Author: kkolinko
Date: Sun Oct 19 21:04:42 2014
New Revision: 1632990
URL: http://svn.apache.org/r1632990
Log:
Followup to the fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=53952
Deprecate SSL_OP_PKCS1_CHECK_1, SSL_OP_PKCS1_CHECK_2 flags.
It is merge of r1632988 from tomcat/trunk.
Modified:
tomcat/tc7.0.x/trunk/ (props changed)
tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java
Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
Merged /tomcat/trunk:r1632988
Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java
URL:
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java?rev=1632990&r1=1632989&r2=1632990&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java Sun Oct 19
21:04:42 2014
@@ -140,9 +140,18 @@ public final class SSL {
public static final int SSL_OP_NO_SSLv3 =
0x02000000;
public static final int SSL_OP_NO_TLSv1 =
0x04000000;
- /* The next flag deliberately changes the ciphertest, this is a check
- * for the PKCS#1 attack */
+ // SSL_OP_PKCS1_CHECK_1 and SSL_OP_PKCS1_CHECK_2 flags are unsupported
+ // in the current version of OpenSSL library. See ssl.h changes in commit
+ // 7409d7ad517650db332ae528915a570e4e0ab88b (30 Apr 2011) of OpenSSL.
+ /**
+ * @deprecated Unsupported in the current version of OpenSSL
+ */
+ @Deprecated
public static final int SSL_OP_PKCS1_CHECK_1 =
0x08000000;
+ /**
+ * @deprecated Unsupported in the current version of OpenSSL
+ */
+ @Deprecated
public static final int SSL_OP_PKCS1_CHECK_2 =
0x10000000;
public static final int SSL_OP_NETSCAPE_CA_DN_BUG =
0x20000000;
public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG =
0x40000000;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
