Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorslewis2019-05-01 22:12:02 -0400
committerslewis2019-05-01 22:12:02 -0400
commitcea01f8d7208697190accf1304fb71c1abd198af (patch)
treedf64093f2f7bdc9e02deab10a2763d775f119d8f /framework/bundles
parentc38db758af73cc4e29eec95d5767c19a364ce8de (diff)
downloadorg.eclipse.ecf-cea01f8d7208697190accf1304fb71c1abd198af.tar.gz
org.eclipse.ecf-cea01f8d7208697190accf1304fb71c1abd198af.tar.xz
org.eclipse.ecf-cea01f8d7208697190accf1304fb71c1abd198af.zip
Fix for https://bugs.eclipse.org/bugs/show_bug.cgi?id=546896
Diffstat (limited to 'framework/bundles')
-rw-r--r--framework/bundles/org.eclipse.ecf.ssl/META-INF/MANIFEST.MF2
-rw-r--r--framework/bundles/org.eclipse.ecf.ssl/pom.xml2
-rw-r--r--framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLServerSocketFactory.java39
-rw-r--r--framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLSocketFactory.java51
-rw-r--r--framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/SSLContextHelper.java48
5 files changed, 72 insertions, 70 deletions
diff --git a/framework/bundles/org.eclipse.ecf.ssl/META-INF/MANIFEST.MF b/framework/bundles/org.eclipse.ecf.ssl/META-INF/MANIFEST.MF
index bd035647c..71edeb5bf 100644
--- a/framework/bundles/org.eclipse.ecf.ssl/META-INF/MANIFEST.MF
+++ b/framework/bundles/org.eclipse.ecf.ssl/META-INF/MANIFEST.MF
@@ -3,7 +3,7 @@ Bundle-ManifestVersion: 2
Bundle-Name: %plugin.name
Bundle-SymbolicName: org.eclipse.ecf.ssl
Automatic-Module-Name: org.eclipse.ecf.ssl
-Bundle-Version: 1.2.100.qualifier
+Bundle-Version: 1.2.200.qualifier
Fragment-Host: org.eclipse.ecf
Bundle-RequiredExecutionEnvironment: J2SE-1.5
Import-Package: javax.net,
diff --git a/framework/bundles/org.eclipse.ecf.ssl/pom.xml b/framework/bundles/org.eclipse.ecf.ssl/pom.xml
index 521c218d4..2d3553907 100644
--- a/framework/bundles/org.eclipse.ecf.ssl/pom.xml
+++ b/framework/bundles/org.eclipse.ecf.ssl/pom.xml
@@ -10,6 +10,6 @@
</parent>
<groupId>org.eclipse.ecf</groupId>
<artifactId>org.eclipse.ecf.ssl</artifactId>
- <version>1.2.100-SNAPSHOT</version>
+ <version>1.2.200-SNAPSHOT</version>
<packaging>eclipse-plugin</packaging>
</project>
diff --git a/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLServerSocketFactory.java b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLServerSocketFactory.java
index be7686cb2..5b16165d2 100644
--- a/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLServerSocketFactory.java
+++ b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLServerSocketFactory.java
@@ -13,20 +13,18 @@ package org.eclipse.ecf.internal.ssl;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
-import java.security.SecureRandom;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLServerSocketFactory;
public class ECFSSLServerSocketFactory extends SSLServerSocketFactory {
public static final String DEFAULT_SSL_PROTOCOL = "https.protocols"; //$NON-NLS-1$
- private String defaultProtocolNames = System
- .getProperty(DEFAULT_SSL_PROTOCOL);
+ private String defaultProtocolNames = System.getProperty(DEFAULT_SSL_PROTOCOL);
private SSLContext sslContext = null;
- private SSLServerSocketFactory getSSLServerSocketFactory()
- throws IOException {
+ private SSLServerSocketFactory getSSLServerSocketFactory() throws IOException {
if (null == sslContext) {
try {
sslContext = getSSLContext(defaultProtocolNames);
@@ -36,29 +34,12 @@ public class ECFSSLServerSocketFactory extends SSLServerSocketFactory {
throw ioe;
}
}
- return (sslContext == null) ? (SSLServerSocketFactory) SSLServerSocketFactory
- .getDefault() : sslContext.getServerSocketFactory();
+ return (sslContext == null) ? (SSLServerSocketFactory) SSLServerSocketFactory.getDefault()
+ : sslContext.getServerSocketFactory();
}
public SSLContext getSSLContext(String protocols) {
- SSLContext rtvContext = null;
-
- if (protocols != null) {
- String protocolNames[] = protocols.split(","); //$NON-NLS-1$
- for (int i = 0; i < protocolNames.length; i++) {
- try {
- rtvContext = SSLContext.getInstance(protocolNames[i]);
- rtvContext.init(null,
- new TrustManager[] { new ECFTrustManager() },
- new SecureRandom());
- break;
- } catch (Exception e) {
- // just continue to look for SSLContexts with the next
- // protocolName
- }
- }
- }
- return rtvContext;
+ return SSLContextHelper.getSSLContext(protocols);
}
public String[] getDefaultCipherSuites() {
@@ -81,13 +62,11 @@ public class ECFSSLServerSocketFactory extends SSLServerSocketFactory {
return getSSLServerSocketFactory().createServerSocket(arg0);
}
- public ServerSocket createServerSocket(int arg0, int arg1)
- throws IOException {
+ public ServerSocket createServerSocket(int arg0, int arg1) throws IOException {
return getSSLServerSocketFactory().createServerSocket(arg0, arg1);
}
- public ServerSocket createServerSocket(int arg0, int arg1, InetAddress arg2)
- throws IOException {
+ public ServerSocket createServerSocket(int arg0, int arg1, InetAddress arg2) throws IOException {
return getSSLServerSocketFactory().createServerSocket(arg0, arg1, arg2);
}
diff --git a/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLSocketFactory.java b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLSocketFactory.java
index 1dfdcccbe..110694939 100644
--- a/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLSocketFactory.java
+++ b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/ECFSSLSocketFactory.java
@@ -12,8 +12,8 @@ package org.eclipse.ecf.internal.ssl;
import java.io.IOException;
import java.net.*;
-import java.security.SecureRandom;
-import javax.net.ssl.*;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
public class ECFSSLSocketFactory extends SSLSocketFactory {
@@ -21,8 +21,7 @@ public class ECFSSLSocketFactory extends SSLSocketFactory {
private SSLContext sslContext = null;
- private String defaultProtocolNames = System
- .getProperty(DEFAULT_SSL_PROTOCOL);
+ private String defaultProtocolNames = System.getProperty(DEFAULT_SSL_PROTOCOL);
private SSLSocketFactory getSSLSocketFactory() throws IOException {
if (null == sslContext) {
@@ -34,39 +33,19 @@ public class ECFSSLSocketFactory extends SSLSocketFactory {
throw ioe;
}
}
- return (sslContext == null) ? (SSLSocketFactory) SSLSocketFactory
- .getDefault() : sslContext.getSocketFactory();
+ return (sslContext == null) ? (SSLSocketFactory) SSLSocketFactory.getDefault() : sslContext.getSocketFactory();
}
public SSLContext getSSLContext(String protocols) {
- SSLContext rtvContext = null;
-
- if (protocols != null) {
- String protocolNames[] = protocols.split(","); //$NON-NLS-1$
- for (int i = 0; i < protocolNames.length; i++) {
- try {
- rtvContext = SSLContext.getInstance(protocolNames[i]);
- rtvContext.init(null,
- new TrustManager[] { new ECFTrustManager() },
- new SecureRandom());
- break;
- } catch (Exception e) {
- // just continue to look for SSLContexts with the next
- // protocolName
- }
- }
- }
- return rtvContext;
+ return SSLContextHelper.getSSLContext(protocols);
}
public Socket createSocket() throws IOException {
return getSSLSocketFactory().createSocket();
}
- public Socket createSocket(Socket socket, String host, int port,
- boolean autoClose) throws IOException {
- return getSSLSocketFactory()
- .createSocket(socket, host, port, autoClose);
+ public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
+ return getSSLSocketFactory().createSocket(socket, host, port, autoClose);
}
public String[] getDefaultCipherSuites() {
@@ -85,25 +64,21 @@ public class ECFSSLSocketFactory extends SSLSocketFactory {
}
}
- public Socket createSocket(String host, int port) throws IOException,
- UnknownHostException {
+ public Socket createSocket(String host, int port) throws IOException, UnknownHostException {
return getSSLSocketFactory().createSocket(host, port);
}
- public Socket createSocket(InetAddress address, int port)
- throws IOException {
+ public Socket createSocket(InetAddress address, int port) throws IOException {
return getSSLSocketFactory().createSocket(address, port);
}
- public Socket createSocket(InetAddress address, int port, InetAddress arg2,
- int arg3) throws IOException {
+ public Socket createSocket(InetAddress address, int port, InetAddress arg2, int arg3) throws IOException {
return getSSLSocketFactory().createSocket(address, port);
}
- public Socket createSocket(String host, int port, InetAddress address,
- int localPort) throws IOException, UnknownHostException {
- return getSSLSocketFactory().createSocket(host, port, address,
- localPort);
+ public Socket createSocket(String host, int port, InetAddress address, int localPort)
+ throws IOException, UnknownHostException {
+ return getSSLSocketFactory().createSocket(host, port, address, localPort);
}
}
diff --git a/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/SSLContextHelper.java b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/SSLContextHelper.java
new file mode 100644
index 000000000..54ac5b434
--- /dev/null
+++ b/framework/bundles/org.eclipse.ecf.ssl/src/org/eclipse/ecf/internal/ssl/SSLContextHelper.java
@@ -0,0 +1,48 @@
+/*******************************************************************************
+ * Copyright (c) Composent, Inc. All rights reserved. This
+ * program and the accompanying materials are made available under the terms of
+ * the Eclipse Public License v1.0 which accompanies this distribution, and is
+ * available at http://www.eclipse.org/legal/epl-v10.html
+ *
+ ******************************************************************************/
+package org.eclipse.ecf.internal.ssl;
+
+import java.security.SecureRandom;
+import java.util.*;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+
+public class SSLContextHelper {
+
+ private static final String[] jreProtocols = new String[] { "TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3" };
+
+ public static SSLContext getSSLContext(String protocols) {
+ SSLContext resultContext = null;
+ if (protocols != null) {
+
+ String[] httpsProtocols = protocols.split(",");
+ // trim to make sure
+ for (int i = 0; i < httpsProtocols.length; i++)
+ httpsProtocols[i] = httpsProtocols[i].trim();
+ // Now put into defaultProtocolsList in order of jreProtocols
+ List<String> splitProtocolsList = Arrays.asList(httpsProtocols);
+ List<String> defaultProtocolsList = new ArrayList();
+ for (int i = 0; i < jreProtocols.length; i++)
+ if (splitProtocolsList.contains(jreProtocols[i]))
+ defaultProtocolsList.add(jreProtocols[i]);
+ // In order of jre protocols, attempt to create and init SSLContext
+ for (String protocol : defaultProtocolsList) {
+ try {
+ resultContext = SSLContext.getInstance(protocol);
+ resultContext.init(null, new TrustManager[] { new ECFTrustManager() }, new SecureRandom());
+ break;
+ } catch (Exception e) {
+ // just continue to look for SSLContexts with the next
+ // protocolName
+ }
+
+ }
+ }
+ return resultContext;
+ }
+}

Back to the top