Author: jfclere
Date: Thu Jul 21 09:56:43 2011
New Revision: 1149093
URL: http://svn.apache.org/viewvc?rev=1149093&view=rev
Log:
Fix for 51056.
Modified:
tomcat/native/branches/1.1.x/native/src/sslcontext.c
Modified: tomcat/native/branches/1.1.x/native/src/sslcontext.c
URL:
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/sslcontext.c?rev=1149093&r1=1149092&r2=1149093&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/sslcontext.c (original)
+++ tomcat/native/branches/1.1.x/native/src/sslcontext.c Thu Jul 21 09:56:43
2011
@@ -90,7 +90,6 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
break;
case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3:
case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_TLSV1:
- case SSL_PROTOCOL_SSLV3 | SSL_PROTOCOL_TLSV1:
case SSL_PROTOCOL_ALL:
if (mode == SSL_MODE_CLIENT)
ctx = SSL_CTX_new(SSLv23_client_method());
@@ -99,6 +98,16 @@ TCN_IMPLEMENT_CALL(jlong, SSLContext, ma
else
ctx = SSL_CTX_new(SSLv23_method());
break;
+ case SSL_PROTOCOL_SSLV3 | SSL_PROTOCOL_TLSV1:
+ if (mode == SSL_MODE_CLIENT)
+ ctx = SSL_CTX_new(SSLv23_client_method());
+ else if (mode == SSL_MODE_SERVER)
+ ctx = SSL_CTX_new(SSLv23_server_method());
+ else
+ ctx = SSL_CTX_new(SSLv23_method());
+ if (ctx != NULL)
+ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
+ break;
case SSL_PROTOCOL_TLSV1:
if (mode == SSL_MODE_CLIENT)
ctx = SSL_CTX_new(TLSv1_client_method());
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
