Salesforce and TLS v1.0

[Zoran Regvart <zo...@regvart.com>]

Hi devs,
Salesforce will discontinue support for TLS v1.0 beginning March 2017.
I've raised the issue[1] and I think that we could be proactive for
the 2.17.x.

What I would suggest is for the camel-salesforce component:
1. if the JVM doesn't support TLS v1.1 or newer print warning message in the log
2. change the default from SSL protocol "TLS" to the highest TLS
version supported by the JVM

Now, you might wonder why this is necessary at all, after all the
org.apache.camel.util.jsse.* already configures SSLEngine to enable
all protocols[2] and disables SSL protocols[3], and with that it will
work out of the box. I think that this is worthwhile because in case
the user explicitly configured the `sslContextParameters` on the
component, or is running under a JVM that's configured with different
JSSE provider that does not support TLS version 1.1 or newer.

Does this make the change unrelevant, I'd like to discuss this, so any
comments welcome, best outcome is that this is not needed at all and I
would like to hear arguments to that :)

Talk is cheap so I made a pull request[4].

zoran

[1] https://issues.apache.org/jira/browse/CAMEL-10519
[2] https://github.com/apache/camel/blob/master/camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java#L68-L69
[3] https://github.com/apache/camel/blob/master/camel-core/src/main/java/org/apache/camel/util/jsse/BaseSSLContextParameters.java#L71-L72
[4] https://github.com/apache/camel/pull/1307
-- 
Zoran Regvart