This is an automated email from the ASF dual-hosted git repository. rjung pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push: new 5c1699a Deprecate org.apache.tomcat.util.compat.TLS and move its functionality to its only using lass org.apache.tomcat.util.net.TesterSupport. 5c1699a is described below commit 5c1699aa22dff14865c42780ef79acece430d0c2 Author: Rainer Jung <rainer.j...@kippdata.de> AuthorDate: Thu Sep 19 13:34:09 2019 +0200 Deprecate org.apache.tomcat.util.compat.TLS and move its functionality to its only using lass org.apache.tomcat.util.net.TesterSupport. --- java/org/apache/tomcat/util/compat/TLS.java | 3 +++ test/org/apache/tomcat/util/net/TesterSupport.java | 17 +++++++++++++++-- webapps/docs/changelog.xml | 10 ++++++++++ 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/java/org/apache/tomcat/util/compat/TLS.java b/java/org/apache/tomcat/util/compat/TLS.java index f9ce018..53c1c44 100644 --- a/java/org/apache/tomcat/util/compat/TLS.java +++ b/java/org/apache/tomcat/util/compat/TLS.java @@ -24,7 +24,10 @@ import org.apache.tomcat.util.net.Constants; /** * This class checks for the availability of TLS features. + * + * @deprecated Unused. This will be removed in Tomcat 10. */ +@Deprecated public class TLS { private static final boolean tlsv13Available; diff --git a/test/org/apache/tomcat/util/net/TesterSupport.java b/test/org/apache/tomcat/util/net/TesterSupport.java index 29736aa..c27d4bd 100644 --- a/test/org/apache/tomcat/util/net/TesterSupport.java +++ b/test/org/apache/tomcat/util/net/TesterSupport.java @@ -24,6 +24,7 @@ import java.net.InetAddress; import java.net.Socket; import java.net.UnknownHostException; import java.security.KeyStore; +import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.PrivateKey; import java.security.cert.CertificateException; @@ -58,7 +59,6 @@ import org.apache.tomcat.jni.Library; import org.apache.tomcat.jni.LibraryNotFoundError; import org.apache.tomcat.jni.SSL; import org.apache.tomcat.util.compat.JreCompat; -import org.apache.tomcat.util.compat.TLS; import org.apache.tomcat.util.descriptor.web.LoginConfig; import org.apache.tomcat.util.descriptor.web.SecurityCollection; import org.apache.tomcat.util.descriptor.web.SecurityConstraint; @@ -82,6 +82,7 @@ public final class TesterSupport { public static final String LOCALHOST_RSA_KEY_PEM = SSL_DIR + "localhost-rsa-key.pem"; public static final boolean OPENSSL_AVAILABLE; public static final int OPENSSL_VERSION; + public static final boolean TLSV13_AVAILABLE; public static final String ROLE = "testrole"; @@ -102,6 +103,14 @@ public final class TesterSupport { } OPENSSL_AVAILABLE = available; OPENSSL_VERSION = version; + + available = false; + try { + SSLContext.getInstance(Constants.SSL_PROTO_TLSv1_3); + available = true; + } catch (NoSuchAlgorithmException ex) { + } + TLSV13_AVAILABLE = available; } public static boolean isOpensslAvailable() { @@ -112,6 +121,10 @@ public final class TesterSupport { return OPENSSL_VERSION; } + public static boolean isTlsv13Available() { + return TLSV13_AVAILABLE; + } + public static void initSsl(Tomcat tomcat) { initSsl(tomcat, LOCALHOST_RSA_JKS, null, null); } @@ -663,7 +676,7 @@ public final class TesterSupport { */ public static String getDefaultTLSProtocolForTesting(Connector connector) { // Clients always use JSSE - if (!TLS.isTlsv13Available()) { + if (!TLSV13_AVAILABLE) { // Client doesn't support TLS 1.3 so we have to use TLS 1.2 return Constants.SSL_PROTO_TLSv1_2; } diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 0f86aa6..0b02f95 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -54,6 +54,16 @@ </fix> </changelog> </subsection> + <subsection name="Other"> + <changelog> + <scode> + Deprecate <code>org.apache.tomcat.util.compat.TLS</code>. + Its functionality was only used for unit tests in + <code>org.apache.tomcat.util.net.TesterSupport</code> + and has been moved there. (rjung) + </scode> + </changelog> + </subsection> </section> <section name="Tomcat 8.5.46 (markt)" rtext="release in progress"> <subsection name="Catalina"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org