Author: drazzib Date: 2012-03-02 18:56:03 +0000 (Fri, 02 Mar 2012) New Revision: 15810
Added: tags/tomcat-native/1.1.23-1/ tags/tomcat-native/1.1.23-1/debian/changelog tags/tomcat-native/1.1.23-1/debian/control tags/tomcat-native/1.1.23-1/debian/copyright tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff tags/tomcat-native/1.1.23-1/debian/rules Removed: tags/tomcat-native/1.1.23-1/debian/changelog tags/tomcat-native/1.1.23-1/debian/control tags/tomcat-native/1.1.23-1/debian/copyright tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff tags/tomcat-native/1.1.23-1/debian/rules Log: [svn-buildpackage] Tagging tomcat-native 1.1.23-1 Deleted: tags/tomcat-native/1.1.23-1/debian/changelog =================================================================== --- trunk/tomcat-native/debian/changelog 2012-03-02 05:35:10 UTC (rev 15806) +++ tags/tomcat-native/1.1.23-1/debian/changelog 2012-03-02 18:56:03 UTC (rev 15810) @@ -1,98 +0,0 @@ -tomcat-native (1.1.22-2) UNRELEASED; urgency=low - - * Team upload. - * Remove Michael Koch from Uploaders (Closes: #654135) - - -- tony mancill <tmanc...@debian.org> Mon, 09 Jan 2012 09:09:25 -0800 - -tomcat-native (1.1.22-1) unstable; urgency=low - - * New upstream release: - - Update d/patches/drop_sslv2_support.diff patch. - - -- Damien Raude-Morvan <draz...@debian.org> Fri, 12 Aug 2011 20:02:57 +0200 - -tomcat-native (1.1.20-3) unstable; urgency=low - - * Switch to 3.0 quilt source format. - * d/patches/drop_sslv2_support.diff: Drop support for SSLv2 - (Closes: #622141). - * d/copyright: Update to DEP-5 format. - - -- Damien Raude-Morvan <draz...@debian.org> Sun, 10 Jul 2011 23:42:01 +0200 - -tomcat-native (1.1.20-2) unstable; urgency=low - - * Team upload. - * Remove *.la (Closes: #621279) - * Bump Standards-Version to 3.9.2 (no changes needed) - - -- tony mancill <tmanc...@debian.org> Sat, 09 Apr 2011 10:57:15 -0700 - -tomcat-native (1.1.20-1) unstable; urgency=low - - * New upstream release: - - Prevent crashing JVM on shutdown. - * Bump Standards-Version to 3.8.4 (no changes needed) - - -- Damien Raude-Morvan <draz...@debian.org> Sat, 20 Feb 2010 22:50:34 +0100 - -tomcat-native (1.1.19-1) unstable; urgency=low - - * New upstream release. - - minor versioning fix - - allows building against OpenSSL 1.0 - * Add a README.Debian to help users to setup Tomcat 6.x - with Tomcat Native Library - - -- Damien Raude-Morvan <draz...@debian.org> Sun, 17 Jan 2010 01:27:46 +0100 - -tomcat-native (1.1.18-1) unstable; urgency=high - - * New upstream release. - - Fix CVE-2009-3555 SSL-Man-In-The-Middle attack - - set urgency=high to get security fix in testing - - -- Damien Raude-Morvan <draz...@debian.org> Tue, 24 Nov 2009 01:46:20 +0100 - -tomcat-native (1.1.17-1) unstable; urgency=low - - * New upstream release. - * debian/control: - - Update my email address - - Bump Standards-Version to 3.8.3 (no changes needed) - - Bump debhelper version to >= 7 - - Update upstream Homepage field - - Use default-jdk instead of default-jdk-builddep as there is no - native (-gcj) package build. - * debian/copyright: - - Update upstream copyright years - - Add myself as debian/* copyright holder - * debian/libtcnative-1.lintian-overrides: - - Change to be version agnostic - - -- Damien Raude-Morvan <draz...@debian.org> Sat, 07 Nov 2009 21:41:36 +0100 - -tomcat-native (1.1.16-1) unstable; urgency=low - - * New upstream release (Closes: #514500) - - Fix IPv6 issues (Closes: #517163, #521306) - * debian/control: - - Move libtcnative-1 to "java" section - - Add myself to Uploaders - - Bump Standards-Version to 3.8.1 (no changes needed) - * debian/watch: Update to new upstream location - * debian/rules: Provide a "get-orig-source" target using uscan - * debian/control: Build-Depends on default-jdk-builddep - * debian/rules: use JAVA_HOME=/usr/lib/jvm/default-java - * Remove debian/libtcnative-1.install and use dh_lintian - to install debian/libtcnative-1.lintian-overrides - - -- Damien Raude-Morvan <draz...@drazzib.com> Sun, 29 Mar 2009 15:40:58 +0200 - -tomcat-native (1.1.13-1) unstable; urgency=low - - * Initial release. Closes: #485037. - - -- Michael Koch <konque...@gmx.de> Sat, 07 Jun 2008 15:16:14 +0200 - Copied: tags/tomcat-native/1.1.23-1/debian/changelog (from rev 15809, trunk/tomcat-native/debian/changelog) =================================================================== --- tags/tomcat-native/1.1.23-1/debian/changelog (rev 0) +++ tags/tomcat-native/1.1.23-1/debian/changelog 2012-03-02 18:56:03 UTC (rev 15810) @@ -0,0 +1,107 @@ +tomcat-native (1.1.23-1) unstable; urgency=low + + [ tony mancill ] + * Team upload. + * Remove Michael Koch from Uploaders (Closes: #654135) + + [ Damien Raude-Morvan ] + * New upstream release. + * d/control: Build-Depends on dpkg-dev (>= 1.16.1~) for hardening + flags + * d/rules: Enable hardening build. + * d/copyright: Use copyright-format 1.0. + * d/control: Bump Standards-Version to 3.9.3: no changes needed. + + -- Damien Raude-Morvan <draz...@debian.org> Fri, 02 Mar 2012 19:51:58 +0100 + +tomcat-native (1.1.22-1) unstable; urgency=low + + * New upstream release: + - Update d/patches/drop_sslv2_support.diff patch. + + -- Damien Raude-Morvan <draz...@debian.org> Fri, 12 Aug 2011 20:02:57 +0200 + +tomcat-native (1.1.20-3) unstable; urgency=low + + * Switch to 3.0 quilt source format. + * d/patches/drop_sslv2_support.diff: Drop support for SSLv2 + (Closes: #622141). + * d/copyright: Update to DEP-5 format. + + -- Damien Raude-Morvan <draz...@debian.org> Sun, 10 Jul 2011 23:42:01 +0200 + +tomcat-native (1.1.20-2) unstable; urgency=low + + * Team upload. + * Remove *.la (Closes: #621279) + * Bump Standards-Version to 3.9.2 (no changes needed) + + -- tony mancill <tmanc...@debian.org> Sat, 09 Apr 2011 10:57:15 -0700 + +tomcat-native (1.1.20-1) unstable; urgency=low + + * New upstream release: + - Prevent crashing JVM on shutdown. + * Bump Standards-Version to 3.8.4 (no changes needed) + + -- Damien Raude-Morvan <draz...@debian.org> Sat, 20 Feb 2010 22:50:34 +0100 + +tomcat-native (1.1.19-1) unstable; urgency=low + + * New upstream release. + - minor versioning fix + - allows building against OpenSSL 1.0 + * Add a README.Debian to help users to setup Tomcat 6.x + with Tomcat Native Library + + -- Damien Raude-Morvan <draz...@debian.org> Sun, 17 Jan 2010 01:27:46 +0100 + +tomcat-native (1.1.18-1) unstable; urgency=high + + * New upstream release. + - Fix CVE-2009-3555 SSL-Man-In-The-Middle attack + - set urgency=high to get security fix in testing + + -- Damien Raude-Morvan <draz...@debian.org> Tue, 24 Nov 2009 01:46:20 +0100 + +tomcat-native (1.1.17-1) unstable; urgency=low + + * New upstream release. + * debian/control: + - Update my email address + - Bump Standards-Version to 3.8.3 (no changes needed) + - Bump debhelper version to >= 7 + - Update upstream Homepage field + - Use default-jdk instead of default-jdk-builddep as there is no + native (-gcj) package build. + * debian/copyright: + - Update upstream copyright years + - Add myself as debian/* copyright holder + * debian/libtcnative-1.lintian-overrides: + - Change to be version agnostic + + -- Damien Raude-Morvan <draz...@debian.org> Sat, 07 Nov 2009 21:41:36 +0100 + +tomcat-native (1.1.16-1) unstable; urgency=low + + * New upstream release (Closes: #514500) + - Fix IPv6 issues (Closes: #517163, #521306) + * debian/control: + - Move libtcnative-1 to "java" section + - Add myself to Uploaders + - Bump Standards-Version to 3.8.1 (no changes needed) + * debian/watch: Update to new upstream location + * debian/rules: Provide a "get-orig-source" target using uscan + * debian/control: Build-Depends on default-jdk-builddep + * debian/rules: use JAVA_HOME=/usr/lib/jvm/default-java + * Remove debian/libtcnative-1.install and use dh_lintian + to install debian/libtcnative-1.lintian-overrides + + -- Damien Raude-Morvan <draz...@drazzib.com> Sun, 29 Mar 2009 15:40:58 +0200 + +tomcat-native (1.1.13-1) unstable; urgency=low + + * Initial release. Closes: #485037. + + -- Michael Koch <konque...@gmx.de> Sat, 07 Jun 2008 15:16:14 +0200 + Deleted: tags/tomcat-native/1.1.23-1/debian/control =================================================================== --- trunk/tomcat-native/debian/control 2012-03-02 05:35:10 UTC (rev 15806) +++ tags/tomcat-native/1.1.23-1/debian/control 2012-03-02 18:56:03 UTC (rev 15810) @@ -1,27 +0,0 @@ -Source: tomcat-native -Section: java -Priority: extra -Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> -Uploaders: Damien Raude-Morvan <draz...@debian.org> -Build-Depends: cdbs, debhelper (>= 7), default-jdk, libapr1-dev, libssl-dev -Standards-Version: 3.9.2 -Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/tomcat-native/ -Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/tomcat-native/ -Homepage: http://tomcat.apache.org/native-doc/ - -Package: libtcnative-1 -Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} -Description: Tomcat native library using the apache portable runtime - Tomcat can use the Apache Portable Runtime to provide superior scalability, - performance, and better integration with native server technologies. - The Apache Portable Runtime is a highly portable library that is at the - heart of Apache HTTP Server 2.x. APR has many uses, including access to - advanced IO functionality (such as sendfile, epoll and OpenSSL), OS level - functionality (random number generation, system status, etc), and native - process handling (shared memory, NT pipes and Unix sockets). - . - These features allows making Tomcat a general purpose webserver, will - enable much better integration with other native web technologies, and - overall make Java much more viable as a full fledged webserver platform - rather than simply a backend focused technology. Copied: tags/tomcat-native/1.1.23-1/debian/control (from rev 15809, trunk/tomcat-native/debian/control) =================================================================== --- tags/tomcat-native/1.1.23-1/debian/control (rev 0) +++ tags/tomcat-native/1.1.23-1/debian/control 2012-03-02 18:56:03 UTC (rev 15810) @@ -0,0 +1,32 @@ +Source: tomcat-native +Section: java +Priority: extra +Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> +Uploaders: Damien Raude-Morvan <draz...@debian.org> +Build-Depends: cdbs, + debhelper (>= 7), + default-jdk, + dpkg-dev (>= 1.16.1~), + libapr1-dev, + libssl-dev +Standards-Version: 3.9.3 +Vcs-Svn: svn://svn.debian.org/svn/pkg-java/trunk/tomcat-native/ +Vcs-Browser: http://svn.debian.org/wsvn/pkg-java/trunk/tomcat-native/ +Homepage: http://tomcat.apache.org/native-doc/ + +Package: libtcnative-1 +Architecture: any +Depends: ${misc:Depends}, ${shlibs:Depends} +Description: Tomcat native library using the apache portable runtime + Tomcat can use the Apache Portable Runtime to provide superior scalability, + performance, and better integration with native server technologies. + The Apache Portable Runtime is a highly portable library that is at the + heart of Apache HTTP Server 2.x. APR has many uses, including access to + advanced IO functionality (such as sendfile, epoll and OpenSSL), OS level + functionality (random number generation, system status, etc), and native + process handling (shared memory, NT pipes and Unix sockets). + . + These features allows making Tomcat a general purpose webserver, will + enable much better integration with other native web technologies, and + overall make Java much more viable as a full fledged webserver platform + rather than simply a backend focused technology. Deleted: tags/tomcat-native/1.1.23-1/debian/copyright =================================================================== --- trunk/tomcat-native/debian/copyright 2012-03-02 05:35:10 UTC (rev 15806) +++ tags/tomcat-native/1.1.23-1/debian/copyright 2012-03-02 18:56:03 UTC (rev 15810) @@ -1,18 +0,0 @@ -Format: http://dep.debian.net/deps/dep5/ -Upstream-Name: Apache Tomcat Native Library -Upstream-Contact: <http://tomcat.apache.org/native-doc/> -Source: http://www.apache.org/dist/tomcat/tomcat-connectors/native/ - -Files: * -Copyright: Copyright (C) 2004-2011 The Apache Software Foundation. -License: Apache-2.0 - -Files: debian/* -Copyright: 2008-2009, Michael Koch <konque...@gmx.de> -Copyright: 2010-2011, Damien Raude-Morvan -License: Apache-2.0 - -License: Apache-2.0 - A complete copy of the Apache License, Version 2.0, can be found in - /usr/share/common-licenses/Apache-2.0 on Debian Systems. - Copied: tags/tomcat-native/1.1.23-1/debian/copyright (from rev 15809, trunk/tomcat-native/debian/copyright) =================================================================== --- tags/tomcat-native/1.1.23-1/debian/copyright (rev 0) +++ tags/tomcat-native/1.1.23-1/debian/copyright 2012-03-02 18:56:03 UTC (rev 15810) @@ -0,0 +1,17 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: Apache Tomcat Native Library +Upstream-Contact: <http://tomcat.apache.org/native-doc/> +Source: http://www.apache.org/dist/tomcat/tomcat-connectors/native/ + +Files: * +Copyright: Copyright (C) 2004-2011 The Apache Software Foundation. +License: Apache-2.0 + +Files: debian/* +Copyright: 2008-2009, Michael Koch <konque...@gmx.de> +Copyright: 2010-2011, Damien Raude-Morvan +License: Apache-2.0 + +License: Apache-2.0 + A complete copy of the Apache License, Version 2.0, can be found in + /usr/share/common-licenses/Apache-2.0 on Debian Systems. Deleted: tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff =================================================================== --- trunk/tomcat-native/debian/patches/drop_sslv2_support.diff 2012-03-02 05:35:10 UTC (rev 15806) +++ tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff 2012-03-02 18:56:03 UTC (rev 15810) @@ -1,131 +0,0 @@ -Description: Drop all support for SSLv2 protocol since it's use has been - deprecated, because of weaknesses in the security of the protocol. -Author: Damien Raude-Morvan <draz...@debian.org> -Last-Update: 2011-08-12 -Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622141 -Forwarded: https://issues.apache.org/bugzilla/show_bug.cgi?id=51056 -Index: b/jni/examples/org/apache/tomcat/jni/SSL.properties -=================================================================== ---- a/jni/examples/org/apache/tomcat/jni/SSL.properties -+++ b/jni/examples/org/apache/tomcat/jni/SSL.properties -@@ -18,5 +18,5 @@ - server.cert=localhost.crt - server.key=localhost.key - server.password=secret --server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL --server.verify=none -\ No newline at end of file -+server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL -+server.verify=none -Index: b/jni/examples/org/apache/tomcat/jni/SSLServer.java -=================================================================== ---- a/jni/examples/org/apache/tomcat/jni/SSLServer.java -+++ b/jni/examples/org/apache/tomcat/jni/SSLServer.java -@@ -70,7 +70,7 @@ - serverPool = Pool.create(0); - try { - /* Create SSL Context, one for each Virtual Host */ -- serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER); -+ serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER); - /* List the ciphers that the client is permitted to negotiate. */ - SSLContext.setCipherSuite(serverCtx, serverCiphers); - /* Load Server key and certificate */ -Index: b/jni/java/org/apache/tomcat/jni/SSL.java -=================================================================== ---- a/jni/java/org/apache/tomcat/jni/SSL.java -+++ b/jni/java/org/apache/tomcat/jni/SSL.java -@@ -70,10 +70,9 @@ - * Define the SSL Protocol options - */ - public static final int SSL_PROTOCOL_NONE = 0; -- public static final int SSL_PROTOCOL_SSLV2 = (1<<0); - public static final int SSL_PROTOCOL_SSLV3 = (1<<1); - public static final int SSL_PROTOCOL_TLSV1 = (1<<2); -- public static final int SSL_PROTOCOL_ALL = (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1); -+ public static final int SSL_PROTOCOL_ALL = (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1); - - /* - * Define the SSL verify levels -Index: b/jni/java/org/apache/tomcat/jni/SSLContext.java -=================================================================== ---- a/jni/java/org/apache/tomcat/jni/SSLContext.java -+++ b/jni/java/org/apache/tomcat/jni/SSLContext.java -@@ -31,9 +31,7 @@ - * @param pool The pool to use. - * @param protocol The SSL protocol to use. It can be one of: - * <PRE> -- * SSL_PROTOCOL_SSLV2 - * SSL_PROTOCOL_SSLV3 -- * SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3 - * SSL_PROTOCOL_TLSV1 - * SSL_PROTOCOL_ALL - * </PRE> -Index: b/jni/native/include/ssl_private.h -=================================================================== ---- a/jni/native/include/ssl_private.h -+++ b/jni/native/include/ssl_private.h -@@ -113,10 +113,9 @@ - * Define the SSL Protocol options - */ - #define SSL_PROTOCOL_NONE (0) --#define SSL_PROTOCOL_SSLV2 (1<<0) - #define SSL_PROTOCOL_SSLV3 (1<<1) - #define SSL_PROTOCOL_TLSV1 (1<<2) --#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) -+#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) - - #define SSL_MODE_CLIENT (0) - #define SSL_MODE_SERVER (1) -Index: b/jni/native/src/sslcontext.c -=================================================================== ---- a/jni/native/src/sslcontext.c -+++ b/jni/native/src/sslcontext.c -@@ -72,6 +72,7 @@ - UNREFERENCED(o); - - switch (protocol) { -+#ifndef OPENSSL_NO_SSL2 - case SSL_PROTOCOL_SSLV2: - if (mode == SSL_MODE_CLIENT) - ctx = SSL_CTX_new(SSLv2_client_method()); -@@ -80,6 +81,7 @@ - else - ctx = SSL_CTX_new(SSLv2_method()); - break; -+#endif - case SSL_PROTOCOL_SSLV3: - if (mode == SSL_MODE_CLIENT) - ctx = SSL_CTX_new(SSLv3_client_method()); -@@ -88,6 +90,7 @@ - else - ctx = SSL_CTX_new(SSLv3_method()); - break; -+#ifndef OPENSSL_NO_SSL2 - case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3: - case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_TLSV1: - case SSL_PROTOCOL_ALL: -@@ -99,7 +102,13 @@ - else - ctx = SSL_CTX_new(SSLv23_method()); - break; -+#endif -+#ifndef OPENSSL_NO_SSL2 - case SSL_PROTOCOL_TLSV1: -+#else -+ case SSL_PROTOCOL_ALL: -+ case SSL_PROTOCOL_TLSV1: -+#endif - if (mode == SSL_MODE_CLIENT) - ctx = SSL_CTX_new(TLSv1_client_method()); - else if (mode == SSL_MODE_SERVER) -@@ -127,8 +136,10 @@ - if (c->bio_os != NULL) - BIO_set_fp(c->bio_os, stderr, BIO_NOCLOSE | BIO_FP_TEXT); - SSL_CTX_set_options(c->ctx, SSL_OP_ALL); -+#ifndef OPENSSL_NO_SSL2 - if (!(protocol & SSL_PROTOCOL_SSLV2)) - SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2); -+#endif - if (!(protocol & SSL_PROTOCOL_SSLV3)) - SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv3); - if (!(protocol & SSL_PROTOCOL_TLSV1)) Copied: tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff (from rev 15809, trunk/tomcat-native/debian/patches/drop_sslv2_support.diff) =================================================================== --- tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff (rev 0) +++ tags/tomcat-native/1.1.23-1/debian/patches/drop_sslv2_support.diff 2012-03-02 18:56:03 UTC (rev 15810) @@ -0,0 +1,119 @@ +Description: Drop all support for SSLv2 protocol since it's use has been + deprecated, because of weaknesses in the security of the protocol. +Author: Damien Raude-Morvan <draz...@debian.org> +Last-Update: 2011-08-12 +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622141 +Forwarded: https://issues.apache.org/bugzilla/show_bug.cgi?id=51056 +--- a/jni/examples/org/apache/tomcat/jni/SSL.properties ++++ b/jni/examples/org/apache/tomcat/jni/SSL.properties +@@ -18,5 +18,5 @@ + server.cert=localhost.crt + server.key=localhost.key + server.password=secret +-server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL +-server.verify=none +\ No newline at end of file ++server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL ++server.verify=none +--- a/jni/examples/org/apache/tomcat/jni/SSLServer.java ++++ b/jni/examples/org/apache/tomcat/jni/SSLServer.java +@@ -70,7 +70,7 @@ + serverPool = Pool.create(0); + try { + /* Create SSL Context, one for each Virtual Host */ +- serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER); ++ serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER); + /* List the ciphers that the client is permitted to negotiate. */ + SSLContext.setCipherSuite(serverCtx, serverCiphers); + /* Load Server key and certificate */ +--- a/jni/java/org/apache/tomcat/jni/SSL.java ++++ b/jni/java/org/apache/tomcat/jni/SSL.java +@@ -70,10 +70,9 @@ + * Define the SSL Protocol options + */ + public static final int SSL_PROTOCOL_NONE = 0; +- public static final int SSL_PROTOCOL_SSLV2 = (1<<0); + public static final int SSL_PROTOCOL_SSLV3 = (1<<1); + public static final int SSL_PROTOCOL_TLSV1 = (1<<2); +- public static final int SSL_PROTOCOL_ALL = (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1); ++ public static final int SSL_PROTOCOL_ALL = (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1); + + /* + * Define the SSL verify levels +--- a/jni/java/org/apache/tomcat/jni/SSLContext.java ++++ b/jni/java/org/apache/tomcat/jni/SSLContext.java +@@ -31,9 +31,7 @@ + * @param pool The pool to use. + * @param protocol The SSL protocol to use. It can be one of: + * <PRE> +- * SSL_PROTOCOL_SSLV2 + * SSL_PROTOCOL_SSLV3 +- * SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3 + * SSL_PROTOCOL_TLSV1 + * SSL_PROTOCOL_ALL + * </PRE> +--- a/jni/native/include/ssl_private.h ++++ b/jni/native/include/ssl_private.h +@@ -114,10 +114,9 @@ + * Define the SSL Protocol options + */ + #define SSL_PROTOCOL_NONE (0) +-#define SSL_PROTOCOL_SSLV2 (1<<0) + #define SSL_PROTOCOL_SSLV3 (1<<1) + #define SSL_PROTOCOL_TLSV1 (1<<2) +-#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) ++#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1) + + #define SSL_MODE_CLIENT (0) + #define SSL_MODE_SERVER (1) +--- a/jni/native/src/sslcontext.c ++++ b/jni/native/src/sslcontext.c +@@ -72,6 +72,7 @@ + UNREFERENCED(o); + + switch (protocol) { ++#ifndef OPENSSL_NO_SSL2 + case SSL_PROTOCOL_SSLV2: + if (mode == SSL_MODE_CLIENT) + ctx = SSL_CTX_new(SSLv2_client_method()); +@@ -80,6 +81,7 @@ + else + ctx = SSL_CTX_new(SSLv2_method()); + break; ++#endif + case SSL_PROTOCOL_SSLV3: + if (mode == SSL_MODE_CLIENT) + ctx = SSL_CTX_new(SSLv3_client_method()); +@@ -88,6 +90,7 @@ + else + ctx = SSL_CTX_new(SSLv3_method()); + break; ++#ifndef OPENSSL_NO_SSL2 + case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_SSLV3: + case SSL_PROTOCOL_SSLV2 | SSL_PROTOCOL_TLSV1: + case SSL_PROTOCOL_ALL: +@@ -99,7 +102,13 @@ + else + ctx = SSL_CTX_new(SSLv23_method()); + break; ++#endif ++#ifndef OPENSSL_NO_SSL2 + case SSL_PROTOCOL_TLSV1: ++#else ++ case SSL_PROTOCOL_ALL: ++ case SSL_PROTOCOL_TLSV1: ++#endif + if (mode == SSL_MODE_CLIENT) + ctx = SSL_CTX_new(TLSv1_client_method()); + else if (mode == SSL_MODE_SERVER) +@@ -127,8 +136,10 @@ + if (c->bio_os != NULL) + BIO_set_fp(c->bio_os, stderr, BIO_NOCLOSE | BIO_FP_TEXT); + SSL_CTX_set_options(c->ctx, SSL_OP_ALL); ++#ifndef OPENSSL_NO_SSL2 + if (!(protocol & SSL_PROTOCOL_SSLV2)) + SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv2); ++#endif + if (!(protocol & SSL_PROTOCOL_SSLV3)) + SSL_CTX_set_options(c->ctx, SSL_OP_NO_SSLv3); + if (!(protocol & SSL_PROTOCOL_TLSV1)) Deleted: tags/tomcat-native/1.1.23-1/debian/rules =================================================================== --- trunk/tomcat-native/debian/rules 2012-03-02 05:35:10 UTC (rev 15806) +++ tags/tomcat-native/1.1.23-1/debian/rules 2012-03-02 18:56:03 UTC (rev 15810) @@ -1,22 +0,0 @@ -#!/usr/bin/make -f - -include /usr/share/cdbs/1/rules/debhelper.mk -include /usr/share/cdbs/1/class/autotools.mk - -DEB_SRCDIR := jni/native - -DEB_CONFIGURE_SCRIPT_ENV := JAVA_HOME=/usr/lib/jvm/default-java -DEB_CONFIGURE_EXTRA_FLAGS := --with-apr=/usr --with-ssl=/usr - -DEB_INSTALL_CHANGELOGS_libtcnative_1 := CHANGELOG.txt - -clean:: - rm -f jni/native/config.nice - -install/libtcnative-1:: - rmdir debian/libtcnative-1/usr/bin - rmdir debian/libtcnative-1/usr/include - find $(DEB_DESTDIR) -name "*.la" -exec rm -vf {} \; - -get-orig-source: - uscan --force-download --rename Copied: tags/tomcat-native/1.1.23-1/debian/rules (from rev 15809, trunk/tomcat-native/debian/rules) =================================================================== --- tags/tomcat-native/1.1.23-1/debian/rules (rev 0) +++ tags/tomcat-native/1.1.23-1/debian/rules 2012-03-02 18:56:03 UTC (rev 15810) @@ -0,0 +1,25 @@ +#!/usr/bin/make -f + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk + +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/buildflags.mk + +DEB_SRCDIR := jni/native + +DEB_CONFIGURE_SCRIPT_ENV := JAVA_HOME=/usr/lib/jvm/default-java +DEB_CONFIGURE_EXTRA_FLAGS := --with-apr=/usr --with-ssl=/usr + +DEB_INSTALL_CHANGELOGS_libtcnative_1 := CHANGELOG.txt + +clean:: + rm -f jni/native/config.nice + +install/libtcnative-1:: + rmdir debian/libtcnative-1/usr/bin + rmdir debian/libtcnative-1/usr/include + find $(DEB_DESTDIR) -name "*.la" -exec rm -vf {} \; + +get-orig-source: + uscan --force-download --rename _______________________________________________ pkg-java-commits mailing list pkg-java-comm...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
