You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2015/12/10 09:39:24 UTC
svn commit: r1719028 - in /qpid/java/trunk/broker-plugins:
management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java
Author: rgodfrey
Date: Thu Dec 10 08:39:23 2015
New Revision: 1719028
URL: http://svn.apache.org/viewvc?rev=1719028&view=rev
Log:
QPID-6938 : Ensure HTTPS ports offer TLSv1.1 and TLSv1.2 on the IBM JDK
Modified:
qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
qpid/java/trunk/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java
Modified: qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java?rev=1719028&r1=1719027&r2=1719028&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java (original)
+++ qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java Thu Dec 10 08:39:23 2015
@@ -374,8 +374,17 @@ public class HttpManagement extends Abst
{
throw new IllegalConfigurationException("Key store is not configured. Cannot start management on HTTPS port without keystore");
}
- SslContextFactory factory = new SslContextFactory();
- factory.addExcludeProtocols(SSLUtil.getExcludedSSlProtocols());
+ SslContextFactory factory = new SslContextFactory()
+ {
+ public String[] selectProtocols(String[] enabledProtocols, String[] supportedProtocols)
+ {
+ List<String> selectedProtocols = new ArrayList<>(Arrays.asList(enabledProtocols));
+ SSLUtil.updateEnabledProtocols(selectedProtocols, supportedProtocols);
+
+ return selectedProtocols.toArray(new String[selectedProtocols.size()]);
+ }
+
+ };
if(port.getDisabledCipherSuites() != null)
{
Modified: qpid/java/trunk/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java?rev=1719028&r1=1719027&r2=1719028&view=diff
==============================================================================
--- qpid/java/trunk/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java (original)
+++ qpid/java/trunk/broker-plugins/websocket/src/main/java/org/apache/qpid/server/transport/websocket/WebSocketProvider.java Thu Dec 10 08:39:23 2015
@@ -119,9 +119,18 @@ class WebSocketProvider implements Accep
}
else if (_transport == Transport.WSS)
{
- SslContextFactory factory = new SslContextFactory();
+ SslContextFactory factory = new SslContextFactory()
+ {
+ public String[] selectProtocols(String[] enabledProtocols, String[] supportedProtocols)
+ {
+ List<String> selectedProtocols = new ArrayList<>(Arrays.asList(enabledProtocols));
+ SSLUtil.updateEnabledProtocols(selectedProtocols, supportedProtocols);
+
+ return selectedProtocols.toArray(new String[selectedProtocols.size()]);
+ }
+
+ };
factory.setSslContext(_sslContext);
- factory.addExcludeProtocols(SSLUtil.getExcludedSSlProtocols());
if(_port.getDisabledCipherSuites() != null)
{
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org