SSL.java

kkolinko Sun, 19 Oct 2014 14:05:27 -0700

Author: kkolinko
Date: Sun Oct 19 21:04:42 2014
New Revision: 1632990

URL: http://svn.apache.org/r1632990
Log:
Followup to the fix for https://issues.apache.org/bugzilla/show_bug.cgi?id=53952
Deprecate SSL_OP_PKCS1_CHECK_1, SSL_OP_PKCS1_CHECK_2 flags.
It is merge of r1632988 from tomcat/trunk.


Modified:
    tomcat/tc7.0.x/trunk/   (props changed)
    tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java

Propchange: tomcat/tc7.0.x/trunk/
------------------------------------------------------------------------------
  Merged /tomcat/trunk:r1632988

Modified: tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java?rev=1632990&r1=1632989&r2=1632990&view=diff
==============================================================================
--- tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java (original)
+++ tomcat/tc7.0.x/trunk/java/org/apache/tomcat/jni/SSL.java Sun Oct 19 
21:04:42 2014
@@ -140,9 +140,18 @@ public final class SSL {
     public static final int SSL_OP_NO_SSLv3                         = 
0x02000000;
     public static final int SSL_OP_NO_TLSv1                         = 
0x04000000;
 
-    /* The next flag deliberately changes the ciphertest, this is a check
-     * for the PKCS#1 attack */
+    // SSL_OP_PKCS1_CHECK_1 and SSL_OP_PKCS1_CHECK_2 flags are unsupported
+    // in the current version of OpenSSL library. See ssl.h changes in commit
+    // 7409d7ad517650db332ae528915a570e4e0ab88b (30 Apr 2011) of OpenSSL.
+    /**
+     * @deprecated Unsupported in the current version of OpenSSL
+     */
+    @Deprecated
     public static final int SSL_OP_PKCS1_CHECK_1                    = 
0x08000000;
+    /**
+     * @deprecated Unsupported in the current version of OpenSSL
+     */
+    @Deprecated
     public static final int SSL_OP_PKCS1_CHECK_2                    = 
0x10000000;
     public static final int SSL_OP_NETSCAPE_CA_DN_BUG               = 
0x20000000;
     public static final int SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG  = 
0x40000000;



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1632990 - in /tomcat/tc7.0.x/trunk: ./ java/org/apache/tomcat/jni/SSL.java

Reply via email to