(servicecomb-java-chassis) branch 2.8.x updated: [SCB-2853]cipher suits configuration tolerate with blanks (#4199) (#4200)

[liubao]

This is an automated email from the ASF dual-hosted git repository.

liubao pushed a commit to branch 2.8.x
in repository https://gitbox.apache.org/repos/asf/servicecomb-java-chassis.git


The following commit(s) were added to refs/heads/2.8.x by this push:
     new e3e4946dd [SCB-2853]cipher suits configuration tolerate with blanks 
(#4199) (#4200)
e3e4946dd is described below

commit e3e4946ddcf376a7e63863aa4e704f10fd025a80
Author: liubao68 <bi...@qq.com>
AuthorDate: Fri Jan 26 09:40:25 2024 +0800

    [SCB-2853]cipher suits configuration tolerate with blanks (#4199) (#4200)
---
 .../main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java    | 2 +-
 foundations/foundation-ssl/src/test/resources/client.ssl.properties    | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git 
a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
 
b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
index aeb54ffab..a0dbafbe0 100644
--- 
a/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
+++ 
b/foundations/foundation-ssl/src/main/java/org/apache/servicecomb/foundation/ssl/SSLManager.java
@@ -184,7 +184,7 @@ public final class SSLManager {
           (SSLSocket) factory.createSocket();
       socket.setEnabledProtocols(option.getProtocols().split(","));
       String[] supported = socket.getSupportedCipherSuites();
-      String[] enabled = option.getCiphers().split(",");
+      String[] enabled = option.getCiphers().split("\\s*,\\s*");
       socket.setEnabledCipherSuites(getEnabledCiphers(supported, enabled));
       return socket;
     } catch (UnknownHostException e) {
diff --git 
a/foundations/foundation-ssl/src/test/resources/client.ssl.properties 
b/foundations/foundation-ssl/src/test/resources/client.ssl.properties
index 4d25cd495..828e1de6b 100644
--- a/foundations/foundation-ssl/src/test/resources/client.ssl.properties
+++ b/foundations/foundation-ssl/src/test/resources/client.ssl.properties
@@ -17,7 +17,8 @@
 
 #########SSL options
 ssl.protocols=TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv2Hello
-ssl.ciphers=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA
+## test with extra blank
+ssl.ciphers=TLS_AES_128_GCM_SHA256, 
TLS_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA
 ssl.authPeer=true
 ssl.checkCN.host=false
 ssl.checkCN.white=true