Tree - rpms/tomcatjss - CentOS Git server

rpms / tomcatjss

Files

Commit: 6655a987b1104211cf98b6ffa8a4986c877abcd2
Blob Blame History Raw
diff -up src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java.cfu src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java
--- src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java.cfu	2016-06-29 18:54:38.498127146 -0600
+++ src/org/apache/tomcat/util/net/jss/JSSSocketFactory.java	2016-06-29 18:56:38.646778769 -0600
@@ -96,8 +96,12 @@ public class JSSSocketFactory implements
                 SSLSocket.SSL3_RSA_EXPORT_WITH_DES40_CBC_SHA);
         cipherMap.put("SSL3_RSA_WITH_DES_CBC_SHA",
                 SSLSocket.SSL3_RSA_WITH_DES_CBC_SHA);
+
         cipherMap.put("SSL3_RSA_WITH_3DES_EDE_CBC_SHA",
                 SSLSocket.SSL3_RSA_WITH_3DES_EDE_CBC_SHA);
+        // deprecated SSL3.0 names replaced by IANA-registered TLS names
+        cipherMap.put("TLS_RSA_WITH_3DES_EDE_CBC_SHA",
+                SSLSocket.SSL3_RSA_WITH_3DES_EDE_CBC_SHA);
 
         cipherMap.put("SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA",
                 SSLSocket.SSL3_DH_DSS_EXPORT_WITH_DES40_CBC_SHA);
@@ -116,14 +120,23 @@ public class JSSSocketFactory implements
                 SSLSocket.SSL3_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA);
         cipherMap.put("SSL3_DHE_DSS_WITH_DES_CBC_SHA",
                 SSLSocket.SSL3_DHE_DSS_WITH_DES_CBC_SHA);
+
         cipherMap.put("SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
                 SSLSocket.SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
+        // deprecated SSL3.0 names replaced by IANA-registered TLS names
+        cipherMap.put("TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
+                SSLSocket.SSL3_DHE_DSS_WITH_3DES_EDE_CBC_SHA);
+
         cipherMap.put("SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
                 SSLSocket.SSL3_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA);
         cipherMap.put("SSL3_DHE_RSA_WITH_DES_CBC_SHA",
                 SSLSocket.SSL3_DHE_RSA_WITH_DES_CBC_SHA);
+
         cipherMap.put("SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
                 SSLSocket.SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
+        // deprecated SSL3.0 names replaced by IANA-registered TLS names
+        cipherMap.put("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
+                SSLSocket.SSL3_DHE_RSA_WITH_3DES_EDE_CBC_SHA);
 
         cipherMap.put("SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5",
                 SSLSocket.SSL3_DH_ANON_EXPORT_WITH_RC4_40_MD5);
@@ -264,6 +277,12 @@ public class JSSSocketFactory implements
         cipherMap.put("TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
                 SSLSocket.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256);
 
+        cipherMap.put("TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+                SSLSocket.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+        cipherMap.put("TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+                SSLSocket.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+        cipherMap.put("TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
+                SSLSocket.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA);
     }
 
     private static HashMap<Integer, String> eccCipherMap = new HashMap<Integer, String>();
@@ -308,6 +327,8 @@ public class JSSSocketFactory implements
                 "TLS_ECDH_RSA_WITH_NULL_SHA");
         eccCipherMap.put(SSLSocket.TLS_ECDH_ECDSA_WITH_NULL_SHA,
                 "TLS_ECDH_ECDSA_WITH_NULL_SHA");
+        eccCipherMap.put(SSLSocket.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+                "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256");
     }
 
     private AbstractEndpoint endpoint;
@@ -393,6 +414,7 @@ public class JSSSocketFactory implements
                             + ": 0x" + Integer.toHexString(cipherid) + "\n");
                     SSLSocket.setCipherPreferenceDefault(cipherid, state);
                 } catch (Exception e) {
+                    System.err.println("SSLSocket.setCipherPreferenceDefault exception:" +e);
                     if (eccCipherMap.containsKey(cipherid)) {
                         System.err
                                 .println("Warning: SSL ECC cipher \""
rpms / tomcatjss

Source Code

Files
