You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/10/22 11:31:47 UTC

[2/2] git commit: Disabling SSLv2 on 3.0

Disabling SSLv2 on 3.0


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1102bf8c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1102bf8c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1102bf8c

Branch: refs/heads/2.7.x-fixes
Commit: 1102bf8cbc6f3f8310d565ff94c2d5ad2ced9cdc
Parents: 80e99fb
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Oct 22 10:25:27 2014 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Oct 22 10:30:28 2014 +0100

----------------------------------------------------------------------
 .../apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java    | 1 +
 .../cxf/transport/https_jetty/CXFJettySslSocketConnector.java     | 3 +++
 2 files changed, 4 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/1102bf8c/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
----------------------------------------------------------------------
diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
index c4b3e8e..0a45d2e 100644
--- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
+++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
@@ -771,3 +771,4 @@ public class JettyHTTPServerEngine
     
 }
 
+

http://git-wip-us.apache.org/repos/asf/cxf/blob/1102bf8c/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
----------------------------------------------------------------------
diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
index c43dcab..39d9953 100644
--- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
+++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
@@ -116,6 +116,9 @@ public class CXFJettySslSocketConnector extends SslSelectChannelConnector {
         if (!"SSLv3".equals(proto)) {
             getSslContextFactory().addExcludeProtocols("SSLv3");
         }
+        if (!"SSLv2Hello".equals(proto)) {
+            getSslContextFactory().addExcludeProtocols("SSLv2Hello");
+        }
 
         SSLContext context = getCxfSslContextFactory().getProvider() == null
             ? SSLContext.getInstance(proto)