This is an automated email from the ASF dual-hosted git repository. orudyy pushed a commit to branch 7.1.x in repository https://gitbox.apache.org/repos/asf/qpid-broker-j.git
commit c81cea78a653020b257434a33a7b5c9946521f45 Author: Tomas Vavricka <tomas.vavri...@deutsche-boerse.com> AuthorDate: Fri Sep 20 11:53:46 2019 +0200 QPID-8353: [Broker-J] Add TLSv1.3 into TLS protocol preferences This closes #38 (cherry picked from commit d9fda7d8258b63748bfd3a324411a8b1523207b5) --- .../qpid/server/transport/network/security/ssl/SSLUtil.java | 6 +----- .../server/transport/network/security/ssl/SSLUtilTest.java | 10 +++++----- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/broker-core/src/main/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtil.java b/broker-core/src/main/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtil.java index 0ffab92..01c11d3 100644 --- a/broker-core/src/main/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtil.java +++ b/broker-core/src/main/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtil.java @@ -43,7 +43,6 @@ import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.PrivateKey; -import java.security.SecureRandom; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -89,10 +88,7 @@ public class SSLUtil private static final Logger LOGGER = LoggerFactory.getLogger(SSLUtil.class); private static final Integer DNS_NAME_TYPE = 2; - private static final String[] TLS_PROTOCOL_PREFERENCES = new String[]{"TLSv1.2", "TLSv1.1", "TLS", "TLSv1"}; - - - private static final SecureRandom RANDOM = new SecureRandom(); + private static final String[] TLS_PROTOCOL_PREFERENCES = new String[]{"TLSv1.3", "TLSv1.2", "TLSv1.1", "TLS", "TLSv1"}; private static final Constructor<?> CONSTRUCTOR; diff --git a/broker-core/src/test/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtilTest.java b/broker-core/src/test/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtilTest.java index 7498b6a..81d928a 100644 --- a/broker-core/src/test/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtilTest.java +++ b/broker-core/src/test/java/org/apache/qpid/server/transport/network/security/ssl/SSLUtilTest.java @@ -72,9 +72,9 @@ public class SSLUtilTest extends UnitTestBase { List<String> whiteList = Arrays.asList("TLSv1\\.[0-9]+"); List<String> blackList = Collections.emptyList(); - String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2"}; - String[] expected = {"TLSv1.1", "TLSv1.2"}; - String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"}; + String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2", "TLSv1.3"}; + String[] expected = {"TLSv1.1", "TLSv1.2", "TLSv1.3"}; + String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}; String[] result = SSLUtil.filterEntries(enabled, supported, whiteList, blackList); assertTrue("unexpected filtered list: expected " + Arrays.toString(expected) + " actual " + Arrays.toString( result), Arrays.equals(expected, result)); @@ -85,9 +85,9 @@ public class SSLUtilTest extends UnitTestBase { List<String> whiteList = Arrays.asList(); List<String> blackList = Arrays.asList("TLSv1\\.[0-9]+"); - String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2"}; + String[] enabled = {"TLS", "TLSv1.1", "TLSv1.2", "TLSv1.3"}; String[] expected = {"TLS"}; - String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"}; + String[] supported = {"SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"}; String[] result = SSLUtil.filterEntries(enabled, supported, whiteList, blackList); assertTrue("unexpected filtered list: expected " + Arrays.toString(expected) + " actual " + Arrays.toString( result), Arrays.equals(expected, result)); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org For additional commands, e-mail: commits-h...@qpid.apache.org