MikeN123

#!/usr/bin/env python
 
# -*- coding: utf-8 -*-
# a last.fm now playing script originally written by Brandon Sutton
# some modifications by lifning
# and more modifications by praseodym
 
import urllib2
import sys

MikeN123

Download and install p4merge

• Download the perforce visual tool suite from here: http://www.perforce.com/perforce/downloads/index.html
• Copy only the p4merge.app file into your /Applications/ directory

Setup p4merge as a visual mergetool

MikeN123

import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.core.PriorityOrdered;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

/**
 * This postprocessor sets {@code useSuffixPatternMatch} and {@code useTrailingSlashMatch} to {@code false}, so we have
 * exact URL matching. This prevents 404's, wrong base URL's, and automatic matching on extensions (.json), which is
 * useful when using {@code PathParam}s.
 *

MikeN123

    <Connector port="8443" protocol="HTTP/1.1"
     connectionTimeout="20000" keepAliveTimeout="120000"
     SSLEnabled="true" scheme="https" secure="true"
     clientAuth="false" SSLProtocol="SSLv3+TLSv1"
     SSLCertificateFile="conf/certificate.pem"
     SSLCertificateKeyFile="conf/key.pem"
     SSLCertificateChainFile="conf/chain.pem"
     SSLCipherSuite="<<see https://wiki.mozilla.org/Security/Server_Side_TLS>>"
     SSLHonorCipherOrder="true" SSLDisableCompression="true"
    />

MikeN123

#
# Install the necessary dependencies
# Make sure to use a recent OpenSSL (1.0.1+)
# These deps are for a Debian based system
#
apt-get install build-essential libapr1-dev libssl-dev

#
# Download and unzip Tomcat Native (replace version number where necessary)
#

MikeN123

diff -ru tomcat-native-1.1.29-src.orig/jni/native/src/sslcontext.c tomcat-native-1.1.29-src/jni/native/src/sslcontext.c
--- tomcat-native-1.1.29-src.orig/jni/native/src/sslcontext.c	2013-02-05 14:49:48.000000000 +0100
+++ tomcat-native-1.1.29-src/jni/native/src/sslcontext.c	2014-02-04 23:03:29.000000000 +0100
@@ -151,6 +151,11 @@
                (unsigned long)((sizeof SSL_DEFAULT_VHOST_NAME) - 1),
                &(c->context_id[0]), NULL, EVP_sha1(), NULL);
     if (mode) {
+        /* Set default (nistp256) elliptic curve for ephemeral ECDH keys */
+        EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+        SSL_CTX_set_tmp_ecdh(c->ctx, ecdh);

MikeN123

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
   maxThreads="150" scheme="https" secure="true"
   clientAuth="false" sslProtocol="TLS" keystoreFile="conf/keystore.jks" keystorePass="changeit"
   ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
   TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,
   TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,
   TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA" />

MikeN123

Default	Cipher
 	SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
*	SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
 	SSL_DHE_DSS_WITH_DES_CBC_SHA
 	SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
*	SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
 	SSL_DHE_RSA_WITH_DES_CBC_SHA
 	SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
 	SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
 	SSL_DH_anon_WITH_3DES_EDE_CBC_SHA

MikeN123

import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.SSLServerSocketFactory;

/*
 * Source from Christopher Schultz
 * @see http://markmail.org/message/zn4namfhypyxum23
 */
public class SSLInfo

MikeN123

#!/bin/sh
#
# /etc/init.d/tomcat -- startup script for the Tomcat 7 servlet engine
#
# Modified init-Script from Ubuntu Tomcat init-script
#
# 2010 - Sebastian Mogilowski - http://www.mogilowski.net/2010/12/11/install-tomcat-7-on-debian-lenny-with-virtual-hosts-and-apache2-integration/
# 2012 - Collin Peters - Added debug option
#
### BEGIN INIT INFO