This is an automated email from the ASF dual-hosted git repository. rjung pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push: new b25bdad Deprecate org.apache.tomcat.util.compat.TLS and move its functionality to its only using lass org.apache.tomcat.util.net.TesterSupport. b25bdad is described below commit b25bdade57d442dd145951cbf2c62ce460694737 Author: Rainer Jung <rainer.j...@kippdata.de> AuthorDate: Thu Sep 19 13:43:04 2019 +0200 Deprecate org.apache.tomcat.util.compat.TLS and move its functionality to its only using lass org.apache.tomcat.util.net.TesterSupport. --- java/org/apache/tomcat/util/compat/TLS.java | 3 +++ test/org/apache/tomcat/util/net/TesterSupport.java | 16 ++++++++++++++-- webapps/docs/changelog.xml | 6 ++++++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/compat/TLS.java b/java/org/apache/tomcat/util/compat/TLS.java index e750f12..6eefdb0 100644 --- a/java/org/apache/tomcat/util/compat/TLS.java +++ b/java/org/apache/tomcat/util/compat/TLS.java @@ -22,7 +22,10 @@ import javax.net.ssl.SSLContext; /** * This class checks for the availability of TLS features. + * + * @deprecated Unused. This will be removed in Tomcat 10. */ +@Deprecated public class TLS { private static final boolean tlsv13Available; diff --git a/test/org/apache/tomcat/util/net/TesterSupport.java b/test/org/apache/tomcat/util/net/TesterSupport.java index bf271a5..b402f24 100644 --- a/test/org/apache/tomcat/util/net/TesterSupport.java +++ b/test/org/apache/tomcat/util/net/TesterSupport.java @@ -57,7 +57,6 @@ import org.apache.catalina.deploy.SecurityConstraint; import org.apache.catalina.startup.TestTomcat.MapRealm; import org.apache.catalina.startup.Tomcat; import org.apache.tomcat.jni.SSL; -import org.apache.tomcat.util.compat.TLS; public final class TesterSupport { @@ -73,6 +72,7 @@ public final class TesterSupport { public static final String CA_CERT_PEM = RESOURCE_PATH + CA_ALIAS + "-cert.pem"; public static final String LOCALHOST_CERT_PEM = RESOURCE_PATH + "localhost-cert.pem"; public static final String LOCALHOST_KEY_PEM = RESOURCE_PATH + "localhost-key.pem"; + public static final boolean TLSV13_AVAILABLE; public static final String ROLE = "testrole"; @@ -98,6 +98,18 @@ public final class TesterSupport { // Assume no RFC 5746 support } RFC_5746_SUPPORTED = result; + + result = false; + try { + SSLContext.getInstance(Constants.SSL_PROTO_TLSv1_3); + result = true; + } catch (NoSuchAlgorithmException ex) { + } + TLSV13_AVAILABLE = result; + } + + public static boolean isTlsv13Available() { + return TLSV13_AVAILABLE; } public static void initSsl(Tomcat tomcat) { @@ -410,7 +422,7 @@ public final class TesterSupport { */ public static String getDefaultTLSProtocolForTesting(Connector connector) { // Clients always use JSSE - if (!TLS.isTlsv13Available()) { + if (!TLSV13_AVAILABLE) { // Client doesn't support TLS 1.3 so we have to use TLS 1.2 return Constants.SSL_PROTO_TLSv1_2; } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 710063c..30d1aaa 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -247,6 +247,12 @@ Remove unused i18n messages and associated translations. Patch provided by KangZhiDong. (markt) </fix> + <scode> + Deprecate <code>org.apache.tomcat.util.compat.TLS</code>. + Its functionality was only used for unit tests in + <code>org.apache.tomcat.util.net.TesterSupport</code> + and has been moved there. (rjung) + </scode> </changelog> </subsection> </section> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org