mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
Browse Source

Don't use SSL anymore to avoid POODLE attack 

For details about poodle see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

Bug 450170
Change-Id: Ib169e88d9d51f4d0e6caa3a498f48edc81e0991d
Signed-off-by: Dani Megert <Daniel_Megert@ch.ibm.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
tags/v3.5.2.201411120430-r
Dani Megert 9 years ago
parent
dcb52291a9
commit
3e131a35e3
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1
    1
      org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java

+ 1
- 1
org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java View File

@@ -186,7 +186,7 @@ public class JDKHttpConnection implements HttpConnection {
public void configure(KeyManager[] km, TrustManager[] tm,
SecureRandom random) throws NoSuchAlgorithmException,
KeyManagementException {
SSLContext ctx = SSLContext.getInstance("SSL"); //$NON-NLS-1$
SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
ctx.init(km, tm, random);
((HttpsURLConnection) wrappedUrlConnection).setSSLSocketFactory(ctx
.getSocketFactory());

Write Preview
Loading…
Cancel
Save