svn commit: r1733375 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java

Wed, 02 Mar 2016 13:56:44 -0800 

Author: markt
Date: Wed Mar  2 21:56:14 2016
New Revision: 1733375

URL: http://svn.apache.org/viewvc?rev=1733375&view=rev
Log:
Fix ordering for newer ciphers suites only in OpenSSL master

Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1733375&r1=1733374&r2=1733375&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 Wed Mar  2 21:56:14 2016
@@ -565,10 +565,11 @@ public class OpenSSLCipherConfigurationP
         /* Everything else being equal, prefer ephemeral ECDH over other key 
exchange mechanisms */
         result.addAll(filterByKeyExchange(ciphers, 
Collections.singleton(KeyExchange.EECDH)));
         /* AES is our preferred symmetric cipher */
-        moveToStart(result, filterByEncryption(result, new 
HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128GCM,
-                Encryption.AES256, Encryption.AES256GCM))));
-        result.addAll(filterByEncryption(ciphers, new 
HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128GCM,
-                Encryption.AES256, Encryption.AES256GCM))));
+        Set<Encryption> aes = new HashSet<>(Arrays.asList(Encryption.AES128, 
Encryption.AES128CCM,
+                Encryption.AES128CCM8, Encryption.AES128GCM, Encryption.AES256,
+                Encryption.AES256CCM, Encryption.AES256CCM8, 
Encryption.AES256GCM));
+        moveToStart(result, filterByEncryption(result, aes));
+        result.addAll(filterByEncryption(ciphers, aes));
         /* Temporarily enable everything else for sorting */
         result.addAll(ciphers);
 



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to