CAMEL-9020: Splunk component should use TLS instead of SSLv3
Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/0c09bd45 Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/0c09bd45 Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/0c09bd45 Branch: refs/heads/master Commit: 0c09bd45f288b9e03e7f063cb40220aee208c9a0 Parents: 62e33dd Author: Preben Asmussen <preben.asmus...@gmail.com> Authored: Mon Jul 27 19:49:20 2015 +0200 Committer: Claus Ibsen <davscl...@apache.org> Committed: Fri Jul 31 09:44:15 2015 +0200 ---------------------------------------------------------------------- .../component/splunk/SplunkConfiguration.java | 17 +++++++++++++++++ .../component/splunk/SplunkConnectionFactory.java | 11 +++++++++++ .../splunk/SplunkComponentConfigurationTest.java | 5 ++++- parent/pom.xml | 2 +- 4 files changed, 33 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/0c09bd45/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConfiguration.java b/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConfiguration.java index 087bf33..9939a3e 100644 --- a/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConfiguration.java +++ b/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConfiguration.java @@ -16,6 +16,7 @@ */ package org.apache.camel.component.splunk; +import com.splunk.SSLSecurityProtocol; import com.splunk.Service; import org.apache.camel.spi.Metadata; @@ -37,6 +38,8 @@ public class SplunkConfiguration { private String host = Service.DEFAULT_HOST; @UriParam(defaultValue = "8089") private int port = Service.DEFAULT_PORT; + @UriParam(enums = "TLSv1.2,TLSv1.1,TLSv1,SSLv3", defaultValue = "TLSv1.2") + private SSLSecurityProtocol sslProtocol = SSLSecurityProtocol.TLSv1_2; @UriParam private String app; @UriParam @@ -216,6 +219,19 @@ public class SplunkConfiguration { this.port = port; } + public SSLSecurityProtocol getSslProtocol() { + return sslProtocol; + } + + /** + * Set the ssl protocol to use + * + * @param sslProtocol + */ + public void setSslProtocol(SSLSecurityProtocol sslProtocol) { + this.sslProtocol = sslProtocol; + } + public String getScheme() { return scheme; } @@ -340,6 +356,7 @@ public class SplunkConfiguration { splunkConnectionFactory.setConnectionTimeout(getConnectionTimeout()); splunkConnectionFactory.setScheme(getScheme()); splunkConnectionFactory.setUseSunHttpsHandler(isUseSunHttpsHandler()); + splunkConnectionFactory.setSslProtocol(getSslProtocol()); return splunkConnectionFactory; } } http://git-wip-us.apache.org/repos/asf/camel/blob/0c09bd45/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConnectionFactory.java ---------------------------------------------------------------------- diff --git a/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConnectionFactory.java b/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConnectionFactory.java index 377d022..46fba1b 100644 --- a/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConnectionFactory.java +++ b/components/camel-splunk/src/main/java/org/apache/camel/component/splunk/SplunkConnectionFactory.java @@ -22,6 +22,7 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Future; import java.util.concurrent.TimeUnit; +import com.splunk.SSLSecurityProtocol; import com.splunk.Service; import com.splunk.ServiceArgs; @@ -41,6 +42,7 @@ public class SplunkConnectionFactory { private String password; private int connectionTimeout; private boolean useSunHttpsHandler; + private SSLSecurityProtocol sslProtocol; public SplunkConnectionFactory(final String host, final int port, final String username, final String password) { this.host = host; @@ -85,6 +87,14 @@ public class SplunkConnectionFactory { this.useSunHttpsHandler = useSunHttpsHandler; } + public SSLSecurityProtocol getSslProtocol() { + return sslProtocol; + } + + public void setSslProtocol(SSLSecurityProtocol sslProtocol) { + this.sslProtocol = sslProtocol; + } + public synchronized Service createService(CamelContext camelContext) { final ServiceArgs args = new ServiceArgs(); if (host != null) { @@ -123,6 +133,7 @@ public class SplunkConnectionFactory { Future<Service> future = executor.submit(new Callable<Service>() { public Service call() throws Exception { + Service.setSslSecurityProtocol(getSslProtocol()); return Service.connect(args); } }); http://git-wip-us.apache.org/repos/asf/camel/blob/0c09bd45/components/camel-splunk/src/test/java/org/apache/camel/component/splunk/SplunkComponentConfigurationTest.java ---------------------------------------------------------------------- diff --git a/components/camel-splunk/src/test/java/org/apache/camel/component/splunk/SplunkComponentConfigurationTest.java b/components/camel-splunk/src/test/java/org/apache/camel/component/splunk/SplunkComponentConfigurationTest.java index e36c197..c933c4c 100644 --- a/components/camel-splunk/src/test/java/org/apache/camel/component/splunk/SplunkComponentConfigurationTest.java +++ b/components/camel-splunk/src/test/java/org/apache/camel/component/splunk/SplunkComponentConfigurationTest.java @@ -16,6 +16,7 @@ */ package org.apache.camel.component.splunk; +import com.splunk.SSLSecurityProtocol; import com.splunk.Service; import org.apache.camel.test.junit4.CamelTestSupport; @@ -36,6 +37,7 @@ public class SplunkComponentConfigurationTest extends CamelTestSupport { assertEquals(5000, endpoint.getConfiguration().getConnectionTimeout()); assertFalse(endpoint.getConfiguration().isUseSunHttpsHandler()); assertFalse(endpoint.getConfiguration().isRaw()); + assertEquals(SSLSecurityProtocol.TLSv1_2, endpoint.getConfiguration().getSslProtocol()); } @Test(expected = IllegalArgumentException.class) @@ -50,7 +52,7 @@ public class SplunkComponentConfigurationTest extends CamelTestSupport { SplunkEndpoint endpoint = (SplunkEndpoint)component .createEndpoint("splunk://tcp?username=test&password=pw&host=myhost&port=3333&" + "tcpReceiverPort=4444&index=myindex&sourceType=testSource&" - + "source=test&owner=me&app=fantasticapp&useSunHttpsHandler=true&raw=true"); + + "source=test&owner=me&app=fantasticapp&useSunHttpsHandler=true&raw=true&sslProtocol=SSLv3"); assertEquals("myhost", endpoint.getConfiguration().getHost()); assertEquals(3333, endpoint.getConfiguration().getPort()); assertEquals("test", endpoint.getConfiguration().getUsername()); @@ -63,6 +65,7 @@ public class SplunkComponentConfigurationTest extends CamelTestSupport { assertEquals("fantasticapp", endpoint.getConfiguration().getApp()); assertTrue(endpoint.getConfiguration().isUseSunHttpsHandler()); assertTrue(endpoint.getConfiguration().isRaw()); + assertEquals(SSLSecurityProtocol.SSLv3, endpoint.getConfiguration().getSslProtocol()); } @Test http://git-wip-us.apache.org/repos/asf/camel/blob/0c09bd45/parent/pom.xml ---------------------------------------------------------------------- diff --git a/parent/pom.xml b/parent/pom.xml index 126850a..7aff990 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -443,7 +443,7 @@ <solr-version-range>[4.10,5)</solr-version-range> <spark-rest-version>2.0.0</spark-rest-version> <spark-rest-bundle-version>2.0.0_1</spark-rest-bundle-version> - <splunk-version>1.3.2.0_1</splunk-version> + <splunk-version>1.4.0.0_1</splunk-version> <spring-batch-version>3.0.3.RELEASE</spring-batch-version> <spring-batch-bundle-version>3.0.3.RELEASE_1</spring-batch-bundle-version> <spring-boot-version>1.2.5.RELEASE</spring-boot-version>
