This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 250d50e  Fix Gump failures. OpenSSL master has removed support for 5 
ciphers.
250d50e is described below

commit 250d50e8be0c4e5d0913b71dbfad1c1c69c74244
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Apr 13 17:13:59 2020 +0100

    Fix Gump failures. OpenSSL master has removed support for 5 ciphers.
    
    Strictly, they have been moved to the legacy provider but for the
    purposes of our test, treat them as removed.
---
 .../tomcat/util/net/openssl/ciphers/TesterOpenSSL.java       | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java 
b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
index 95ab187..97c27b1 100644
--- a/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
+++ b/test/org/apache/tomcat/util/net/openssl/ciphers/TesterOpenSSL.java
@@ -307,6 +307,18 @@ public class TesterOpenSSL {
             unimplemented.add(Cipher.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384);
         }
 
+        if (VERSION < 30000) {
+            // No new ciphers in 3.0.0 so far
+        } else {
+            // These were moved to the legacy provided in 3.0.0 so won't be
+            // available from that version onwards.
+            unimplemented.add(Cipher.TLS_RSA_WITH_IDEA_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DH_anon_WITH_SEED_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DHE_DSS_WITH_SEED_CBC_SHA);
+            unimplemented.add(Cipher.TLS_RSA_WITH_SEED_CBC_SHA);
+            unimplemented.add(Cipher.TLS_DHE_RSA_WITH_SEED_CBC_SHA);
+        }
+
         String skipCiphers = 
System.getProperty("tomcat.test.openssl.unimplemented", "");
         if (!skipCiphers.isEmpty()) {
             String[] skip = skipCiphers.split(",");


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to