https://issues.apache.org/bugzilla/show_bug.cgi?id=53952
--- Comment #23 from Christopher Schultz <ch...@christopherschultz.net> ---
I've taken another look at the (updated) patches. I'm confused by the changes
to sslcontext.c. It looks like there is no provision for combinations of
SSL/TLS protocols.
For instance, if I request (TLSv1_1 | TLSv1_2) then I don't get a configured
SSL engine because of this:
+#ifndef SSL_OP_NO_TLSv1_2
+ } else if (protocol & SSL_PROTOCOL_TLSV1_2) {
+ /* requested but not supported */
+#endif
Or is this because (TLSv1_1 | TLSv1_2) is not a supported protocol definition?
I could only find these TLS-related server-method functions in the OpenSSL API:
const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
