As per Remy's suggestion use the new ABI only if present

author mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>

Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)

committer mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>

Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)
author mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>
Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)
committer mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>
Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)
diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java b/java/org/apache/catalina/core/AprLifecycleListener.java

index 02a8ebd..666317a 100644 (file)
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -58,7 +58,7 @@ public class AprLifecycleListener
  
      protected static final int TCN_REQUIRED_MAJOR = 1;
      protected static final int TCN_REQUIRED_MINOR = 1;
-    protected static final int TCN_REQUIRED_PATCH = 21;
+    protected static final int TCN_REQUIRED_PATCH = 17;
      protected static final int TCN_RECOMMENDED_MINOR = 1;
      protected static final int TCN_RECOMMENDED_PV = 21;
  
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java

index 3c2e5c2..df00a6c 100644 (file)
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -469,9 +469,15 @@ public class AprEndpoint extends AbstractEndpoint {
              // Create SSL Context
              sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
              if (SSLInsecureRenegotiation) {
-                if (SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
-                    SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
-                else {
+                boolean legacyRenegSupported = false;
+                try {
+                    legacyRenegSupported = SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+                    if (legacyRenegSupported)
+                        SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+                } catch (UnsatisfiedLinkError e) {
+                    // Ignore
+                }
+                if (!legacyRenegSupported) {
                      // OpenSSL does not support unsafe legacy renegotiation.
                      log.warn(sm.getString("endpoint.warn.noInsecureReneg",
                                            SSL.versionString()));
author	mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>
	Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)
committer	mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>
	Tue, 2 Mar 2010 13:08:14 +0000 (13:08 +0000)
java/org/apache/catalina/core/AprLifecycleListener.java		patch \| blob \| history
java/org/apache/tomcat/util/net/AprEndpoint.java		patch \| blob \| history