OpenSSLContext.java

markt Tue, 05 Jan 2016 14:59:19 -0800

Author: markt
Date: Tue Jan  5 22:58:06 2016
New Revision: 1723193

URL: http://svn.apache.org/viewvc?rev=1723193&view=rev
Log:
Simplify. SSLHostConfig always returns an OpenSSL configuration string.


Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java?rev=1723193&r1=1723192&r2=1723193&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java 
Tue Jan  5 22:58:06 2016
@@ -25,7 +25,6 @@ import java.security.cert.X509Certificat
 import java.util.ArrayList;
 import java.util.Base64;
 import java.util.List;
-import java.util.StringTokenizer;
 import java.util.concurrent.atomic.AtomicIntegerFieldUpdater;
 
 import javax.net.ssl.KeyManager;
@@ -49,7 +48,6 @@ import org.apache.tomcat.util.net.Consta
 import org.apache.tomcat.util.net.SSLHostConfig;
 import org.apache.tomcat.util.net.SSLHostConfigCertificate;
 import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
-import org.apache.tomcat.util.net.openssl.ciphers.CipherSuiteConverter;
 import 
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -299,21 +297,9 @@ public class OpenSSLContext implements o
             }
 
             // List the ciphers that the client is permitted to negotiate
-            String ciphers = sslHostConfig.getCiphers();
-            if (!("ALL".equals(ciphers)) && ciphers.indexOf(':') == -1) {
-                StringTokenizer tok = new StringTokenizer(ciphers, ",");
-                this.ciphers = new ArrayList<>();
-                while (tok.hasMoreTokens()) {
-                    String token = tok.nextToken().trim();
-                    if (!"".equals(token)) {
-                        this.ciphers.add(token);
-                    }
-                }
-                ciphers = CipherSuiteConverter.toOpenSsl(ciphers);
-            } else {
-                this.ciphers = 
OpenSSLCipherConfigurationParser.parseExpression(ciphers);
-            }
-            SSLContext.setCipherSuite(ctx, ciphers);
+            String opensslCipherConfig = sslHostConfig.getCiphers();
+            this.ciphers = 
OpenSSLCipherConfigurationParser.parseExpression(opensslCipherConfig);
+            SSLContext.setCipherSuite(ctx, opensslCipherConfig);
             // Load Server key and certificate
             if (certificate.getCertificateFile() != null) {
                 // Set certificate



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1723193 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java

Reply via email to