You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2016/03/03 11:39:11 UTC
svn commit: r1733435 -
/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
Author: markt
Date: Thu Mar 3 10:39:11 2016
New Revision: 1733435
URL: http://svn.apache.org/viewvc?rev=1733435&view=rev
Log:
Partial fix for ordering issues with OPenSSL master
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java?rev=1733435&r1=1733434&r2=1733435&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java Thu Mar 3 10:39:11 2016
@@ -564,7 +564,7 @@ public class OpenSSLCipherConfigurationP
final LinkedHashSet<Cipher> ecdh = new LinkedHashSet<>(ciphers.size());
/* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
- ecdh.addAll(filterByKeyExchange(ciphers, Collections.singleton(KeyExchange.EECDH)));
+ ecdh.addAll(filterByKeyExchange(ciphers, new HashSet<>(Arrays.asList(KeyExchange.EECDH, KeyExchange.ECDHEPSK))));
/* AES is our preferred symmetric cipher */
Set<Encryption> aes = new HashSet<>(Arrays.asList(Encryption.AES128, Encryption.AES128CCM,
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org