diff options
| author | Dani Megert | 2014-11-05 16:05:34 +0000 |
|---|---|---|
| committer | Matthias Sohn | 2014-11-06 23:20:25 +0000 |
| commit | 3e131a35e3166f1615611b4df30b1772812b6016 (patch) | |
| tree | 8d9c20d665f8c744a87101431ff2c70ec2ff31b7 | |
| parent | dcb52291a9f1feacf666e592af64cb688ee4bc50 (diff) | |
| download | jgit-3e131a35e3166f1615611b4df30b1772812b6016.tar.gz jgit-3e131a35e3166f1615611b4df30b1772812b6016.tar.xz jgit-3e131a35e3166f1615611b4df30b1772812b6016.zip | |
Don't use SSL anymore to avoid POODLE attack
For details about poodle see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
Bug 450170
Change-Id: Ib169e88d9d51f4d0e6caa3a498f48edc81e0991d
Signed-off-by: Dani Megert <Daniel_Megert@ch.ibm.com>
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
| -rw-r--r-- | org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java b/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java index bde5e1da26..ed37feab3f 100644 --- a/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java +++ b/org.eclipse.jgit/src/org/eclipse/jgit/transport/http/JDKHttpConnection.java @@ -186,7 +186,7 @@ public class JDKHttpConnection implements HttpConnection { public void configure(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws NoSuchAlgorithmException, KeyManagementException { - SSLContext ctx = SSLContext.getInstance("SSL"); //$NON-NLS-1$ + SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$ ctx.init(km, tm, random); ((HttpsURLConnection) wrappedUrlConnection).setSSLSocketFactory(ctx .getSocketFactory()); |