Author: markt
Date: Mon Mar 28 10:04:54 2016
New Revision: 1736853
URL: http://svn.apache.org/viewvc?rev=1736853&view=rev
Log:
Align cipher config parsing with OpenSSL master
Modified:
tomcat/tc8.5.x/trunk/ (props changed)
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java
tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
Propchange: tomcat/tc8.5.x/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Mar 28 10:04:54 2016
@@ -1 +1 @@
-/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736836
+/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1736853&r1=1736852&r2=1736853&view=diff
==============================================================================
---
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
(original)
+++
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
Mon Mar 28 10:04:54 2016
@@ -479,7 +479,7 @@ public class OpenSSLCipherConfigurationP
addListAlias(Constants.SSL_PROTO_TLSv1_2, filterByProtocol(allCiphers,
Collections.singleton(Protocol.TLSv1_2)));
addListAlias(Constants.SSL_PROTO_TLSv1_0, filterByProtocol(allCiphers,
Collections.singleton(Protocol.TLSv1)));
addListAlias(Constants.SSL_PROTO_SSLv3, filterByProtocol(allCiphers,
Collections.singleton(Protocol.SSLv3)));
- aliases.put(Constants.SSL_PROTO_TLSv1,
aliases.get(Constants.SSL_PROTO_SSLv3));
+ aliases.put(Constants.SSL_PROTO_TLSv1,
aliases.get(Constants.SSL_PROTO_TLSv1_0));
addListAlias(Constants.SSL_PROTO_SSLv2, filterByProtocol(allCiphers,
Collections.singleton(Protocol.SSLv2)));
addListAlias(DH, filterByKeyExchange(allCiphers, new
HashSet<>(Arrays.asList(KeyExchange.DHr, KeyExchange.DHd, KeyExchange.EDH))));
Set<Cipher> adh = filterByKeyExchange(allCiphers,
Collections.singleton(KeyExchange.EDH));
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java?rev=1736853&r1=1736852&r2=1736853&view=diff
==============================================================================
---
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java
(original)
+++
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/Protocol.java
Mon Mar 28 10:04:54 2016
@@ -23,7 +23,7 @@ enum Protocol {
SSLv3(Constants.SSL_PROTO_SSLv3),
SSLv2(Constants.SSL_PROTO_SSLv2),
- TLSv1(Constants.SSL_PROTO_TLSv1_0),
+ TLSv1(Constants.SSL_PROTO_TLSv1),
TLSv1_2(Constants.SSL_PROTO_TLSv1_2);
private final String openSSLName;
Modified:
tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java?rev=1736853&r1=1736852&r2=1736853&view=diff
==============================================================================
---
tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
(original)
+++
tomcat/tc8.5.x/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
Mon Mar 28 10:04:54 2016
@@ -368,8 +368,8 @@ public class TestCipher {
"DHE-PSK-AES128-CCM8+TLSv1.2",
"DHE-PSK-AES256-CCM+TLSv1.2",
"DHE-PSK-AES256-CCM8+TLSv1.2",
- "DHE-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "DHE-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "DHE-PSK-CAMELLIA128-SHA256+TLSv1",
+ "DHE-PSK-CAMELLIA256-SHA384+TLSv1",
"DHE-PSK-CHACHA20-POLY1305+TLSv1.2",
"DHE-RSA-AES128-CCM+TLSv1.2",
"DHE-RSA-AES128-CCM8+TLSv1.2",
@@ -387,8 +387,8 @@ public class TestCipher {
"ECDHE-ECDSA-CAMELLIA128-SHA256+TLSv1.2",
"ECDHE-ECDSA-CAMELLIA256-SHA384+TLSv1.2",
"ECDHE-ECDSA-CHACHA20-POLY1305+TLSv1.2",
- "ECDHE-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "ECDHE-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "ECDHE-PSK-CAMELLIA128-SHA256+TLSv1",
+ "ECDHE-PSK-CAMELLIA256-SHA384+TLSv1",
"ECDHE-PSK-CHACHA20-POLY1305+TLSv1.2",
"ECDHE-RSA-CAMELLIA128-SHA256+TLSv1.2",
"ECDHE-RSA-CAMELLIA256-SHA384+TLSv1.2",
@@ -400,13 +400,13 @@ public class TestCipher {
"PSK-AES128-CCM8+TLSv1.2",
"PSK-AES256-CCM+TLSv1.2",
"PSK-AES256-CCM8+TLSv1.2",
- "PSK-CAMELLIA128-SHA256+TLSv1.0",
- "PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "PSK-CAMELLIA128-SHA256+TLSv1",
+ "PSK-CAMELLIA256-SHA384+TLSv1",
"PSK-CHACHA20-POLY1305+TLSv1.2",
"RC2-CBC-MD5+SSLv2",
"RC4-MD5+SSLv2",
- "RSA-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "RSA-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "RSA-PSK-CAMELLIA128-SHA256+TLSv1",
+ "RSA-PSK-CAMELLIA256-SHA384+TLSv1",
"RSA-PSK-CHACHA20-POLY1305+TLSv1.2")));
@@ -592,21 +592,21 @@ public class TestCipher {
"DHE-DSS-SEED-SHA+SSLv3",
"DHE-PSK-3DES-EDE-CBC-SHA+SSLv3",
"DHE-PSK-AES128-CBC-SHA+SSLv3",
- "DHE-PSK-AES128-CBC-SHA256+TLSv1.0",
+ "DHE-PSK-AES128-CBC-SHA256+TLSv1",
"DHE-PSK-AES128-CCM+TLSv1.2",
"DHE-PSK-AES128-CCM8+TLSv1.2",
"DHE-PSK-AES128-GCM-SHA256+TLSv1.2",
"DHE-PSK-AES256-CBC-SHA+SSLv3",
- "DHE-PSK-AES256-CBC-SHA384+TLSv1.0",
+ "DHE-PSK-AES256-CBC-SHA384+TLSv1",
"DHE-PSK-AES256-CCM+TLSv1.2",
"DHE-PSK-AES256-CCM8+TLSv1.2",
"DHE-PSK-AES256-GCM-SHA384+TLSv1.2",
- "DHE-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "DHE-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "DHE-PSK-CAMELLIA128-SHA256+TLSv1",
+ "DHE-PSK-CAMELLIA256-SHA384+TLSv1",
"DHE-PSK-CHACHA20-POLY1305+TLSv1.2",
"DHE-PSK-NULL-SHA+SSLv3",
- "DHE-PSK-NULL-SHA256+TLSv1.0",
- "DHE-PSK-NULL-SHA384+TLSv1.0",
+ "DHE-PSK-NULL-SHA256+TLSv1",
+ "DHE-PSK-NULL-SHA384+TLSv1",
"DHE-PSK-RC4-SHA+SSLv3",
"DHE-RSA-AES128-CCM+TLSv1.2",
"DHE-RSA-AES128-CCM8+TLSv1.2",
@@ -631,15 +631,15 @@ public class TestCipher {
"ECDHE-ECDSA-CHACHA20-POLY1305+TLSv1.2",
"ECDHE-PSK-3DES-EDE-CBC-SHA+SSLv3",
"ECDHE-PSK-AES128-CBC-SHA+SSLv3",
- "ECDHE-PSK-AES128-CBC-SHA256+TLSv1.0",
+ "ECDHE-PSK-AES128-CBC-SHA256+TLSv1",
"ECDHE-PSK-AES256-CBC-SHA+SSLv3",
- "ECDHE-PSK-AES256-CBC-SHA384+TLSv1.0",
- "ECDHE-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "ECDHE-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "ECDHE-PSK-AES256-CBC-SHA384+TLSv1",
+ "ECDHE-PSK-CAMELLIA128-SHA256+TLSv1",
+ "ECDHE-PSK-CAMELLIA256-SHA384+TLSv1",
"ECDHE-PSK-CHACHA20-POLY1305+TLSv1.2",
"ECDHE-PSK-NULL-SHA+SSLv3",
- "ECDHE-PSK-NULL-SHA256+TLSv1.0",
- "ECDHE-PSK-NULL-SHA384+TLSv1.0",
+ "ECDHE-PSK-NULL-SHA256+TLSv1",
+ "ECDHE-PSK-NULL-SHA384+TLSv1",
"ECDHE-PSK-RC4-SHA+SSLv3",
"ECDHE-RSA-CAMELLIA128-SHA256+TLSv1.2",
"ECDHE-RSA-CAMELLIA256-SHA384+TLSv1.2",
@@ -652,37 +652,37 @@ public class TestCipher {
"IDEA-CBC-SHA+SSLv3",
"PSK-3DES-EDE-CBC-SHA+SSLv3",
"PSK-AES128-CBC-SHA+SSLv3",
- "PSK-AES128-CBC-SHA256+TLSv1.0",
+ "PSK-AES128-CBC-SHA256+TLSv1",
"PSK-AES128-CCM+TLSv1.2",
"PSK-AES128-CCM8+TLSv1.2",
"PSK-AES128-GCM-SHA256+TLSv1.2",
"PSK-AES256-CBC-SHA+SSLv3",
- "PSK-AES256-CBC-SHA384+TLSv1.0",
+ "PSK-AES256-CBC-SHA384+TLSv1",
"PSK-AES256-CCM+TLSv1.2",
"PSK-AES256-CCM8+TLSv1.2",
"PSK-AES256-GCM-SHA384+TLSv1.2",
- "PSK-CAMELLIA128-SHA256+TLSv1.0",
- "PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "PSK-CAMELLIA128-SHA256+TLSv1",
+ "PSK-CAMELLIA256-SHA384+TLSv1",
"PSK-CHACHA20-POLY1305+TLSv1.2",
"PSK-NULL-SHA+SSLv3",
- "PSK-NULL-SHA256+TLSv1.0",
- "PSK-NULL-SHA384+TLSv1.0",
+ "PSK-NULL-SHA256+TLSv1",
+ "PSK-NULL-SHA384+TLSv1",
"PSK-RC4-SHA+SSLv3",
"RC2-CBC-MD5+SSLv2",
"RC4-MD5+SSLv2",
"RSA-PSK-3DES-EDE-CBC-SHA+SSLv3",
"RSA-PSK-AES128-CBC-SHA+SSLv3",
- "RSA-PSK-AES128-CBC-SHA256+TLSv1.0",
+ "RSA-PSK-AES128-CBC-SHA256+TLSv1",
"RSA-PSK-AES128-GCM-SHA256+TLSv1.2",
"RSA-PSK-AES256-CBC-SHA+SSLv3",
- "RSA-PSK-AES256-CBC-SHA384+TLSv1.0",
+ "RSA-PSK-AES256-CBC-SHA384+TLSv1",
"RSA-PSK-AES256-GCM-SHA384+TLSv1.2",
- "RSA-PSK-CAMELLIA128-SHA256+TLSv1.0",
- "RSA-PSK-CAMELLIA256-SHA384+TLSv1.0",
+ "RSA-PSK-CAMELLIA128-SHA256+TLSv1",
+ "RSA-PSK-CAMELLIA256-SHA384+TLSv1",
"RSA-PSK-CHACHA20-POLY1305+TLSv1.2",
"RSA-PSK-NULL-SHA+SSLv3",
- "RSA-PSK-NULL-SHA256+TLSv1.0",
- "RSA-PSK-NULL-SHA384+TLSv1.0",
+ "RSA-PSK-NULL-SHA256+TLSv1",
+ "RSA-PSK-NULL-SHA384+TLSv1",
"RSA-PSK-RC4-SHA+SSLv3",
"SEED-SHA+SSLv3",
"SRP-AES-128-CBC-SHA+SSLv3",
Modified: tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml?rev=1736853&r1=1736852&r2=1736853&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Mon Mar 28 10:04:54 2016
@@ -76,6 +76,13 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Coyote">
+ <changelog>
+ <fix>
+ Align cipher configuration parsing with current OpenSSL master. (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="WebSocket">
<changelog>
<fix>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
