You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/11/29 14:23:47 UTC

[camel] branch camel-3.0.x updated: CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch camel-3.0.x
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/camel-3.0.x by this push:
     new a73692d  CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
a73692d is described below

commit a73692daac12003d5a736010f15020fde3174fe6
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Nov 29 14:22:36 2019 +0000

    CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
---
 .../java/org/apache/camel/support/jsse/BaseSSLContextParameters.java  | 2 +-
 .../user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
index 31d5c3f..954e359 100644
--- a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
+++ b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
@@ -60,7 +60,7 @@ public abstract class BaseSSLContextParameters extends JsseParameters {
         Collections.unmodifiableList(Arrays.asList(".*"));
     
     protected static final List<String> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
-        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
+        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*", ".*MD5", ".*RC4.*"));
     
     protected static final List<String> DEFAULT_SECURE_SOCKET_PROTOCOLS_FILTER_INCLUDE =
         Collections.unmodifiableList(Arrays.asList(".*"));
diff --git a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
index 65f9753..7e81e13 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
@@ -114,8 +114,8 @@ as well as in the SSLEngine.  The patterns are applied over only the
 available cipher suites.  The exclude patterns have precedence over the
 include patterns.  If no cipherSuites and no cipherSuitesFilter are
 present, the default patterns applied are: +
-Includes .\*; Excludes .*_NULL_.*, .\*_anon_.*
-, .\*DES.* *Camel 2.15.4*, .\*EXPORT.* *Camel 2.15.4*.
+Includes .\*;
+Excludes .*_NULL_.*, .\*_anon_.*, .\*DES.*, .\*EXPORT.* *Camel 2.15.4*., .\*MD5, .\*RC4.* *Camel 3.0.1*
 secureSocketProtocols::
 This optional property represents a collection of explicitly named
 secure socket protocols, such as SSLv3/TLS/etc., to enable on both the