Repository: camel Updated Branches: refs/heads/camel-2.13.x 2ec6455da -> f5ddae708 refs/heads/camel-2.14.x dcb7beb23 -> 550f5df6c
CAMEL-7940 Fixed the test error with JDK6 and do not set the enabledProtocols if specify the SslContextParameter Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/f5ddae70 Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/f5ddae70 Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/f5ddae70 Branch: refs/heads/camel-2.13.x Commit: f5ddae7087e707bc5e9bf0b3034742ed83daebe3 Parents: 2ec6455 Author: Willem Jiang <willem.ji...@gmail.com> Authored: Thu Nov 6 17:48:01 2014 +0800 Committer: Willem Jiang <willem.ji...@gmail.com> Committed: Thu Nov 6 17:48:01 2014 +0800 ---------------------------------------------------------------------- .../netty/http/HttpClientPipelineFactory.java | 5 ++++- .../netty/http/HttpServerPipelineFactory.java | 5 ++++- .../http/HttpServerSharedPipelineFactory.java | 5 ++++- .../netty/DefaultClientPipelineFactory.java | 5 ++++- .../netty/DefaultServerPipelineFactory.java | 6 +++-- .../NettyServerBootstrapConfiguration.java | 23 +++++++++++++++----- 6 files changed, 38 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java index ce95648..6303bf1 100644 --- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java +++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpClientPipelineFactory.java @@ -174,7 +174,10 @@ public class HttpClientPipelineFactory extends ClientPipelineFactory { } else if (sslContext != null) { SSLEngine engine = sslContext.createSSLEngine(); engine.setUseClientMode(true); - engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(",")); + if (producer.getConfiguration().getSslContextParameters() == null) { + // just set the enabledProtocols if the SslContextParameter doesn't set + engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(",")); + } return new SslHandler(engine); } http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java index b8305ea..611a9b4 100644 --- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java +++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerPipelineFactory.java @@ -186,7 +186,10 @@ public class HttpServerPipelineFactory extends ServerPipelineFactory { SSLEngine engine = sslContext.createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth()); - engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(",")); + if (consumer.getConfiguration().getSslContextParameters() == null) { + // just set the enabledProtocols if the SslContextParameter doesn't set + engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(",")); + } return new SslHandler(engine); } http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java index c920fd4..f9b4cd0 100644 --- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java +++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/HttpServerSharedPipelineFactory.java @@ -151,7 +151,10 @@ public class HttpServerSharedPipelineFactory extends HttpServerPipelineFactory { SSLEngine engine = sslContext.createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(configuration.isNeedClientAuth()); - engine.setEnabledProtocols(configuration.getEnabledProtocols().split(",")); + if (configuration.getSslContextParameters() == null) { + // just set the enabledProtocols if the SslContextParameter doesn't set + engine.setEnabledProtocols(configuration.getEnabledProtocols().split(",")); + } return new SslHandler(engine); } http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java index fe6dd9b..4b2173e 100644 --- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java +++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultClientPipelineFactory.java @@ -155,7 +155,10 @@ public class DefaultClientPipelineFactory extends ClientPipelineFactory { return producer.getConfiguration().getSslHandler(); } else if (sslContext != null) { SSLEngine engine = sslContext.createSSLEngine(); - engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(",")); + if (producer.getConfiguration().getSslContextParameters() == null) { + // just set the enabledProtocols if the SslContextParameter doesn't set + engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(",")); + } engine.setUseClientMode(true); return new SslHandler(engine); } http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java index 33f264a..6e6ec9f 100644 --- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java +++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/DefaultServerPipelineFactory.java @@ -174,8 +174,10 @@ public class DefaultServerPipelineFactory extends ServerPipelineFactory { SSLEngine engine = sslContext.createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(consumer.getConfiguration().isNeedClientAuth()); - engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(",")); - + if (consumer.getConfiguration().getSslContextParameters() == null) { + // just set the enabledProtocols if the SslContextParameter doesn't set + engine.setEnabledProtocols(consumer.getConfiguration().getEnabledProtocols().split(",")); + } return new SslHandler(engine); } http://git-wip-us.apache.org/repos/asf/camel/blob/f5ddae70/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java index ee18dcd..34dc28b 100644 --- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java +++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyServerBootstrapConfiguration.java @@ -17,6 +17,7 @@ package org.apache.camel.component.netty; import java.io.File; +import java.util.Locale; import java.util.Map; import org.apache.camel.util.jsse.SSLContextParameters; @@ -25,7 +26,7 @@ import org.jboss.netty.channel.socket.nio.WorkerPool; import org.jboss.netty.handler.ssl.SslHandler; public class NettyServerBootstrapConfiguration implements Cloneable { - + private static String defaultEnabledProtocols; protected String protocol; protected String host; protected int port; @@ -55,12 +56,24 @@ public class NettyServerBootstrapConfiguration implements Cloneable { protected String trustStoreResource; protected String keyStoreFormat; protected String securityProvider; - protected String enabledProtocols = "TLSv1,TLSv1.1,TLSv1.2"; + protected String enabledProtocols = defaultEnabledProtocols; protected String passphrase; protected BossPool bossPool; protected WorkerPool workerPool; protected String networkInterface; + // setup the default value of TLS + static { + // JDK6 doesn't support TLSv1.1,TLSv1.2 + String javaVersion = System.getProperty("java.version").toLowerCase(Locale.US); + if (javaVersion.startsWith("1.6")) { + defaultEnabledProtocols = "TLSv1"; + } else { + defaultEnabledProtocols = "TLSv1,TLSv1.1,TLSv1.2"; + } + } + + public String getAddress() { return host + ":" + port; } @@ -336,7 +349,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable { public void setEnabledProtocols(String enabledProtocols) { this.enabledProtocols = enabledProtocols; } - + /** * Checks if the other {@link NettyServerBootstrapConfiguration} is compatible * with this, as a Netty listener bound on port X shares the same common @@ -420,7 +433,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable { return isCompatible; } - + public String toStringBootstrapConfiguration() { return "NettyServerBootstrapConfiguration{" + "protocol='" + protocol + '\'' @@ -444,7 +457,7 @@ public class NettyServerBootstrapConfiguration implements Cloneable { + ", sslHandler=" + sslHandler + ", sslContextParameters='" + sslContextParameters + '\'' + ", needClientAuth=" + needClientAuth - + ", enabledProtocols='" + enabledProtocols + + ", enabledProtocols='" + enabledProtocols + ", keyStoreFile=" + keyStoreFile + ", trustStoreFile=" + trustStoreFile + ", keyStoreResource='" + keyStoreResource + '\''
