diff --git a/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionManager.java b/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionManager.java index c3c03d703e5..df8f917188c 100644 --- a/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionManager.java +++ b/jetty-nosql/src/main/java/org/eclipse/jetty/nosql/mongodb/MongoSessionManager.java @@ -668,6 +668,7 @@ public class MongoSessionManager extends NoSqlSessionManager return getContextKey()+ "." + attr; } + /*------------------------------------------------------------ */ @ManagedOperation(value="purge invalid sessions in the session store based on normal criteria", impact="ACTION") public void purge() { @@ -675,18 +676,21 @@ public class MongoSessionManager extends NoSqlSessionManager } + /*------------------------------------------------------------ */ @ManagedOperation(value="full purge of invalid sessions in the session store", impact="ACTION") public void purgeFully() { ((MongoSessionIdManager)_sessionIdManager).purgeFully(); } + /*------------------------------------------------------------ */ @ManagedOperation(value="scavenge sessions known to this manager", impact="ACTION") public void scavenge() { ((MongoSessionIdManager)_sessionIdManager).scavenge(); } + /*------------------------------------------------------------ */ @ManagedOperation(value="scanvenge all sessions", impact="ACTION") public void scavengeFully() { @@ -726,6 +730,7 @@ public class MongoSessionManager extends NoSqlSessionManager return contextId; } + /*------------------------------------------------------------ */ /** * Dig through a given dbObject for the nested value */ @@ -749,6 +754,7 @@ public class MongoSessionManager extends NoSqlSessionManager } + /*------------------------------------------------------------ */ /** * ClassLoadingObjectInputStream * diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java index afa3da0ed87..fc15cfba39a 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java @@ -113,10 +113,11 @@ public class SslContextFactory extends AbstractLifeCycle private final Set _excludeProtocols = new LinkedHashSet<>(); /** Included protocols. */ - private Set _includeProtocols = null; + private final Set _includeProtocols = new LinkedHashSet<>(); /** Excluded cipher suites. */ private final Set _excludeCipherSuites = new LinkedHashSet<>(); + /** Included cipher suites. */ private final List _includeCipherSuites = new CopyOnWriteArrayList(); @@ -376,7 +377,8 @@ public class SslContextFactory extends AbstractLifeCycle public void setIncludeProtocols(String... protocols) { checkNotStarted(); - _includeProtocols = new LinkedHashSet<>(Arrays.asList(protocols)); + _includeProtocols.clear(); + _includeProtocols.addAll(Arrays.asList(protocols)); } /** @@ -1019,7 +1021,7 @@ public class SslContextFactory extends AbstractLifeCycle Set selected_protocols = new LinkedHashSet<>(); // Set the starting protocols - either from the included or enabled list - if (_includeProtocols!=null) + if (!_includeProtocols.isEmpty()) { // Use only the supported included protocols for (String protocol : _includeProtocols) @@ -1049,10 +1051,10 @@ public class SslContextFactory extends AbstractLifeCycle List selected_ciphers = new CopyOnWriteArrayList<>(); // TODO is this the most efficient? // Set the starting ciphers - either from the included or enabled list - if (_includeCipherSuites.size()>0) - processIncludeCipherSuites(supportedCipherSuites, selected_ciphers); - else + if (_includeCipherSuites.isEmpty()) selected_ciphers.addAll(Arrays.asList(enabledCipherSuites)); + else + processIncludeCipherSuites(supportedCipherSuites, selected_ciphers); removeExcludedCipherSuites(selected_ciphers); @@ -1060,7 +1062,7 @@ public class SslContextFactory extends AbstractLifeCycle return selected_ciphers.toArray(new String[selected_ciphers.size()]); } - private void processIncludeCipherSuites(String[] supportedCipherSuites, List selected_ciphers) + protected void processIncludeCipherSuites(String[] supportedCipherSuites, List selected_ciphers) { for (String cipherSuite : _includeCipherSuites) { @@ -1075,7 +1077,7 @@ public class SslContextFactory extends AbstractLifeCycle } } - private void removeExcludedCipherSuites(List selected_ciphers) + protected void removeExcludedCipherSuites(List selected_ciphers) { for (String excludeCipherSuite : _excludeCipherSuites) { diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java index 4d8f3868609..cc01d3b1861 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java @@ -21,6 +21,7 @@ package org.eclipse.jetty.util.ssl; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.greaterThan; import static org.hamcrest.Matchers.is; +import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertThat; import static org.junit.Assert.assertTrue; @@ -236,6 +237,15 @@ public class SslContextFactoryTest assertSelectedMatchesIncluded(includeProtocol, selectedProtocol); } + @Test + public void testProtocolAndCipherSettingsAreNPESafe() + { + assertNotNull(cf.getExcludeProtocols()); + assertNotNull(cf.getIncludeProtocols()); + assertNotNull(cf.getExcludeCipherSuites()); + assertNotNull(cf.getIncludeCipherSuites()); + } + private void assertSelectedMatchesIncluded(String[] includeStrings, String[] selectedStrings) { assertThat(includeStrings.length + " strings are selected", selectedStrings.length, is(includeStrings.length));