zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

SSL: Don't prohibit SSLv3 ciphers if that's all we have

Browse Source
This commit is contained in:
zzz
2014-10-23 15:32:07 +00:00
parent 937a17c5dd
commit d7130c15cc
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
core/java/src/net/i2p/util/I2PSSLSocketFactory.java
View File

@@ -261,8 +261,15 @@ public class I2PSSLSocketFactory {
* @since 0.9.16
*/
public static void setProtocolsAndCiphers(SSLServerSocket socket) {
socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),
socket.getSupportedProtocols()));
String[] p = selectProtocols(socket.getEnabledProtocols(),
socket.getSupportedProtocols());
for (int i = 0; i < p.length; i++) {
// if we left SSLv3 in there, we don't support TLS,
// so we should't remove the SSL ciphers
if (p.equals("SSLv3"))
return;
}
socket.setEnabledProtocols(p);
socket.setEnabledCipherSuites(selectCipherSuites(socket.getEnabledCipherSuites(),
socket.getSupportedCipherSuites()));
}

7
history.txt
View File

@@ -1,3 +1,10 @@
2014-10-23 zzz
* SessionKeyManager:
- Raise inbound limit
- Delete oldest tagsets when limit is hit
- Don't delete recent tagsets when limit is hit
* SSL: Don't prohibit SSLv3 ciphers if that's all we have
2014-10-20 zzz
* Console: Fix lockups (ticket #1395)
* Eepsite Jetty: Switch back to QueuedThreadPool (ticket #1395)

2
router/java/src/net/i2p/router/RouterVersion.java
View File

@@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */
public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 14;
public final static long BUILD = 15;
/** for example "-test" */
public final static String EXTRA = "-rc";