You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ja...@apache.org on 2014/10/28 14:00:35 UTC
[1/3] git commit: CAMEL-7940 - disable SSL by default in netty
components
Repository: camel
Updated Branches:
refs/heads/camel-2.13.x 2f2dde16c -> f98cfda6d
refs/heads/camel-2.14.x d37afded6 -> e6cc689f4
refs/heads/master bc056bcc1 -> c10a91ace
CAMEL-7940 - disable SSL by default in netty components
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/c10a91ac
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/c10a91ac
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/c10a91ac
Branch: refs/heads/master
Commit: c10a91ace9f789510ddf84a216e43ebfeabe02b6
Parents: bc056bc
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Tue Oct 28 10:24:37 2014 -0230
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Tue Oct 28 10:24:48 2014 -0230
----------------------------------------------------------------------
.../component/netty/http/HttpClientPipelineFactory.java | 1 +
.../component/netty/http/HttpServerPipelineFactory.java | 1 +
.../netty/http/HttpServerSharedPipelineFactory.java | 1 +
.../component/netty/DefaultClientPipelineFactory.java | 4 +++-
.../component/netty/DefaultServerPipelineFactory.java | 5 ++++-
.../netty/NettyServerBootstrapConfiguration.java | 12 +++++++++++-
.../netty4/http/HttpClientInitializerFactory.java | 1 +
.../netty4/http/HttpServerInitializerFactory.java | 1 +
.../netty4/http/HttpServerSharedInitializerFactory.java | 1 +
.../camel/component/netty4/http/NettyHttpSSLTest.java | 1 -
.../netty4/DefaultClientInitializerFactory.java | 1 +
.../netty4/DefaultServerInitializerFactory.java | 1 +
.../netty4/NettyServerBootstrapConfiguration.java | 10 ++++++++++
13 files changed, 36 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
index 019a6cd..9c85c9d 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
@@ -174,6 +174,7 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
index 22ea852..565534c 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
@@ -184,6 +184,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
index cca79bc..c920fd4 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
@@ -151,6 +151,7 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ engine.setEnabledProtocols(configuration.getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
index 71c8a40..fe6dd9b 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
@@ -1,5 +1,5 @@
/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
+ * Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
@@ -18,6 +18,7 @@ package org.apache.camel.component.netty;
import java.util.List;
import java.util.concurrent.TimeUnit;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -154,6 +155,7 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory {
return producer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
engine.setUseClientMode(true);
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
index 4df0394..33f264a 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
@@ -17,6 +17,7 @@
package org.apache.camel.component.netty;
import java.util.List;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -171,8 +172,10 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
return consumer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
- engine.setUseClientMode(false);
+ engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
+
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
index fd0c498..647d4cc 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
@@ -55,6 +55,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
protected String trustStoreResource;
protected String keyStoreFormat = "JKS";
protected String securityProvider = "SunX509";
+ protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2";
protected String passphrase;
protected BossPool bossPool;
protected WorkerPool workerPool;
@@ -328,6 +329,14 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
this.networkInterface = networkInterface;
}
+ public String getEnabledProtocols() {
+ return enabledProtocols;
+ }
+
+ public void setEnabledProtocols(String enabledProtocols) {
+ this.enabledProtocols = enabledProtocols;
+ }
+
/**
* Checks if the other {@link NettyServerBootstrapConfiguration} is compatible
* with this, as a Netty listener bound on port X shares the same common
@@ -411,7 +420,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
return isCompatible;
}
-
+
public String toStringBootstrapConfiguration() {
return "NettyServerBootstrapConfiguration{"
+ "protocol='" + protocol + '\''
@@ -435,6 +444,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
+ ", sslHandler=" + sslHandler
+ ", sslContextParameters='" + sslContextParameters + '\''
+ ", needClientAuth=" + needClientAuth
+ + ", enabledProtocols='" + enabledProtocols
+ ", keyStoreFile=" + keyStoreFile
+ ", trustStoreFile=" + trustStoreFile
+ ", keyStoreResource='" + keyStoreResource + '\''
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
index bda2f9e..6bf8869 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
@@ -178,6 +178,7 @@ public class HttpClientInitializerFactory extends ClientInitializerFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
index c7f40ea..833c5bc 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
@@ -179,6 +179,7 @@ public class HttpServerInitializerFactory extends ServerInitializerFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
index 44d3273..c687641 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
@@ -150,6 +150,7 @@ public class HttpServerSharedInitializerFactory extends HttpServerInitializerFac
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ engine.setEnabledProtocols(configuration.getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java b/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
index 94d8553..9218468 100644
--- a/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
+++ b/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
@@ -98,7 +98,6 @@ public class NettyHttpSSLTest extends BaseNettyTest {
}
});
context.start();
-
String out = template.requestBody("https://localhost:{{port}}", "Hello World", String.class);
assertEquals("Bye World", out);
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
index d262e02..b35ba4e 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
@@ -157,6 +157,7 @@ public class DefaultClientInitializerFactory extends ClientInitializerFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
index b942c8a..0f080c6 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
@@ -177,6 +177,7 @@ public class DefaultServerInitializerFactory extends ServerInitializerFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/c10a91ac/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
index 8380849..c392962 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
@@ -55,6 +55,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
protected String trustStoreResource;
protected String keyStoreFormat;
protected String securityProvider;
+ protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2";
protected String passphrase;
protected EventLoopGroup bossGroup;
protected EventLoopGroup workerGroup;
@@ -328,6 +329,14 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
this.networkInterface = networkInterface;
}
+ public String getEnabledProtocols() {
+ return enabledProtocols;
+ }
+
+ public void setEnabledProtocols(String enabledProtocols) {
+ this.enabledProtocols = enabledProtocols;
+ }
+
/**
* Checks if the other {@link NettyServerBootstrapConfiguration} is compatible
* with this, as a Netty listener bound on port X shares the same common
@@ -435,6 +444,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
+ ", sslHandler=" + sslHandler
+ ", sslContextParameters='" + sslContextParameters + '\''
+ ", needClientAuth=" + needClientAuth
+ + ", enabledProtocols='" + enabledProtocols
+ ", keyStoreFile=" + keyStoreFile
+ ", trustStoreFile=" + trustStoreFile
+ ", keyStoreResource='" + keyStoreResource + '\''
[3/3] git commit: CAMEL-7940 - disable SSL by default in netty
components
Posted by ja...@apache.org.
CAMEL-7940 - disable SSL by default in netty components
Conflicts:
components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/f98cfda6
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/f98cfda6
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/f98cfda6
Branch: refs/heads/camel-2.13.x
Commit: f98cfda6d17e4aa4fc93f8834740e69c4fc50aac
Parents: 2f2dde1
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Tue Oct 28 10:24:37 2014 -0230
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Tue Oct 28 10:29:12 2014 -0230
----------------------------------------------------------------------
.../component/netty/http/HttpClientPipelineFactory.java | 1 +
.../component/netty/http/HttpServerPipelineFactory.java | 1 +
.../netty/http/HttpServerSharedPipelineFactory.java | 1 +
.../component/netty/DefaultClientPipelineFactory.java | 4 +++-
.../component/netty/DefaultServerPipelineFactory.java | 5 ++++-
.../netty/NettyServerBootstrapConfiguration.java | 12 +++++++++++-
6 files changed, 21 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
index 846d690..ce95648 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
@@ -174,6 +174,7 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
index 37fc58b..b8305ea 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
@@ -186,6 +186,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
index cca79bc..c920fd4 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
@@ -151,6 +151,7 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ engine.setEnabledProtocols(configuration.getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
index 71c8a40..fe6dd9b 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
@@ -1,5 +1,5 @@
/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
+ * Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
@@ -18,6 +18,7 @@ package org.apache.camel.component.netty;
import java.util.List;
import java.util.concurrent.TimeUnit;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -154,6 +155,7 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory {
return producer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
engine.setUseClientMode(true);
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
index 4df0394..33f264a 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
@@ -17,6 +17,7 @@
package org.apache.camel.component.netty;
import java.util.List;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -171,8 +172,10 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
return consumer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
- engine.setUseClientMode(false);
+ engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
+
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/f98cfda6/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
index 666415f..ee18dcd 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
@@ -55,6 +55,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
protected String trustStoreResource;
protected String keyStoreFormat;
protected String securityProvider;
+ protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2";
protected String passphrase;
protected BossPool bossPool;
protected WorkerPool workerPool;
@@ -328,6 +329,14 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
this.networkInterface = networkInterface;
}
+ public String getEnabledProtocols() {
+ return enabledProtocols;
+ }
+
+ public void setEnabledProtocols(String enabledProtocols) {
+ this.enabledProtocols = enabledProtocols;
+ }
+
/**
* Checks if the other {@link NettyServerBootstrapConfiguration} is compatible
* with this, as a Netty listener bound on port X shares the same common
@@ -411,7 +420,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
return isCompatible;
}
-
+
public String toStringBootstrapConfiguration() {
return "NettyServerBootstrapConfiguration{"
+ "protocol='" + protocol + '\''
@@ -435,6 +444,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
+ ", sslHandler=" + sslHandler
+ ", sslContextParameters='" + sslContextParameters + '\''
+ ", needClientAuth=" + needClientAuth
+ + ", enabledProtocols='" + enabledProtocols
+ ", keyStoreFile=" + keyStoreFile
+ ", trustStoreFile=" + trustStoreFile
+ ", keyStoreResource='" + keyStoreResource + '\''
[2/3] git commit: CAMEL-7940 - disable SSL by default in netty
components
Posted by ja...@apache.org.
CAMEL-7940 - disable SSL by default in netty components
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/e6cc689f
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/e6cc689f
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/e6cc689f
Branch: refs/heads/camel-2.14.x
Commit: e6cc689f4233fb3539a05f70dde53bac8bd208d9
Parents: d37afde
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Tue Oct 28 10:24:37 2014 -0230
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Tue Oct 28 10:25:39 2014 -0230
----------------------------------------------------------------------
.../component/netty/http/HttpClientPipelineFactory.java | 1 +
.../component/netty/http/HttpServerPipelineFactory.java | 1 +
.../netty/http/HttpServerSharedPipelineFactory.java | 1 +
.../component/netty/DefaultClientPipelineFactory.java | 4 +++-
.../component/netty/DefaultServerPipelineFactory.java | 5 ++++-
.../netty/NettyServerBootstrapConfiguration.java | 12 +++++++++++-
.../netty4/http/HttpClientInitializerFactory.java | 1 +
.../netty4/http/HttpServerInitializerFactory.java | 1 +
.../netty4/http/HttpServerSharedInitializerFactory.java | 1 +
.../camel/component/netty4/http/NettyHttpSSLTest.java | 1 -
.../netty4/DefaultClientInitializerFactory.java | 1 +
.../netty4/DefaultServerInitializerFactory.java | 1 +
.../netty4/NettyServerBootstrapConfiguration.java | 10 ++++++++++
13 files changed, 36 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
index 019a6cd..9c85c9d 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java
@@ -174,6 +174,7 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
index 22ea852..565534c 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java
@@ -184,6 +184,7 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
index cca79bc..c920fd4 100644
--- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
+++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java
@@ -151,6 +151,7 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ engine.setEnabledProtocols(configuration.getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
index 71c8a40..fe6dd9b 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java
@@ -1,5 +1,5 @@
/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
+ * Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
@@ -18,6 +18,7 @@ package org.apache.camel.component.netty;
import java.util.List;
import java.util.concurrent.TimeUnit;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -154,6 +155,7 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory {
return producer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
engine.setUseClientMode(true);
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
index 4df0394..33f264a 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java
@@ -17,6 +17,7 @@
package org.apache.camel.component.netty;
import java.util.List;
+
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
@@ -171,8 +172,10 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory {
return consumer.getConfiguration().getSslHandler();
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
- engine.setUseClientMode(false);
+ engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
+
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
index fd0c498..647d4cc 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java
@@ -55,6 +55,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
protected String trustStoreResource;
protected String keyStoreFormat = "JKS";
protected String securityProvider = "SunX509";
+ protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2";
protected String passphrase;
protected BossPool bossPool;
protected WorkerPool workerPool;
@@ -328,6 +329,14 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
this.networkInterface = networkInterface;
}
+ public String getEnabledProtocols() {
+ return enabledProtocols;
+ }
+
+ public void setEnabledProtocols(String enabledProtocols) {
+ this.enabledProtocols = enabledProtocols;
+ }
+
/**
* Checks if the other {@link NettyServerBootstrapConfiguration} is compatible
* with this, as a Netty listener bound on port X shares the same common
@@ -411,7 +420,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
return isCompatible;
}
-
+
public String toStringBootstrapConfiguration() {
return "NettyServerBootstrapConfiguration{"
+ "protocol='" + protocol + '\''
@@ -435,6 +444,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
+ ", sslHandler=" + sslHandler
+ ", sslContextParameters='" + sslContextParameters + '\''
+ ", needClientAuth=" + needClientAuth
+ + ", enabledProtocols='" + enabledProtocols
+ ", keyStoreFile=" + keyStoreFile
+ ", trustStoreFile=" + trustStoreFile
+ ", keyStoreResource='" + keyStoreResource + '\''
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
index bda2f9e..6bf8869 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpClientInitializerFactory.java
@@ -178,6 +178,7 @@ public class HttpClientInitializerFactory extends ClientInitializerFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
index c7f40ea..833c5bc 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerInitializerFactory.java
@@ -179,6 +179,7 @@ public class HttpServerInitializerFactory extends ServerInitializerFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
index 44d3273..c687641 100644
--- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
+++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/HttpServerSharedInitializerFactory.java
@@ -150,6 +150,7 @@ public class HttpServerSharedInitializerFactory extends HttpServerInitializerFac
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(configuration.isNeedClientAuth());
+ engine.setEnabledProtocols(configuration.getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java b/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
index 94d8553..9218468 100644
--- a/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
+++ b/components/camel-netty4-http/src/test/java/org/apache/camel/component/netty4/http/NettyHttpSSLTest.java
@@ -98,7 +98,6 @@ public class NettyHttpSSLTest extends BaseNettyTest {
}
});
context.start();
-
String out = template.requestBody("https://localhost:{{port}}", "Hello World", String.class);
assertEquals("Bye World", out);
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
index d262e02..b35ba4e 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultClientInitializerFactory.java
@@ -157,6 +157,7 @@ public class DefaultClientInitializerFactory extends ClientInitializerFactory {
} else if (sslContext != null) {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(true);
+ engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
index b942c8a..0f080c6 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/DefaultServerInitializerFactory.java
@@ -177,6 +177,7 @@ public class DefaultServerInitializerFactory extends ServerInitializerFactory {
SSLEngine engine = sslContext.createSSLEngine();
engine.setUseClientMode(false);
engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth());
+ engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(","));
return new SslHandler(engine);
}
http://git-wip-us.apache.org/repos/asf/camel/blob/e6cc689f/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
index 8380849..c392962 100644
--- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
+++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyServerBootstrapConfiguration.java
@@ -55,6 +55,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
protected String trustStoreResource;
protected String keyStoreFormat;
protected String securityProvider;
+ protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2";
protected String passphrase;
protected EventLoopGroup bossGroup;
protected EventLoopGroup workerGroup;
@@ -328,6 +329,14 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
this.networkInterface = networkInterface;
}
+ public String getEnabledProtocols() {
+ return enabledProtocols;
+ }
+
+ public void setEnabledProtocols(String enabledProtocols) {
+ this.enabledProtocols = enabledProtocols;
+ }
+
/**
* Checks if the other {@link NettyServerBootstrapConfiguration} is compatible
* with this, as a Netty listener bound on port X shares the same common
@@ -435,6 +444,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable {
+ ", sslHandler=" + sslHandler
+ ", sslContextParameters='" + sslContextParameters + '\''
+ ", needClientAuth=" + needClientAuth
+ + ", enabledProtocols='" + enabledProtocols
+ ", keyStoreFile=" + keyStoreFile
+ ", trustStoreFile=" + trustStoreFile
+ ", keyStoreResource='" + keyStoreResource + '\''