svn commit: r1738386 - in /tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net: AbstractEndpoint.java AprEndpoint.java

Sat, 09 Apr 2016 13:08:32 -0700 

Author: markt
Date: Sat Apr  9 20:07:56 2016
New Revision: 1738386

URL: http://svn.apache.org/viewvc?rev=1738386&view=rev
Log:
Follow-up to r1737747
Restore the check for cipher ordering on connector init and fail then else the 
error won't be visible until the first user tries a TLS connection.
Only check for JSSE. APR checks later and depends on OpenSSL version, not Java 
version.

Modified:
    tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
    tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java

Modified: 
tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1738386&r1=1738385&r2=1738386&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java 
Sat Apr  9 20:07:56 2016
@@ -743,12 +743,21 @@ public abstract class AbstractEndpoint<S
     public abstract void stopInternal() throws Exception;
 
     public final void init() throws Exception {
+        testServerCipherSuitesOrderSupport();
         if (bindOnInit) {
             bind();
             bindState = BindState.BOUND_ON_INIT;
         }
     }
 
+    protected void testServerCipherSuitesOrderSupport() {
+        // Only test this feature if the user explicitly requested its use.
+        if(!"".equals(getUseServerCipherSuitesOrder().trim()) && 
!JreCompat.isJre8Available()) {
+            throw new UnsupportedOperationException(
+                    
sm.getString("endpoint.jsse.cannotHonorServerCipherOrder"));
+        }
+    }
+
     public final void start() throws Exception {
         if (bindState == BindState.UNBOUND) {
             bind();

Modified: tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1738386&r1=1738385&r2=1738386&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java 
(original)
+++ tomcat/tc8.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Sat 
Apr  9 20:07:56 2016
@@ -1022,6 +1022,14 @@ public class AprEndpoint extends Abstrac
         return log;
     }
 
+
+
+    @Override
+    protected void testServerCipherSuitesOrderSupport() {
+        // NO_OP. This always passes for APR since it can only fail with JSSE.
+    }
+
+
     // --------------------------------------------------- Acceptor Inner Class
     /**
      * The background thread that listens for incoming TCP/IP connections and



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to