You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/12/22 11:00:52 UTC

svn commit: r1721327 - /tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java

Author: markt
Date: Tue Dec 22 10:00:52 2015
New Revision: 1721327

URL: http://svn.apache.org/viewvc?rev=1721327&view=rev
Log:
OpenSSL trunk has removed support for all fixed DH cipher suites

Modified:
    tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java

Modified: tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java?rev=1721327&r1=1721326&r2=1721327&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java Tue Dec 22 10:00:52 2015
@@ -70,6 +70,10 @@ public class TesterOpenSSL {
         unimplemented.add(Cipher.TLS_RSA_EXPORT1024_WITH_RC4_56_MD5);
         unimplemented.add(Cipher.TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA);
         unimplemented.add(Cipher.TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA);
+        unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
+        unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256);
+        unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
+        unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256);
 
         if (VERSION < 10000) {
             // These were implemented in 1.0.0 so won't be available in any
@@ -236,12 +240,8 @@ public class TesterOpenSSL {
             unimplemented.add(Cipher.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384);
             unimplemented.add(Cipher.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384);
-            unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256);
-            unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256);
-            unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
-            unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384);
@@ -253,8 +253,6 @@ public class TesterOpenSSL {
             unimplemented.add(Cipher.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384);
             unimplemented.add(Cipher.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256);
-            unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256);
-            unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256);
             unimplemented.add(Cipher.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256);
@@ -312,6 +310,26 @@ public class TesterOpenSSL {
             unimplemented.add(Cipher.TLS_RSA_EXPORT_WITH_DES40_CBC_SHA);
             unimplemented.add(Cipher.TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5);
             unimplemented.add(Cipher.TLS_RSA_EXPORT_WITH_RC4_40_MD5);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_128_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_128_CBC_SHA256);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_128_GCM_SHA256);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_256_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_256_CBC_SHA256);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_AES_256_GCM_SHA384);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_DSS_WITH_SEED_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_128_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_128_CBC_SHA256);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_128_GCM_SHA256);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_256_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_256_CBC_SHA256);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_AES_256_GCM_SHA384);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_RSA_WITH_SEED_CBC_SHA);
         }
         OPENSSL_UNIMPLEMENTED_CIPHERS = Collections.unmodifiableSet(unimplemented);
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org