Bug 67616 - o.a.tomcat.jni.SSL contains useless check for old OpenSSL version
Summary: o.a.tomcat.jni.SSL contains useless check for old OpenSSL version
Status: RESOLVED FIXED
Alias: None
Product: Tomcat Native
Classification: Unclassified
Component: Library (show other bugs)
Version: 2.0.6
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-05 16:49 UTC by Michael Osipov
Modified: 2023-10-11 17:24 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Osipov 2023-10-05 16:49:16 UTC
Tomcat Native 2.0 requires OpenSSL 3.0, but the class still contains useless check:
> 75     static {
> 76         if (version() >= 0x1010100f) {
> 77             SSL_PROTOCOL_ALL = (SSL_PROTOCOL_TLSV1 | SSL_PROTOCOL_TLSV1_1 | SSL_PROTOCOL_TLSV1_2 |
> 78                     SSL_PROTOCOL_TLSV1_3);
> 79         } else {
> 80             SSL_PROTOCOL_ALL = (SSL_PROTOCOL_TLSV1 | SSL_PROTOCOL_TLSV1_1 | SSL_PROTOCOL_TLSV1_2);
> 81         }
> 82     }
Comment 1 Michael Osipov 2023-10-11 17:24:00 UTC
Fixed for 2.0.7 and onwards.