Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

473294 - Fixed include cipher suites support for wildcards

This commit is contained in:
Greg Wilkins 2015-07-23 09:36:19 +10:00
parent 830b126e43
commit 085ec933c5
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
View File

@ -1247,19 +1247,22 @@ public class SslContextFactory extends AbstractLifeCycle
protected void processIncludeCipherSuites(String[] supportedCipherSuites, List<String> selected_ciphers) protected void processIncludeCipherSuites(String[] supportedCipherSuites, List<String> selected_ciphers)
{ {
ciphers: for (String cipherSuite : _includeCipherSuites) for (String cipherSuite : _includeCipherSuites)
{ {
Pattern p = Pattern.compile(cipherSuite); Pattern p = Pattern.compile(cipherSuite);
boolean added=false;
for (String supportedCipherSuite : supportedCipherSuites) for (String supportedCipherSuite : supportedCipherSuites)
{ {
Matcher m = p.matcher(supportedCipherSuite); Matcher m = p.matcher(supportedCipherSuite);
if (m.matches()) if (m.matches())
{ {
added=true;
selected_ciphers.add(supportedCipherSuite); selected_ciphers.add(supportedCipherSuite);
continue ciphers;
} }
} }
LOG.info("Cipher {} not supported",cipherSuite); if (!added)
LOG.info("No Cipher matching '{}' is supported",cipherSuite);
} }
} }

8
jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java
View File

@ -28,6 +28,7 @@ import static org.junit.Assert.assertTrue;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.security.KeyStore; import java.security.KeyStore;
import java.util.Arrays;
import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLEngine;
@ -204,13 +205,14 @@ public class SslContextFactoryTest
@Test @Test
public void testSetIncludeCipherSuitesRegex() throws Exception public void testSetIncludeCipherSuitesRegex() throws Exception
{ {
cf.setIncludeCipherSuites(".*RC4.*"); Log.getLogger(SslContextFactory.class).setDebugEnabled(true);
cf.setIncludeCipherSuites(".*ECDHE.*",".*WIBBLE.*");
cf.start(); cf.start();
SSLEngine sslEngine = cf.newSSLEngine(); SSLEngine sslEngine = cf.newSSLEngine();
String[] enabledCipherSuites = sslEngine.getEnabledCipherSuites(); String[] enabledCipherSuites = sslEngine.getEnabledCipherSuites();
assertThat("At least 1 cipherSuite is enabled", enabledCipherSuites.length, greaterThan(0)); assertThat("At least 1 cipherSuite is enabled", enabledCipherSuites.length, greaterThan(1));
for (String enabledCipherSuite : enabledCipherSuites) for (String enabledCipherSuite : enabledCipherSuites)
assertThat("CipherSuite contains RC4", enabledCipherSuite.contains("RC4"), is(true)); assertThat("CipherSuite contains ECDHE", enabledCipherSuite.contains("ECDHE"), is(true));
} }
@Test @Test