• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
BZ1513302: Set DESx as MEDIUM. Patch submitted by Michal Babacek.
BZ1275403: Loop over unwrap loop to make sure some bytes are produced in blocking mode. Patch by Masafumi Miura.
BZ1203510: Apply workaround patch to display statistics if possible with the NIO connector. Patch by Enrique Gonzalez Martinez.
BZ1307039: Add a simple timeout to handshake.
BZ1266247: fix buffer sizes when using SSL (SSL engine has a size limit with no workaround), recurse unwrap if no bytes are decoded, simplify handshake.
  1. … 2 more files in changeset.
BZ1223708: Remove use of direct buffers, that can cause memory problems and are probably not very useful here.
BZ1200276: for now, disable "sendfile" (the only performance benefit with NIO2 is saving a thread), as fixing the code is a large change (in addition to being incorrect, the current code is also bad for SSL since without keepalive capabilities there is a large performance impact due to the reconnection).
BZ1200276 (to be confirmed): port Tomcat code to handle incomplete writes and special cases.
Fix the regression BZ 1174169 introduced by 1158847 on pre 1.0.1 openssl.

BZ1174184: Unlike the other connectors, the APR connector binds the socket first, then processes the SSL configuration. Reverse that.
BZ1172737: Always add SSLv2Hello, following review by JF.
    • -0
    • +3
    ./jsse/NioJSSESocketChannelFactory.java
Allow SSLv2Hello if Java 6. But this is a very short term strategy probably.
Comment out the protocol filtering code (JDK 6 incompatibility that has been ruled as more important).
BZ1158847: Port patch filtering SSL protcols for native

  1. … 1 more file in changeset.
BZ1158852: Port patch filtering SSL protcols for JSSE. (part 2 for NIO2)
    • -35
    • +65
    ./jsse/NioJSSESocketChannelFactory.java
BZ1158852: Port patch filtering SSL protcols for JSSE.
  1. … 1 more file in changeset.
BZ1119147: Patch submitted by Dominik Pospisil.
BZ1123356: Fix use of single cipher. Submitted by Emmanuel Hugonnet.
BZ1123342: Needs alias support so try to rebase on the Tomcat code which has support for that along with many other fixes.
    • -20
    • +13
    ./jsse/openssl/MessageDigest.java
    • -21
    • +15
    ./jsse/openssl/Authentication.java
    • -20
    • +13
    ./jsse/openssl/EncryptionLevel.java
    • -0
    • +2645
    ./jsse/openssl/Cipher.java
    • -138
    • +152
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
BZ1127283: Cut & paste issue for generating anonymous ciphers. Submitted by Radim Hatlapatka.
    • -1
    • +1
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
BZ961257: Full sync of the protocol handler init, to avoid SSL init issues. Remove now useless sync for OpenSSL syntax parsing.
    • -4
    • +2
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
  1. … 1 more file in changeset.
[BZ-1108307] Improve the ability to use MS Windows keystore for the web servers ssl connector

    • -1
    • +6
    ./jsse/NioJSSESocketChannelFactory.java
BZ1117821: Add sync to deal with parallel initialization of more than one SSL connector. Patch by Emmanuel Hugonnet.
    • -2
    • +4
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
  1. … 1 more file in changeset.
Typo submitted by Radim Hatlapatka.

More for BZ1078204: OpenSSL allows a wide variety of separators. Submitted by Radim Hatlapatka.
    • -1
    • +1
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
More for BZ1078204: Use of + would empty the ciphers list. Submitted by Kabir Khan.
    • -1
    • +2
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
  1. … 1 more file in changeset.
More for 1078204: Fix issues with '+', submitted by Emmanuel Hugonnet.
    • -2
    • +21
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
More for 1078204: Add missing aliases and some debug, submitted by Emmanuel Hugonnet.
    • -4
    • +84
    ./jsse/openssl/OpenSSLCipherConfigurationParser.java
    • -0
    • +55
    ./jsse/JSSELogger.java