You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2019/09/29 21:34:57 UTC
[qpid-jms-amqp-0-x] branch 6.3.x updated (49168c3 -> 36ede0c)
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a change to branch 6.3.x
in repository https://gitbox.apache.org/repos/asf/qpid-jms-amqp-0-x.git.
from 49168c3 [maven-release-plugin] prepare for next development iteration
new e94898f QPID-8354: [JMS AMQP 0-x] Blacklist TLSv1.1
new 36ede0c QPID-8353: [JMS AMQP 0-x] Add TLSv1.3 into preferences
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../java/org/apache/qpid/configuration/CommonProperties.java | 2 +-
.../apache/qpid/transport/network/security/ssl/SSLUtil.java | 2 +-
.../qpid/transport/network/security/ssl/SSLUtilTest.java | 10 +++++-----
3 files changed, 7 insertions(+), 7 deletions(-)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
[qpid-jms-amqp-0-x] 01/02: QPID-8354: [JMS AMQP 0-x] Blacklist
TLSv1.1
Posted by or...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 6.3.x
in repository https://gitbox.apache.org/repos/asf/qpid-jms-amqp-0-x.git
commit e94898f5f46a56ea5ab3f96acc34351d6d92845c
Author: Alex Rudyy <or...@apache.org>
AuthorDate: Sun Sep 29 21:58:28 2019 +0100
QPID-8354: [JMS AMQP 0-x] Blacklist TLSv1.1
(cherry picked from commit a10dd9eb75bee0ec13cab38e8291a2498583bbdc)
---
.../src/main/java/org/apache/qpid/configuration/CommonProperties.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/client/src/main/java/org/apache/qpid/configuration/CommonProperties.java b/client/src/main/java/org/apache/qpid/configuration/CommonProperties.java
index 6e2daf5..7323a08 100644
--- a/client/src/main/java/org/apache/qpid/configuration/CommonProperties.java
+++ b/client/src/main/java/org/apache/qpid/configuration/CommonProperties.java
@@ -60,7 +60,7 @@ public class CommonProperties
public static final String QPID_SECURITY_TLS_PROTOCOL_WHITE_LIST = "qpid.security.tls.protocolWhiteList";
public static final String QPID_SECURITY_TLS_PROTOCOL_WHITE_LIST_DEFAULT = "TLSv1\\.[0-9]+";
public static final String QPID_SECURITY_TLS_PROTOCOL_BLACK_LIST = "qpid.security.tls.protocolBlackList";
- public static final String QPID_SECURITY_TLS_PROTOCOL_BLACK_LIST_DEFAULT = "TLSv1\\.0";
+ public static final String QPID_SECURITY_TLS_PROTOCOL_BLACK_LIST_DEFAULT = "TLSv1\\.[0-1]";
public static final String QPID_SECURITY_TLS_CIPHER_SUITE_WHITE_LIST = "qpid.security.tls.cipherSuiteWhiteList";
public static final String QPID_SECURITY_TLS_CIPHER_SUITE_WHITE_LIST_DEFAULT = "";
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org
[qpid-jms-amqp-0-x] 02/02: QPID-8353: [JMS AMQP 0-x] Add TLSv1.3
into preferences
Posted by or...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
orudyy pushed a commit to branch 6.3.x
in repository https://gitbox.apache.org/repos/asf/qpid-jms-amqp-0-x.git
commit 36ede0c01c275ac36765f4723c4878d8a6f3e013
Author: Alex Rudyy <or...@apache.org>
AuthorDate: Sun Sep 29 22:03:36 2019 +0100
QPID-8353: [JMS AMQP 0-x] Add TLSv1.3 into preferences
(cherry picked from commit d50617333ff52385e3316e11b135a57d1b0859b6)
---
.../apache/qpid/transport/network/security/ssl/SSLUtil.java | 2 +-
.../qpid/transport/network/security/ssl/SSLUtilTest.java | 10 +++++-----
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/client/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java b/client/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
index d26c8fd..badf9a2 100644
--- a/client/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
+++ b/client/src/main/java/org/apache/qpid/transport/network/security/ssl/SSLUtil.java
@@ -75,7 +75,7 @@ public class SSLUtil
private static final Logger LOGGER = LoggerFactory.getLogger(SSLUtil.class);
private static final Integer DNS_NAME_TYPE = 2;
- public static final String[] TLS_PROTOCOL_PREFERENCES = new String[]{"TLSv1.2", "TLSv1.1", "TLS", "TLSv1"};
+ public static final String[] TLS_PROTOCOL_PREFERENCES = new String[]{"TLSv1.3", "TLSv1.2", "TLSv1.1", "TLS", "TLSv1"};
private static final Method SSL_PARAMETERS_SET_USE_CIPHER_SUITES_ORDER;
diff --git a/client/src/test/java/org/apache/qpid/transport/network/security/ssl/SSLUtilTest.java b/client/src/test/java/org/apache/qpid/transport/network/security/ssl/SSLUtilTest.java
index 1db8725..6c1c821 100644
--- a/client/src/test/java/org/apache/qpid/transport/network/security/ssl/SSLUtilTest.java
+++ b/client/src/test/java/org/apache/qpid/transport/network/security/ssl/SSLUtilTest.java
@@ -54,9 +54,9 @@ public class SSLUtilTest extends QpidTestCase
{
List<String> whiteList = Arrays.asList("TLSv1\\.[0-9]+");
List<String> blackList = Collections.emptyList();
- String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2"};
- String[] expected = {"TLSv1.1", "TLSv1.2"};
- String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"};
+ String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2", "TLSv1.3"};
+ String[] expected = {"TLSv1.1", "TLSv1.2", "TLSv1.3"};
+ String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"};
String[] result = SSLUtil.filterEntries(enabled, supported, whiteList, blackList);
assertTrue("unexpected filtered list: expected " + Arrays.toString(expected) + " actual " + Arrays.toString(
result), Arrays.equals(expected, result));
@@ -66,9 +66,9 @@ public class SSLUtilTest extends QpidTestCase
{
List<String> whiteList = Arrays.asList();
List<String> blackList = Arrays.asList("TLSv1\\.[0-9]+");
- String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2"};
+ String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2", "TLSv1.3"};
String[] expected = {"TLS"};
- String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"};
+ String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"};
String[] result = SSLUtil.filterEntries(enabled, supported, whiteList, blackList);
assertTrue("unexpected filtered list: expected " + Arrays.toString(expected) + " actual " + Arrays.toString(
result), Arrays.equals(expected, result));
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org