You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/03/09 15:10:58 UTC
svn commit: r1665244 - in /tomcat/trunk:
test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
webapps/docs/config/http.xml
Author: markt
Date: Mon Mar 9 14:10:57 2015
New Revision: 1665244
URL: http://svn.apache.org/r1665244
Log:
Correct statement on ordering preferences.
Add info on which OpenSSL branch the filtering tracks.
Modified:
tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
tomcat/trunk/webapps/docs/config/http.xml
Modified: tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java?rev=1665244&r1=1665243&r2=1665244&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/util/net/jsse/openssl/TesterOpenSSL.java Mon Mar 9 14:10:57 2015
@@ -58,8 +58,9 @@ public class TesterOpenSSL {
Cipher.SSL2_RC4_128_EXPORT40_WITH_MD5)));
static {
- // Note: The tests are configured for OpenSSL 1.1.0. Running with a
- // different version is likely to trigger failures
+ // Note: The tests are configured for the OpenSSL 1.1.0 development
+ // branch. Running with a different version is likely to trigger
+ // failures.
String expected_version = System.getProperty("tomcat.test.openssl.version", "");
String versionString = null;
try {
Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1665244&r1=1665243&r2=1665244&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Mon Mar 9 14:10:57 2015
@@ -1050,11 +1050,13 @@
testing purposes only.</p>
<p>The list can also use ':' as a separator, in that case
it will use the OpenSSL syntax (see OpenSSL documentation for the list
- of ciphers supported and the syntax).</p>
+ of ciphers supported and the syntax). The behaviour of this filtering is
+ kept aligned with the behaviour of the OpenSSL 1.1.0 development
+ branch.</p>
<p>If not specified, a default (using the OpenSSL notation) of
<code>HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5</code> will be used.</p>
- <p>Note that Java does treat the order in which ciphers are defined as an
- order of preference.</p>
+ <p>Note that Java does not treat the order in which ciphers are defined as
+ an order of preference. See <code>useServerCipherSuitesOrder</code>.</p>
</attribute>
<attribute name="clientAuth" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org