From 3e131a35e3166f1615611b4df30b1772812b6016 Mon Sep 17 00:00:00 2001
From: Dani Megert <Daniel_Megert@ch.ibm.com>
Date: Wed, 5 Nov 2014 17:05:34 +0100
Subject: [PATCH] Don't use SSL anymore to avoid POODLE attack

For details about poodle see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

Bug 450170
Change-Id: Ib169e88d9d51f4d0e6caa3a498f48edc81e0991d
Signed-off-by: Dani Megert <Daniel_Megert@ch.ibm.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
---
 .../src/org/eclipse/jgit/transport/http/JDKHttpConnection.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java
index bde5e1da26..ed37feab3f 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java
@@ -186,7 +186,7 @@ public class JDKHttpConnection implements HttpConnection {
 	public void configure(KeyManager[] km, TrustManager[] tm,
 			SecureRandom random) throws NoSuchAlgorithmException,
 			KeyManagementException {
-		SSLContext ctx = SSLContext.getInstance("SSL"); //$NON-NLS-1$
+		SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
 		ctx.init(km, tm, random);
 		((HttpsURLConnection) wrappedUrlConnection).setSSLSocketFactory(ctx
 				.getSocketFactory());
-- 
2.39.5