From: mturk <mturk@13f79535-47bb-0310-9956-ffa450edef68>
Date: Tue, 2 Mar 2010 13:08:14 +0000 (+0000)
Subject: As per Remy's suggestion use the new ABI only if present
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=dac080be24d6dbe0a565063d30e7d0612bdf992b;p=tomcat7.0

As per Remy's suggestion use the new ABI only if present

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@918017 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/catalina/core/AprLifecycleListener.java b/java/org/apache/catalina/core/AprLifecycleListener.java
index 02a8ebd0e..666317ae2 100644
--- a/java/org/apache/catalina/core/AprLifecycleListener.java
+++ b/java/org/apache/catalina/core/AprLifecycleListener.java
@@ -58,7 +58,7 @@ public class AprLifecycleListener
 
     protected static final int TCN_REQUIRED_MAJOR = 1;
     protected static final int TCN_REQUIRED_MINOR = 1;
-    protected static final int TCN_REQUIRED_PATCH = 21;
+    protected static final int TCN_REQUIRED_PATCH = 17;
     protected static final int TCN_RECOMMENDED_MINOR = 1;
     protected static final int TCN_RECOMMENDED_PV = 21;
 
diff --git a/java/org/apache/tomcat/util/net/AprEndpoint.java b/java/org/apache/tomcat/util/net/AprEndpoint.java
index 3c2e5c214..df00a6c8d 100644
--- a/java/org/apache/tomcat/util/net/AprEndpoint.java
+++ b/java/org/apache/tomcat/util/net/AprEndpoint.java
@@ -469,9 +469,15 @@ public class AprEndpoint extends AbstractEndpoint {
             // Create SSL Context
             sslContext = SSLContext.make(rootPool, value, SSL.SSL_MODE_SERVER);
             if (SSLInsecureRenegotiation) {
-                if (SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION))
-                    SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
-                else {
+                boolean legacyRenegSupported = false;
+                try {
+                    legacyRenegSupported = SSL.hasOp(SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+                    if (legacyRenegSupported)
+                        SSLContext.setOptions(sslContext, SSL.SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+                } catch (UnsatisfiedLinkError e) {
+                    // Ignore
+                }
+                if (!legacyRenegSupported) {
                     // OpenSSL does not support unsafe legacy renegotiation.
                     log.warn(sm.getString("endpoint.warn.noInsecureReneg",
                                           SSL.versionString()));