docs don't mention this.
COMPLEMENTOFDEFAULT should be those ciphers in ALL that aren't in DEFAULT 
although the OpenSSL appears to be returning something slightly different.

Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
    
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java?rev=1615089&r1=1615088&r2=1615089&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
 Fri Aug  1 13:06:46 2014
@@ -460,9 +460,10 @@ public class OpenSSLCipherConfigurationP
         addListAlias(PSK, filter(allCiphers, null, 
Collections.singleton(KeyExchange.PSK), 
Collections.singleton(Authentication.PSK), null, null, null));
         addListAlias(KRB5, filter(allCiphers, null, 
Collections.singleton(KeyExchange.KRB5), 
Collections.singleton(Authentication.KRB5), null, null, null));
         initialized = true;
-        String defaultExpression = System.getProperty(DEFAULT_EXPRESSION_KEY, 
"ALL:!eNULL:!aNULL");
+        // Despite what the OpenSSL docs say, DEFAULT also excludes SSLv2
+        String defaultExpression = System.getProperty(DEFAULT_EXPRESSION_KEY, 
"ALL:!eNULL:!aNULL:!SSLv2");
         addListAlias(DEFAULT, parse(defaultExpression));
-        LinkedHashSet<Cipher> complementOfDefault = new 
LinkedHashSet<>(allCiphers);
+        LinkedHashSet<Cipher> complementOfDefault = new LinkedHashSet<>(all);
         complementOfDefault.removeAll(aliases.get(DEFAULT));
         addListAlias(COMPLEMENTOFDEFAULT, complementOfDefault);
     }

Modified: 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java?rev=1615089&r1=1615088&r2=1615089&view=diff
==============================================================================
--- 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TestOpenSSLCipherConfigurationParser.java
 Fri Aug  1 13:06:46 2014
@@ -32,9 +32,7 @@ public class TestOpenSSLCipherConfigurat
     }
 
 
-    // TODO
     @Test
-    @Ignore("Currently fails - needs investigation")
     public void testDEFAULT() throws Exception {
         testSpecification("DEFAULT");
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to