SSLUtils.java

dkulp Mon, 03 Mar 2008 11:55:18 -0800

Author: dkulp
Date: Mon Mar  3 11:54:50 2008
New Revision: 633252

URL: http://svn.apache.org/viewvc?rev=633252&view=rev
Log:
Merged revisions 633244 via svnmerge from 
https://svn.apache.org/repos/asf/incubator/cxf/trunk


........
  r633244 | dkulp | 2008-03-03 14:23:19 -0500 (Mon, 03 Mar 2008) | 2 lines
  
  [CXF-1456] Allows a wider set of cypher suites to be used.  Also allow just a 
straight https URL to actually work to enable https instead of having to do all 
kinds of TLS settings.
........

Modified:
    incubator/cxf/branches/2.0.x-fixes/   (props changed)
    
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java
    
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java

Propchange: incubator/cxf/branches/2.0.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java?rev=633252&r1=633251&r2=633252&view=diff
==============================================================================
--- 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java
 (original)
+++ 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java
 Mon Mar  3 11:54:50 2008
@@ -20,6 +20,7 @@
 package org.apache.cxf.transport.http;
 
 import java.io.IOException;
+import java.net.MalformedURLException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashSet;
@@ -36,6 +37,7 @@
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.configuration.Configurer;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.service.Service;
 import org.apache.cxf.service.model.BindingInfo;
 import org.apache.cxf.service.model.EndpointInfo;
@@ -230,10 +232,25 @@
         HTTPConduit configuredConduit
     ) {
         HttpURLConnectionFactory fac = null;
+        boolean useHttps = false;
 
-        if (configuredConduit.getTlsClientParameters() != null) {
-            fac = new HttpsURLConnectionFactory(
-                             configuredConduit.getTlsClientParameters());
+        try {
+            String address = configuredConduit.getAddress();
+            if (address != null 
+                && 
address.startsWith(HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID + ":/")) {
+                useHttps = true;
+            }
+        } catch (MalformedURLException e) {
+            //ignore, just use info based on Tls
+        }
+        if (useHttps 
+            || configuredConduit.getTlsClientParameters() != null) {
+            
+            TLSClientParameters params = 
configuredConduit.getTlsClientParameters();
+            if (params == null) {
+                params = new TLSClientParameters(); //use defaults
+            }
+            fac = new HttpsURLConnectionFactory(params);
         } else {
             fac = new HttpURLConnectionFactoryImpl();
         }

Modified: 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java?rev=633252&r1=633251&r2=633252&view=diff
==============================================================================
--- 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
 (original)
+++ 
incubator/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
 Mon Mar  3 11:54:50 2008
@@ -74,11 +74,10 @@
      * By default, only include export-compatible ciphersuites.
      */
     private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_INCLUDE =
-        Arrays.asList(new String[] {".*_EXPORT_.*",
-                                    ".*_EXPORT1024_.*",
-                                    ".*_WITH_DES_.*",
-                                    ".*_WITH_NULL_.*"});
-
+        Arrays.asList(new String[] {".*"});
+    private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_EXCLUDE =
+        Arrays.asList(new String[] {".*_NULL_.*",
+                                    ".*_anon_.*"});
 
     private SSLUtils() {
     }    
@@ -371,7 +370,7 @@
             List<Pattern> excludes =
                 filters != null
                 ? compileRegexPatterns(filters.getExclude(), false, log)
-                : null;
+                : compileRegexPatterns(DEFAULT_CIPHERSUITE_FILTERS_EXCLUDE, 
true, log);
             for (int i = 0; i < supportedCipherSuites.length; i++) {
                 if (matchesOneOf(supportedCipherSuites[i], includes)
                     && !matchesOneOf(supportedCipherSuites[i], excludes)) {

svn commit: r633252 - in /incubator/cxf/branches/2.0.x-fixes: ./ rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPTransportFactory.java rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java

Reply via email to