svn commit: r1733435 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java

Thu, 03 Mar 2016 02:39:36 -0800 

Author: markt
Date: Thu Mar  3 10:39:11 2016
New Revision: 1733435

URL: http://svn.apache.org/viewvc?rev=1733435&view=rev
Log:
Partial fix for ordering issues with OPenSSL master

Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1733435&r1=1733434&r2=1733435&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 (original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
 Thu Mar  3 10:39:11 2016
@@ -564,7 +564,7 @@ public class OpenSSLCipherConfigurationP
         final LinkedHashSet<Cipher> ecdh = new LinkedHashSet<>(ciphers.size());
 
         /* Everything else being equal, prefer ephemeral ECDH over other key 
exchange mechanisms */
-        ecdh.addAll(filterByKeyExchange(ciphers, 
Collections.singleton(KeyExchange.EECDH)));
+        ecdh.addAll(filterByKeyExchange(ciphers, new 
HashSet<>(Arrays.asList(KeyExchange.EECDH, KeyExchange.ECDHEPSK))));
 
         /* AES is our preferred symmetric cipher */
         Set<Encryption> aes = new HashSet<>(Arrays.asList(Encryption.AES128, 
Encryption.AES128CCM,



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to