Author: markt
Date: Mon Mar 9 14:14:33 2015
New Revision: 1665245
URL: http://svn.apache.org/r1665245
Log:
Correct statement on ordering preferences.
Add info on which OpenSSL branch the filtering tracks.
Modified:
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
tomcat/tc8.0.x/trunk/webapps/docs/config/http.xml
Modified:
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java?rev=1665245&r1=1665244&r2=1665245&view=diff
==============================================================================
---
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
(original)
+++
tomcat/tc8.0.x/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
Mon Mar 9 14:14:33 2015
@@ -72,8 +72,8 @@ public class TesterOpenSSL {
static {
- // Note: The tests are configured for OpenSSL 1.0.2. Running with a
- // different version is likely to trigger failures
+ // Note: The tests are configured for OpenSSL 1.0.2 stable branch.
+ // Running with a different version is likely to trigger
failures.
String expected_version =
System.getProperty("tomcat.test.openssl.version", "");
String versionString = null;
try {
Modified: tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml?rev=1665245&r1=1665244&r2=1665245&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/changelog.xml Mon Mar 9 14:14:33 2015
@@ -148,6 +148,10 @@
body chunk larger than the socket write buffer is being written. This
typically requires a larger than default AJP packetSize. (markt)
</fix>
+ <update>
+ Align the OpenSSL syntax cipher configuration with the OpenSSL 1.0.2
+ branch. (markt)
+ </update>
</changelog>
</subsection>
<subsection name="Jasper">
Modified: tomcat/tc8.0.x/trunk/webapps/docs/config/http.xml
URL:
http://svn.apache.org/viewvc/tomcat/tc8.0.x/trunk/webapps/docs/config/http.xml?rev=1665245&r1=1665244&r2=1665245&view=diff
==============================================================================
--- tomcat/tc8.0.x/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/tc8.0.x/trunk/webapps/docs/config/http.xml Mon Mar 9 14:14:33 2015
@@ -1106,11 +1106,12 @@
testing purposes only.</p>
<p>The list can also use ':' as a separator, in that case
it will use the OpenSSL syntax (see OpenSSL documentation for the list
- of ciphers supported and the syntax).</p>
+ of ciphers supported and the syntax). The behaviour of this filtering is
+ kept aligned with the behaviour of the OpenSSL 1.0.2 stable branch.</p>
<p>If not specified, a default (using the OpenSSL notation) of
<code>HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5</code> will be used.</p>
- <p>Note that Java does treat the order in which ciphers are defined as an
- order of preference.</p>
+ <p>Note that Java does not treat the order in which ciphers are defined
as
+ an order of preference. See <code>useServerCipherSuitesOrder</code>.</p>
</attribute>
<attribute name="clientAuth" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
