[tomcat-native] 03/04: Removed the patch drop_sslv2_support.diff (Closes: #737969)
Emmanuel Bourg
ebourg-guest at moszumanska.debian.org
Mon May 11 11:45:46 UTC 2015
This is an automated email from the git hooks/post-receive script.
ebourg-guest pushed a commit to annotated tag debian/1.1.33-1
in repository tomcat-native.
commit fd8a9fd55a55ab1f4ea8f232daaddd595ac88ca7
Author: Emmanuel Bourg <ebourg at apache.org>
Date: Mon May 11 13:18:19 2015 +0200
Removed the patch drop_sslv2_support.diff (Closes: #737969)
---
debian/changelog | 8 +++++
debian/patches/drop_sslv2_support.diff | 56 ----------------------------------
debian/patches/series | 1 -
3 files changed, 8 insertions(+), 57 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 7d32723..a8d88e0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+tomcat-native (1.1.33-1) UNRELEASED; urgency=medium
+
+ * Team upload.
+ * New upstream release
+ * Removed the patch drop_sslv2_support.diff (Closes: #737969)
+
+ -- Emmanuel Bourg <ebourg at apache.org> Mon, 11 May 2015 13:17:07 +0200
+
tomcat-native (1.1.32~repack-2) unstable; urgency=medium
* Team upload.
diff --git a/debian/patches/drop_sslv2_support.diff b/debian/patches/drop_sslv2_support.diff
deleted file mode 100644
index 1811327..0000000
--- a/debian/patches/drop_sslv2_support.diff
+++ /dev/null
@@ -1,56 +0,0 @@
-Description: Drop all support for SSLv2 and SSLv3 due to weaknesses in the protocols
-Author: Damien Raude-Morvan <drazzib at debian.org>
-Last-Update: 2013-08-12
-Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622141
-Forwarded: https://issues.apache.org/bugzilla/show_bug.cgi?id=51056
---- a/jni/examples/org/apache/tomcat/jni/SSL.properties
-+++ b/jni/examples/org/apache/tomcat/jni/SSL.properties
-@@ -18,5 +18,5 @@
- server.cert=localhost.crt
- server.key=localhost.key
- server.password=secret
--server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
--server.verify=none
-\ No newline at end of file
-+server.ciphers=ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
-+server.verify=none
---- a/jni/examples/org/apache/tomcat/jni/SSLServer.java
-+++ b/jni/examples/org/apache/tomcat/jni/SSLServer.java
-@@ -70,7 +70,7 @@
- serverPool = Pool.create(0);
- try {
- /* Create SSL Context, one for each Virtual Host */
-- serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3, SSL.SSL_MODE_SERVER);
-+ serverCtx = SSLContext.make(serverPool, SSL.SSL_PROTOCOL_TLSV1 | SSL.SSL_PROTOCOL_TLSV1_1 | SSL.SSL_PROTOCOL_TLSV1_2, SSL.SSL_MODE_SERVER);
- /* List the ciphers that the client is permitted to negotiate. */
- SSLContext.setCipherSuite(serverCtx, serverCiphers);
- /* Load Server key and certificate */
---- a/jni/native/include/ssl_private.h
-+++ b/jni/native/include/ssl_private.h
-@@ -119,7 +119,7 @@
- #define SSL_PROTOCOL_TLSV1 (1<<2)
- #define SSL_PROTOCOL_TLSV1_1 (1<<3)
- #define SSL_PROTOCOL_TLSV1_2 (1<<4)
--#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1|SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2)
-+#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_TLSV1|SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2)
-
- #define SSL_MODE_CLIENT (0)
- #define SSL_MODE_SERVER (1)
---- a/jni/native/src/sslcontext.c
-+++ b/jni/native/src/sslcontext.c
-@@ -96,6 +96,7 @@
- ctx = SSL_CTX_new(TLSv1_server_method());
- else
- ctx = SSL_CTX_new(TLSv1_method());
-+#ifndef OPENSSL_NO_SSL3
- } else if (protocol == SSL_PROTOCOL_SSLV3) {
- if (mode == SSL_MODE_CLIENT)
- ctx = SSL_CTX_new(SSLv3_client_method());
-@@ -103,6 +104,7 @@
- ctx = SSL_CTX_new(SSLv3_server_method());
- else
- ctx = SSL_CTX_new(SSLv3_method());
-+#endif
- #ifndef OPENSSL_NO_SSL2
- } else if (protocol == SSL_PROTOCOL_SSLV2) {
- if (mode == SSL_MODE_CLIENT)
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 9987086..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1 +0,0 @@
-drop_sslv2_support.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/tomcat-native.git
More information about the pkg-java-commits
mailing list