2014-04-09 11:32 GMT+04:00 <mt...@apache.org>: > Author: mturk > Date: Wed Apr 9 07:32:29 2014 > New Revision: 1585898 > > URL: http://svn.apache.org/r1585898 > Log: > Apply Ognjen's patch for bz55915 > > Modified: > tomcat/native/branches/1.1.x/native/src/sslcontext.c > tomcat/native/branches/1.1.x/xdocs/miscellaneous/changelog.xml > > Modified: tomcat/native/branches/1.1.x/native/src/sslcontext.c > URL: > http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslcontext.c?rev=1585898&r1=1585897&r2=1585898&view=diff > ============================================================================== > --- tomcat/native/branches/1.1.x/native/src/sslcontext.c (original) > +++ tomcat/native/branches/1.1.x/native/src/sslcontext.c Wed Apr 9 07:32:29 > 2014 > @@ -151,6 +151,10 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma > (unsigned long)((sizeof SSL_DEFAULT_VHOST_NAME) - 1), > &(c->context_id[0]), NULL, EVP_sha1(), NULL); > if (mode) {
All the following is unconditional? I wonder whether OpenSSL always has these methods. > + /* Set default (nistp256) elliptic curve for ephemeral ECDH keys */ > + EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); > + SSL_CTX_set_tmp_ecdh(c->ctx, ecdh); > + EC_KEY_free(ecdh); > SSL_CTX_set_tmp_rsa_callback(c->ctx, SSL_callback_tmp_RSA); > SSL_CTX_set_tmp_dh_callback(c->ctx, SSL_callback_tmp_DH); > } > Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
