-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 6/24/15 12:45 PM, Mark Thomas wrote: > On 24/06/2015 16:55, Christopher Schultz wrote: > >> There are some related files (like Cipher.java), but start in >> that class right there. I think a simple driver class could take >> an OpenSSL-style cipher string and dump-out the JSSE-compatible >> (expanded) cipher suites string. > > The key mapping information is held in the Cipher enumeration. > There should be an entry for each known Cipher, excluding a few > there aren't implemented (and are unlikely to be implemented) in > OpenSSL or JSSE. > > The tricky part isn't porting the mapping but the unit tests since > they depend on which ciphers are enabled in the JRE and the unit > tests for older Tomcat versions run on older JREs with fewer > ciphers. > > We could just skip porting the unit tests. But the JRE will happily allow discovery of supported ciphers. Could we simply run the unit tests and white-list only those ciphers that are actually supported by the runtime JRE? - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJViuF2AAoJEBzwKT+lPKRYY5AQAMeSk9PLPYUEl9P6K94+C5es xTAHH6/C1hXrQnngQMbAvKnyiVsoTYzAzkh9KqwJ6oXc7Pn97vbIWPcJjG1zNINr bGXASAch8G9kIkPQzOrXQBOu8UDgKqMUNx4ElnPZYQPW0RytS0yF1a8wbFZFhNO9 1EOlTOMxxxn3oxAplVR5xe0IE1x1IbNXPQIrljzz/t+pO5bL4gWYAJuwge+qIMDA Be33HtYG0BRgp9DjcuLUGnAVOTs7ss9Q/HyVEJOxxSm8n/gri0Z/9uB+OrtQ+uwY ACMWi+F/dPlo7lHcDiltvnPMMwHUF0njea7sWWxOKMT8xcwWRK/D7oyHP2Ph4GrD 0GFm04KpQsMiZm1+SxMZMIG+YJVN7Rk7ZfqbTug205MisKsEMMkwsvGIQWhDwm47 fK+lDYWKuW5BeG952hEZBiEb84Sqjh95ceWdpOEtEiv7pV02p3QJbGEbnPe3lZ/w UkMYUwcfuk0l2ABLpdEAfO49LAkRCYS6RUPSYd+0yCgM6OA1DOwqbn7xmpo9aR5R S4o4ivqjXughf5r2lTHHNtRjmNtZ21wlrdLyO70l3OFNKEhA4Q3r4hZobrsKQ6PT 0RyWeLPE9o2cPyRCKr5ZSfCs53yMuvBHuQUiNOXSHCw5kyjYlRIN9m7fxSYnxzog BWtc0hEUkoX8+/pZh4VQ =mtrZ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
