Merge remote-tracking branch 'origin/jetty-9.3.x' into jetty-9.4.x

jetty-server/src/main/java/org/eclipse/jetty/server/NegotiatingServerConnectionFactory.java

@@ -98,9 +98,11 @@ public abstract class NegotiatingServerConnectionFactory extends AbstractConnect
         {
             // Generate list of protocols that we can negotiate
             negotiated = connector.getProtocols().stream()
-            .map(p->connector.getConnectionFactory(p))
+            .filter(p->
-            .filter(f->!(f instanceof SslConnectionFactory)&&!(f instanceof NegotiatingServerConnectionFactory))
+            {
-            .map(p->p.getProtocol())
+                ConnectionFactory f=connector.getConnectionFactory(p);
+                return !(f instanceof SslConnectionFactory)&&!(f instanceof NegotiatingServerConnectionFactory);
+            })
             .collect(Collectors.toList());            
         }
 

jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java

@@ -249,10 +249,7 @@ public class SslContextFactory extends AbstractLifeCycle
     {
         setTrustAll(trustAll);
         addExcludeProtocols("SSL", "SSLv2", "SSLv2Hello", "SSLv3");
-        setExcludeCipherSuites(
+        setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$");
-                "^.*_RSA_.*_(MD5|SHA|SHA1)$",
-                "SSL_DHE_DSS_WITH_DES_CBC_SHA",
-                "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
     }
 
     /**