Re: svn commit: r1805529 - in /tomcat/trunk/java/org/apache/tomcat/util/net: AprEndpoint.java SSLHostConfig.java openssl/OpenSSLContext.java

Sun, 20 Aug 2017 02:16:10 -0700 

On 19/08/17 22:35, rj...@apache.org wrote:
> Author: rjung
> Date: Sat Aug 19 21:35:50 2017
> New Revision: 1805529
> 
> URL: http://svn.apache.org/viewvc?rev=1805529&view=rev
> Log:
> Update enabledProtocols and enabledCiphers
> in SSLHostConfig after OpenSSLConf has been
> applied.
> 
> This is needed, because the Manager webapp
> feature of listing the current enabled ciphers
> relies on SSLHostConfig.
> 
> Unfortunately the setters in SSLHostConfig
> are not public and OpenSSLContext which needs
> to call it is in a sub package.
> 
> For now I made the two setters public, any
> better suggestions welcome.
> 
> Modified:
>     tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
>     tomcat/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
>     tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
> 
<snip/>

> +                }
> +                if ((opts & SSL.SSL_OP_NO_SSLv2) == 0) {
> +                    enabled.add(Constants.SSL_PROTO_SSLv2);
> +                }

Does this mean it is now possible to enable SSLv2? That has been (well,
should have been) deliberately blocked everywhere else.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to