You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2018/03/16 11:59:53 UTC
svn commit: r1826977 - in
/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers:
TestCipher.java TesterOpenSSL.java
Author: markt
Date: Fri Mar 16 11:59:53 2018
New Revision: 1826977
URL: http://svn.apache.org/viewvc?rev=1826977&view=rev
Log:
There is an option to remove TLSv1.3 ciphers so use it.
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
Modified: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java?rev=1826977&r1=1826976&r2=1826977&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TestCipher.java Fri Mar 16 11:59:53 2018
@@ -80,14 +80,6 @@ public class TestCipher {
// TLS 1.3 is still i
Set<String> availableCipherSuites =
TesterOpenSSL.getOpenSSLCiphersAsSet("ALL:eNULL:aRSA");
- // TODO
- // Temporary removal of the TLS1.3 ciphers until the spec is final or an
- // appropriate option is added to the ciphers command
- availableCipherSuites.remove("TLS13-AES-128-GCM-SHA256+TLSv1.3");
- availableCipherSuites.remove("TLS13-AES-128-CCM-8-SHA256+TLSv1.3");
- availableCipherSuites.remove("TLS13-AES-128-CCM-SHA256+TLSv1.3");
- availableCipherSuites.remove("TLS13-CHACHA20-POLY1305-SHA256+TLSv1.3");
- availableCipherSuites.remove("TLS13-AES-256-GCM-SHA384+TLSv1.3");
Set<String> expectedCipherSuites = new HashSet<>();
for (Cipher cipher : Cipher.values()) {
Modified: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java?rev=1826977&r1=1826976&r2=1826977&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java Fri Mar 16 11:59:53 2018
@@ -362,13 +362,23 @@ public class TesterOpenSSL {
public static String getOpenSSLCiphersAsExpression(String specification) throws Exception {
- String stdout;
+
+ List<String> args = new ArrayList<>();
+ // Standard command to list the ciphers
+ args.add("ciphers");
+ args.add("-v");
+ if (VERSION == 10101) {
+ // Need to exclude the TLSv1.3 ciphers
+ args.add("-ciphersuites");
+ args.add("\"\"");
+ }
+ // Include the specification if provided
if (specification == null) {
- stdout = executeOpenSSLCommand("ciphers", "-v");
- } else {
- stdout = executeOpenSSLCommand("ciphers", "-v", specification);
+ args.add(specification);
}
+ String stdout = executeOpenSSLCommand(args.toArray(new String[args.size()]));
+
if (stdout.length() == 0) {
return stdout;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org