[tomcat] 01/02: Align with 9.0.x onwards

Wed, 09 Aug 2023 06:13:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git

commit 32ed4d496f96a642ea1d76c0b027b1b3a4414aca
Author: Jean-Frederic Clere <jfcl...@gmail.com>
AuthorDate: Tue Aug 8 17:09:35 2023 +0200

    Align with 9.0.x onwards
---
 java/org/apache/tomcat/util/net/SSLHostConfig.java | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/java/org/apache/tomcat/util/net/SSLHostConfig.java 
b/java/org/apache/tomcat/util/net/SSLHostConfig.java
index d10d6f2ce0..23b2d6937a 100644
--- a/java/org/apache/tomcat/util/net/SSLHostConfig.java
+++ b/java/org/apache/tomcat/util/net/SSLHostConfig.java
@@ -50,13 +50,12 @@ public class SSLHostConfig implements Serializable {
     private static final Log log = LogFactory.getLog(SSLHostConfig.class);
     private static final StringManager sm = 
StringManager.getManager(SSLHostConfig.class);
 
-    private static final String DEFAULT_CIPHERS = 
"HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA";
-
     // Must be lower case. SSL host names are always stored using lower case as
     // they are case insensitive but are used by case sensitive code such as
     // keys in Maps.
     protected static final String DEFAULT_SSL_HOST_NAME = "_default_";
     protected static final Set<String> SSL_PROTO_ALL_SET = new HashSet<>();
+    public static final String DEFAULT_TLS_CIPHERS = 
"HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA";
 
     static {
         /* Default used if protocols are not configured, also used if
@@ -408,9 +407,9 @@ public class SSLHostConfig implements Serializable {
     public String getCiphers() {
         if (ciphers == null) {
             if (!JreCompat.isJre8Available() && Type.JSSE.equals(configType)) {
-                ciphers = DEFAULT_CIPHERS + ":!DHE";
+                ciphers = DEFAULT_TLS_CIPHERS + ":!DHE";
             } else {
-                ciphers = DEFAULT_CIPHERS;
+                ciphers = DEFAULT_TLS_CIPHERS;
             }
 
         }


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to