http.xml

markt Fri, 17 Oct 2014 07:33:44 -0700

Author: markt
Date: Fri Oct 17 14:27:34 2014
New Revision: 1632584

URL: http://svn.apache.org/r1632584
Log: (empty)


Modified:
    tomcat/trunk/java/org/apache/tomcat/jni/SSL.java
    tomcat/trunk/webapps/docs/changelog.xml
    tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/java/org/apache/tomcat/jni/SSL.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/jni/SSL.java?rev=1632584&r1=1632583&r2=1632584&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/jni/SSL.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/jni/SSL.java Fri Oct 17 14:27:34 2014
@@ -70,7 +70,7 @@ public final class SSL {
     public static final int SSL_PROTOCOL_SSLV2 = (1<<0);
     public static final int SSL_PROTOCOL_SSLV3 = (1<<1);
     public static final int SSL_PROTOCOL_TLSV1 = (1<<2);
-    public static final int SSL_PROTOCOL_ALL   = 
(SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1);
+    public static final int SSL_PROTOCOL_ALL   = (SSL_PROTOCOL_TLSV1);
 
     /*
      * Define the SSL verify levels

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1632584&r1=1632583&r2=1632584&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Fri Oct 17 14:27:34 2014
@@ -169,6 +169,9 @@
         connectors although SSLv2 should already be disabled by default by the
         JRE. (markt)
       </add>
+      <add>
+        Disable SSLv3 by default for the APT/native HTTPS connector. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Jasper">

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1632584&r1=1632583&r2=1632584&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Fri Oct 17 14:27:34 2014
@@ -1368,11 +1368,11 @@
 
     <attribute name="SSLProtocol" required="false">
       <p>Protocol which may be used for communicating with clients. The default
-      value is <code>all</code>, which is equivalent to 
<code>SSLv3+TLSv1</code>
+      value is <code>all</code>, which is equivalent to <code>TLSv1</code>
       with other acceptable values being <code>SSLv2</code>,
       <code>SSLv3</code>, <code>TLSv1</code> and any combination of the three
-      protocols concatenated with a plus sign. Note that the protocol
-      <code>SSLv2</code> is inherently unsafe.</p>
+      protocols concatenated with a plus sign. Note that the protocols
+      <code>SSLv2</code> and <code>SSLv3</code> are inherently unsafe.</p>
     </attribute>
 
     <attribute name="SSLVerifyClient" required="false">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1632584 - in /tomcat/trunk: java/org/apache/tomcat/jni/SSL.java webapps/docs/changelog.xml webapps/docs/config/http.xml

Reply via email to