(servicecomb-java-chassis) branch master updated: [SCB-2853]cipher suits configuration tolerate with blanks (#4199)

[liubao]

This is an automated email from the ASF dual-hosted git repository.

liubao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git


The following commit(s) were added to refs/heads/master by this push:
     new c79fbd893 [SCB-2853]cipher suits configuration tolerate with blanks 
(#4199)
c79fbd893 is described below

commit c79fbd8931d7b4d33bf3a59a2d2bbee3f4decd67
Author: liubao68 <bi...@qq.com>
AuthorDate: Thu Jan 25 17:31:38 2024 +0800

    [SCB-2853]cipher suits configuration tolerate with blanks (#4199)
---
 .../main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java    | 2 +-
 foundations/foundation-ssl/src/test/resources/client.ssl.properties    | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git 
a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
 
b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
index af7a4351e..4c476cc90 100644
--- 
a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
+++ 
b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
@@ -185,7 +185,7 @@ public final class SSLManager {
           (SSLSocket) factory.createSocket();
       socket.setEnabledProtocols(option.getProtocols().split(","));
       String[] supported = socket.getSupportedCipherSuites();
-      String[] enabled = option.getCiphers().split(",");
+      String[] enabled = option.getCiphers().split("\\s*,\\s*");
       socket.setEnabledCipherSuites(getEnabledCiphers(supported, enabled));
       return socket;
     } catch (UnknownHostException e) {
diff --git 
a/foundations/foundation-ssl/src/test/resources/client.ssl.properties 
b/foundations/foundation-ssl/src/test/resources/client.ssl.properties
index 4d25cd495..828e1de6b 100644
--- a/foundations/foundation-ssl/src/test/resources/client.ssl.properties
+++ b/foundations/foundation-ssl/src/test/resources/client.ssl.properties
@@ -17,7 +17,8 @@
 
 #########SSL options
 ssl.protocols=TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv2Hello
-ssl.ciphers=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA
+## test with extra blank
+ssl.ciphers=TLS_AES_128_GCM_SHA256, 
TLS_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA
 ssl.authPeer=true
 ssl.checkCN.host=false
 ssl.checkCN.white=true