You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by mt...@apache.org on 2010/03/02 14:08:15 UTC
svn commit: r918017 - in /tomcat/trunk/java/org/apache:
catalina/core/AprLifecycleListener.java tomcat/util/net/AprEndpoint.java
Author: mturk
Date: Tue Mar 2 13:08:14 2010
New Revision: 918017
URL: http://svn.apache.org/viewvc?rev=918017&view=rev
Log:
As per Remy's suggestion use the new ABI only if present
Modified:
tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
Modified: tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java?rev=918017&r1=918016&r2=918017&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/AprLifecycleListener.java Tue Mar 2 13:08:14 2010
@@ -58,7 +58,7 @@
protected static final int TCN_REQUIRED_MAJOR = 1;
protected static final int TCN_REQUIRED_MINOR = 1;
- protected static final int TCN_REQUIRED_PATCH = 21;
+ protected static final int TCN_REQUIRED_PATCH = 17;
protected static final int TCN_RECOMMENDED_MINOR = 1;
protected static final int TCN_RECOMMENDED_PV = 21;
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=918017&r1=918016&r2=918017&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Tue Mar 2 13:08:14 2010
@@ -469,9 +469,15 @@
// Create SSL Context
sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
if (SSLInsecureRenegotiation) {
- if (SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
- SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
- else {
+ boolean legacyRenegSupported = false;
+ try {
+ legacyRenegSupported = SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+ if (legacyRenegSupported)
+ SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+ } catch (UnsatisfiedLinkError e) {
+ // Ignore
+ }
+ if (!legacyRenegSupported) {
// OpenSSL does not support unsafe legacy renegotiation.
log.warn(sm.getString("endpoint.warn.noInsecureReneg",
SSL.versionString()));
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org