Updated version number to 7.3.4

The TomcatJSS class has been modified to use the new SSLVersion enum in JSS which supports TLS 1.3. Change-Id: I7940a2be9cf3675baeea082c60292a4e70d7d6a7
dogtagpki · Aug 7, 2018 · f51f08b · f51f08b
1 parent 913d9bb
commit f51f08b
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 42 deletions.
diff --git a/src/org/apache/tomcat/util/net/jss/TomcatJSS.java b/src/org/apache/tomcat/util/net/jss/TomcatJSS.java
@@ -37,11 +37,12 @@
 import org.mozilla.jss.ssl.SSLAlertEvent;
 import org.mozilla.jss.ssl.SSLCipher;
 import org.mozilla.jss.ssl.SSLHandshakeCompletedEvent;
+import org.mozilla.jss.ssl.SSLProtocolVariant;
 import org.mozilla.jss.ssl.SSLServerSocket;
 import org.mozilla.jss.ssl.SSLSocket;
-import org.mozilla.jss.ssl.SSLSocket.SSLProtocolVariant;
-import org.mozilla.jss.ssl.SSLSocket.SSLVersionRange;
 import org.mozilla.jss.ssl.SSLSocketListener;
+import org.mozilla.jss.ssl.SSLVersion;
+import org.mozilla.jss.ssl.SSLVersionRange;
 import org.mozilla.jss.util.IncorrectPasswordException;
 import org.mozilla.jss.util.Password;
 import org.slf4j.Logger;
@@ -584,14 +585,10 @@ public void setSSLVersionRangeDefault(
         logger.debug("* min: " + min_s);
         logger.debug("* max: " + max_s);
 
-        int min = getSSLVersionRangeEnum(min_s);
-        int max = getSSLVersionRangeEnum(max_s);
+        SSLVersion minVersion = SSLVersion.findByAlias(min_s);
+        SSLVersion maxVersion = SSLVersion.findByAlias(max_s);
 
-        if (min == -1 || max == -1) {
-            throw new SocketException("SSL version range format error: " + sslVersionRange_s);
-        }
-
-        SSLVersionRange range = new SSLVersionRange(min, max);
+        SSLVersionRange range = new SSLVersionRange(minVersion, maxVersion);
         range = SSLSocket.boundSSLVersionRange(SSLProtocolVariant.STREAM, range);
 
         logger.debug("Actual SSL version range for " + type + " after system policy correction:");
@@ -600,35 +597,6 @@ public void setSSLVersionRangeDefault(
         SSLSocket.setSSLVersionRangeDefault(protoVariant, range);
     }
 
-    int getSSLVersionRangeEnum(String range) {
-
-        if (range == null) {
-            return -1;
-        }
-
-        if (range.equals("ssl3")) {
-            return SSLVersionRange.ssl3;
-        }
-
-        if (range.equals("tls1_0")) {
-            return SSLVersionRange.tls1_0;
-        }
-
-        if (range.equals("tls1_1")) {
-            return SSLVersionRange.tls1_1;
-        }
-
-        if (range.equals("tls1_2")) {
-            return SSLVersionRange.tls1_2;
-        }
-
-        if (range.equals("tls1_3")) {
-            return SSLVersionRange.tls1_3;
-        }
-
-        return -1;
-    }
-
     public void setSSLCiphers(String attr, String ciphers) throws SocketException, IOException {
 
         if (StringUtils.isEmpty(ciphers)) {

diff --git a/tomcatjss.spec.in b/tomcatjss.spec.in
@@ -7,7 +7,7 @@ URL:              http://www.dogtagpki.org/wiki/TomcatJSS
 License:          LGPLv2+
 BuildArch:        noarch
 
-Version:          7.3.3
+Version:          7.3.4
 Release:          1%{?_timestamp}%{?_commit_id}%{?dist}
 # global           _phase -a1
 
@@ -57,7 +57,7 @@ BuildRequires:    slf4j-jdk14
 %if 0%{?rhel} && 0%{?rhel} <= 7
 BuildRequires:    jss >= 4.4.0-7
 %else
-BuildRequires:    jss >= 4.5.0-0.4
+BuildRequires:    jss >= 4.5.0-0.6
 %endif
 
 # Tomcat
@@ -100,7 +100,7 @@ Requires:         slf4j-jdk14
 %if 0%{?rhel} && 0%{?rhel} <= 7
 Requires:         jss >= 4.4.0-7
 %else
-Requires:         jss >= 4.5.0-0.4
+Requires:         jss >= 4.5.0-0.6
 %endif
 
 # Tomcat
@@ -125,7 +125,7 @@ Requires:         tomcat >= 1:9.0.7
 Conflicts:        tomcat-native
 
 # PKI
-Conflicts:        pki-base < 10.6.3
+Conflicts:        pki-base < 10.6.5
 
 
 %if 0%{?rhel}