You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicecomb.apache.org by li...@apache.org on 2018/10/19 01:53:53 UTC
[incubator-servicecomb-java-chassis] 01/02: [SCB-964] remove weak
cipher suites
This is an automated email from the ASF dual-hosted git repository.
liubao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-servicecomb-java-chassis.git
commit b0b3b835c908c50333a1991df5db170149853cf9
Author: yaohaishi <ya...@huawei.com>
AuthorDate: Tue Oct 16 09:26:15 2018 +0800
[SCB-964] remove weak cipher suites
---
.../java/org/apache/servicecomb/foundation/ssl/SSLOption.java | 8 +++-----
.../apache/servicecomb/foundation/vertx/TestVertxTLSBuilder.java | 2 +-
2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLOption.java b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLOption.java
index 012ad80..b7b5034 100644
--- a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLOption.java
+++ b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLOption.java
@@ -38,15 +38,13 @@ import com.netflix.config.DynamicPropertyFactory;
public final class SSLOption {
private static final SSLOption DEFAULT_OPTION = new SSLOption();
- public static final String DEFAUL_CIPHERS = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,"
- + "TLS_RSA_WITH_AES_256_GCM_SHA384,"
- + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,"
- + "TLS_RSA_WITH_AES_128_GCM_SHA256";
+ public static final String DEFAULT_CIPHERS = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,"
+ + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
static {
DEFAULT_OPTION.setEngine("jdk");
DEFAULT_OPTION.setProtocols("TLSv1.2");
- DEFAULT_OPTION.setCiphers(DEFAUL_CIPHERS);
+ DEFAULT_OPTION.setCiphers(DEFAULT_CIPHERS);
DEFAULT_OPTION.setAuthPeer(false);
DEFAULT_OPTION.setCheckCNHost(false);
DEFAULT_OPTION.setCheckCNWhite(false);
diff --git a/foundations/foundation-vertx/src/test/java/org/apache/servicecomb/foundation/vertx/TestVertxTLSBuilder.java b/foundations/foundation-vertx/src/test/java/org/apache/servicecomb/foundation/vertx/TestVertxTLSBuilder.java
index 5703855..95a2cd1 100644
--- a/foundations/foundation-vertx/src/test/java/org/apache/servicecomb/foundation/vertx/TestVertxTLSBuilder.java
+++ b/foundations/foundation-vertx/src/test/java/org/apache/servicecomb/foundation/vertx/TestVertxTLSBuilder.java
@@ -66,7 +66,7 @@ public class TestVertxTLSBuilder {
static {
sslOption.setEngine("openssl");
sslOption.setProtocols("");
- sslOption.setCiphers(SSLOption.DEFAUL_CIPHERS);
+ sslOption.setCiphers(SSLOption.DEFAULT_CIPHERS);
sslOption.setCheckCNHost(true);
}