tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jfcl...@apache.org
Subject svn commit: r1149093 - /tomcat/native/branches/1.1.x/native/src/sslcontext.c
Date Thu, 21 Jul 2011 09:56:44 GMT
Author: jfclere
Date: Thu Jul 21 09:56:43 2011
New Revision: 1149093

URL: http://svn.apache.org/viewvc?rev=1149093&view=rev
Log:
Fix for 51056.

Modified:
    tomcat/native/branches/1.1.x/native/src/sslcontext.c

Modified: tomcat/native/branches/1.1.x/native/src/sslcontext.c
URL: http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslcontext.c?rev=1149093&r1=1149092&r2=1149093&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslcontext.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslcontext.c Thu Jul 21 09:56:43 2011
@@ -90,7 +90,6 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
         break;
         case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3:
         case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_TLSV1:
-        case SSL_PROTOCOL_SSLV3 | SSL_PROTOCOL_TLSV1:
         case SSL_PROTOCOL_ALL:
             if (mode == SSL_MODE_CLIENT)
                 ctx = SSL_CTX_new(SSLv23_client_method());
@@ -99,6 +98,16 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
             else
                 ctx = SSL_CTX_new(SSLv23_method());
         break;
+        case SSL_PROTOCOL_SSLV3 | SSL_PROTOCOL_TLSV1:
+            if (mode == SSL_MODE_CLIENT)
+                ctx = SSL_CTX_new(SSLv23_client_method());
+            else if (mode == SSL_MODE_SERVER)
+                ctx = SSL_CTX_new(SSLv23_server_method());
+            else
+                ctx = SSL_CTX_new(SSLv23_method());
+            if (ctx != NULL)
+                SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
+        break;
         case SSL_PROTOCOL_TLSV1:
             if (mode == SSL_MODE_CLIENT)
                 ctx = SSL_CTX_new(TLSv1_client_method());



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message