Author: markt Date: Mon Nov 24 11:44:39 2014 New Revision: 1641377 URL: http://svn.apache.org/r1641377 Log: Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=57234 Make protocol filtering case insensitive
Modified: tomcat/tc7.0.x/trunk/ (props changed) tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc7.0.x/trunk/ ------------------------------------------------------------------------------ Merged /tomcat/trunk:r1641374 Merged /tomcat/tc8.0.x/trunk:r1641375 Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=1641377&r1=1641376&r2=1641377&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java (original) +++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java Mon Nov 24 11:44:39 2014 @@ -179,7 +179,7 @@ public class JSSESocketFactory implement // since they are no longer considered secure List<String> filteredProtocols = new ArrayList<String>(); for (String protocol : socket.getEnabledProtocols()) { - if (protocol.contains("SSL")) { + if (protocol.toUpperCase(Locale.ENGLISH).contains("SSL")) { log.debug(sm.getString("jsse.excludeDefaultProtocol", protocol)); continue; } Modified: tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?rev=1641377&r1=1641376&r2=1641377&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml Mon Nov 24 11:44:39 2014 @@ -82,6 +82,14 @@ </fix> </changelog> </subsection> + <subsection name="Coyote"> + <changelog> + <fix> + <bug>57234</bug>: Make SSL protocol filtering to remove insecure + protoccols case insensitive. (markt) + </fix> + </changelog> + </subsection> <subsection name="WebSocket"> <changelog> <fix> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org