svn commit: r834506 - /tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

Tue, 10 Nov 2009 07:39:07 -0800 

Author: markt
Date: Tue Nov 10 15:38:37 2009
New Revision: 834506

URL: http://svn.apache.org/viewvc?rev=834506&view=rev
Log:
Rename attribute

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?rev=834506&r1=834505&r2=834506&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java 
Tue Nov 10 15:38:37 2009
@@ -102,7 +102,7 @@
     protected String clientAuth = "false";
     protected SSLServerSocketFactory sslProxy = null;
     protected String[] enabledCiphers;
-    protected boolean enableMitmVulnerability = false;
+    protected boolean allowUnsafeLegacyRenegotiation = false;
 
     /**
      * Flag to state that we require client authentication.
@@ -157,7 +157,7 @@
         SSLSocket asock = null;
         try {
              asock = (SSLSocket)socket.accept();
-             if (!enableMitmVulnerability) {
+             if (!allowUnsafeLegacyRenegotiation) {
                  asock.addHandshakeCompletedListener(
                          new DisableSslRenegotiation());
              }
@@ -490,8 +490,8 @@
                 getEnabledCiphers(requestedCiphers,
                         sslProxy.getSupportedCipherSuites());
 
-            enableMitmVulnerability =
-                "true".equals(attributes.get("enableMitmVulnerability"));
+            allowUnsafeLegacyRenegotiation =
+                
"true".equals(attributes.get("allowUnsafeLegacyRenegotiation"));
             
             // Check the SSL config is OK
             checkConfig();



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to