Merge "Manual recreation of dalvik change 720d1e962e248a30f81c1493081ff4c01e35c839 in libcore" into dalvik-dev

author: Brian Carlstrom <bdc@google.com> 2010-05-21 16:10:26 -0700
committer: Android (Google) Code Review <android-gerrit@google.com> 2010-05-21 16:10:26 -0700
commit: f747d892a728b9ed2cd84a0902b3ecec717c7b95 (patch)
tree: 8988d7a5d9c00c02dd2814163e1a924a89df6fe0
parent: 2313047d797e4daece04da8e8ed406d26b589f82 (diff)
parent: f7b8b35bcc93523ef224039b009608b1ea3b81f3 (diff)
download: libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.zip
libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.tar.gz
libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.tar.bz2
1 files changed, 9 insertions, 3 deletions
diff --git a/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp b/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
index 7f52470..21489a2 100644
--- a/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
+++ b/luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
@@ -1575,9 +1575,14 @@ static int NativeCrypto_SSL_CTX_new(JNIEnv* env, jclass) {
         jniThrowRuntimeException(env, "SSL_CTX_new");
         return NULL;
     }
-    // Note: We explicitly do not allow SSLv2 to be used.
     SSL_CTX_set_options(sslCtx.get(),
-                        SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
+                        SSL_OP_ALL
+                        // Note: We explicitly do not allow SSLv2 to be used.
+                        | SSL_OP_NO_SSLv2
+                        // We also disable session tickets for better compatability b/2682876
+                        | SSL_OP_NO_TICKET
+                        // Because dhGenerateParameters uses DSA_generate_parameters_ex
+                        | SSL_OP_SINGLE_DH_USE);
 
     int mode = SSL_CTX_get_mode(sslCtx.get());
     /*
@@ -2361,7 +2366,8 @@ static jint NativeCrypto_SSL_read(JNIEnv* env, jclass, jint
     int returnCode = 0;
     int sslErrorCode = SSL_ERROR_NONE;;
 
-    int ret = sslRead(env, ssl, (char*) (bytes.get() + offset), len, &returnCode, &sslErrorCode, timeout);
+    int ret = sslRead(env, ssl, (char*) (bytes.get() + offset), len,
+                      &returnCode, &sslErrorCode, timeout);
 
     int result;
     if (ret == THROW_EXCEPTION) {
author	Brian Carlstrom <bdc@google.com>	2010-05-21 16:10:26 -0700
committer	Android (Google) Code Review <android-gerrit@google.com>	2010-05-21 16:10:26 -0700
commit	f747d892a728b9ed2cd84a0902b3ecec717c7b95 (patch)
tree	8988d7a5d9c00c02dd2814163e1a924a89df6fe0
parent	2313047d797e4daece04da8e8ed406d26b589f82 (diff)
parent	f7b8b35bcc93523ef224039b009608b1ea3b81f3 (diff)
download	libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.zip libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.tar.gz libcore-f747d892a728b9ed2cd84a0902b3ecec717c7b95.tar.bz2