You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/11/29 14:23:07 UTC
[camel] branch master updated: CAMEL-14230 - Disable RC4 and MD5
TLS ciphersuites by default
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/master by this push:
new 7231b30 CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
7231b30 is described below
commit 7231b30f208421756768b5a72f82304717e97c91
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Nov 29 14:22:36 2019 +0000
CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
---
.../java/org/apache/camel/support/jsse/BaseSSLContextParameters.java | 2 +-
.../user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
index 31d5c3f..954e359 100644
--- a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
+++ b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
@@ -60,7 +60,7 @@ public abstract class BaseSSLContextParameters extends JsseParameters {
Collections.unmodifiableList(Arrays.asList(".*"));
protected static final List<String> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
- Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*"));
+ Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", ".*_EXPORT_.*", ".*_DES_.*", ".*MD5", ".*RC4.*"));
protected static final List<String> DEFAULT_SECURE_SOCKET_PROTOCOLS_FILTER_INCLUDE =
Collections.unmodifiableList(Arrays.asList(".*"));
diff --git a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
index 65f9753..7e81e13 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
@@ -114,8 +114,8 @@ as well as in the SSLEngine. The patterns are applied over only the
available cipher suites. The exclude patterns have precedence over the
include patterns. If no cipherSuites and no cipherSuitesFilter are
present, the default patterns applied are: +
-Includes .\*; Excludes .*_NULL_.*, .\*_anon_.*
-, .\*DES.* *Camel 2.15.4*, .\*EXPORT.* *Camel 2.15.4*.
+Includes .\*;
+Excludes .*_NULL_.*, .\*_anon_.*, .\*DES.*, .\*EXPORT.* *Camel 2.15.4*., .\*MD5, .\*RC4.* *Camel 3.0.1*
secureSocketProtocols::
This optional property represents a collection of explicitly named
secure socket protocols, such as SSLv3/TLS/etc., to enable on both the