From 1948fe41a35d895589dfd14d85aee75078a8415b Mon Sep 17 00:00:00 2001
From: Timothy Bish <tabish121@gmail.com>
Date: Thu, 23 Oct 2014 15:03:35 -0400
Subject: [PATCH] https://issues.apache.org/jira/browse/AMQ-5407

Allow config of enabled protocols for nio+ssl and stomp+nio+ssl etc to
match the capability of the non-nio transports.
---
 .../activemq/transport/nio/NIOSSLTransport.java     | 13 +++++++++++++
 .../activemq/transport/nio/NIOSSLBasicTest.java     |  7 +++++++
 2 files changed, 20 insertions(+)

diff --git a/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java b/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
index 02789f39b9..33f529ee91 100644
--- a/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
+++ b/activemq-client/src/main/java/org/apache/activemq/transport/nio/NIOSSLTransport.java
@@ -50,6 +50,7 @@ public class NIOSSLTransport extends NIOTransport {
     protected boolean needClientAuth;
     protected boolean wantClientAuth;
     protected String[] enabledCipherSuites;
+    protected String[] enabledProtocols;
 
     protected SSLContext sslContext;
     protected SSLEngine sslEngine;
@@ -106,6 +107,10 @@ public class NIOSSLTransport extends NIOTransport {
                 sslEngine.setEnabledCipherSuites(enabledCipherSuites);
             }
 
+            if (enabledProtocols != null) {
+                sslEngine.setEnabledProtocols(enabledProtocols);
+            }
+
             if (wantClientAuth) {
                 sslEngine.setWantClientAuth(wantClientAuth);
             }
@@ -435,4 +440,12 @@ public class NIOSSLTransport extends NIOTransport {
     public void setEnabledCipherSuites(String[] enabledCipherSuites) {
         this.enabledCipherSuites = enabledCipherSuites;
     }
+
+    public String[] getEnabledProtocols() {
+        return enabledProtocols;
+    }
+
+    public void setEnabledProtocols(String[] enabledProtocols) {
+        this.enabledProtocols = enabledProtocols;
+    }
 }
diff --git a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java
index 78c130911a..885446df88 100644
--- a/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java
+++ b/activemq-unit-tests/src/test/java/org/apache/activemq/transport/nio/NIOSSLBasicTest.java
@@ -90,6 +90,13 @@ public class NIOSSLBasicTest {
         stopBroker(broker);
     }
 
+    @Test
+    public void enabledProtocols() throws Exception {
+        BrokerService broker = createBroker("nio+ssl", "nio+ssl://localhost:61616?transport.needClientAuth=true&transport.enabledProtocols=TLSv1,TLSv1.1,TLSv1.2");
+        basicSendReceive("ssl://localhost:" + broker.getConnectorByName("nio+ssl").getConnectUri().getPort());
+        stopBroker(broker);
+    }
+
     public void basicSendReceive(String uri) throws Exception {
         ActiveMQConnectionFactory factory = new ActiveMQConnectionFactory(uri);
         Connection connection = factory.createConnection();