JBossWeb SVN: r2570 - branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse. - jbossweb-commits

Monday, 8 December 2014


Author: remy.maucherat(a)jboss.com
Date: 2014-12-08 06:47:04 -0500 (Mon, 08 Dec 2014)
New Revision: 2570

Modified:
   branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
Log:
Allow SSLv2Hello if Java 6. But this is a very short term strategy probably.

Modified:
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java
===================================================================
---
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java	2014-12-08
09:56:56 UTC (rev 2569)
+++
branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java	2014-12-08
11:47:04 UTC (rev 2570)
@@ -736,23 +736,24 @@
     }
 
     public static String[] filterInsecureProcotols(String[] protocols) {
-        // Filtering is disabled for Java 6 compatibility (TLS is nearly unusable with
it)
-        return protocols;
-        /*
         if (protocols == null) {
             return null;
         }
+        String vmVersion = System.getProperty("java.runtime.version");
+        boolean isJava6JVM = (vmVersion != null) &&
vmVersion.startsWith("1.6");
         List<String> result = new ArrayList<String>(protocols.length);
         for (String protocol : protocols) {
             if (protocol == null ||
protocol.toUpperCase(Locale.ENGLISH).contains("SSL")) {
                 if (CoyoteLogger.UTIL_LOGGER.isDebugEnabled()) {
                     CoyoteLogger.UTIL_LOGGER.debug("Exclude protocol: " +
protocol);
                 }
+                if (protocol != null && isJava6JVM &&
protocol.equalsIgnoreCase("SSLv2Hello")) {
+                    result.add(protocol);
+                }
             } else {
                 result.add(protocol);
             }
         }
         return result.toArray(new String[result.size()]);
-        */
     }
 }


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

JBossWeb SVN: r2570 - branches/7.5.x/src/main/java/org/apache/tomcat/util/net/jsse.