Author: remy.maucherat(a)jboss.com
Date: 2014-06-27 06:25:14 -0400 (Fri, 27 Jun 2014)
New Revision: 2467
Modified:
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
Log:
More for 1078204: Fix issues with '+', submitted by Emmanuel Hugonnet.
Modified:
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java
===================================================================
---
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java 2014-06-25
15:31:11 UTC (rev 2466)
+++
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/openssl/OpenSSLCipherConfigurationParser.java 2014-06-27
10:25:14 UTC (rev 2467)
@@ -62,6 +62,12 @@
* matching existing ones.
*/
private static final String TO_END = "+";
+ /**
+ * Lists of cipher suites can be combined in a single cipher string using the +
character.
+ * This is used as a logical and operation.
+ * For example SHA1+DES represents all cipher suites containing the SHA1 and the DES
algorithms.
+ */
+ private static final String AND = "+";
/**
* All ciphers by their openssl alias name.
*/
@@ -466,8 +472,10 @@
}
static void moveToEnd(final LinkedHashSet<Ciphers> ciphers, final
Collection<Ciphers> toBeMovedCiphers) {
- ciphers.removeAll(toBeMovedCiphers);
- ciphers.addAll(toBeMovedCiphers);
+ List<Ciphers> movedCiphers = new
ArrayList<Ciphers>(toBeMovedCiphers);
+ movedCiphers.retainAll(ciphers);
+ ciphers.removeAll(movedCiphers);
+ ciphers.addAll(movedCiphers);
}
static void add(final LinkedHashSet<Ciphers> ciphers, final String alias) {
@@ -619,6 +627,17 @@
break;
} else if (aliases.containsKey(element)) {
add(ciphers, element);
+ } else if (element.contains(AND)) {
+ String[] intersections = element.split("\\" + AND);
+ if(intersections.length > 0) {
+ List<Ciphers> result = aliases.get(intersections[0]);
+ for(int i = 1; i < intersections.length; i++) {
+ if(aliases.containsKey(intersections[i])) {
+ result.retainAll(aliases.get(intersections[i]));
+ }
+ }
+ ciphers.addAll(result);
+ }
}
}
ciphers.removeAll(removedCiphers);
Show replies by date