You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/12/10 14:42:15 UTC
[3/3] cxf git commit: Also exclude export ciphers by default
Also exclude export ciphers by default
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5a80585
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5a80585
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5a80585
Branch: refs/heads/master
Commit: e5a805853864e291626bdb913448fc4e2409cca0
Parents: 94cfe7e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Dec 10 11:37:02 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Dec 10 13:38:29 2014 +0000
----------------------------------------------------------------------
.../main/java/org/apache/cxf/configuration/jsse/SSLUtils.java | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/e5a80585/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
index dff171d..534c256 100644
--- a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
+++ b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
@@ -68,14 +68,15 @@ public final class SSLUtils {
private static final boolean DEFAULT_REQUIRE_CLIENT_AUTHENTICATION = false;
private static final boolean DEFAULT_WANT_CLIENT_AUTHENTICATION = true;
- /**
- * By default, only include export-compatible ciphersuites.
- */
private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_INCLUDE =
Arrays.asList(new String[] {".*"});
+ /**
+ * By default, exclude NULL, anon, EXPORT, DES ciphersuites
+ */
private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_EXCLUDE =
Arrays.asList(new String[] {".*_NULL_.*",
".*_anon_.*",
+ ".*_EXPORT_.*",
".*_DES_.*"});
private static volatile KeyManager[] defaultManagers;