[camel] branch master updated: CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default

Fri, 29 Nov 2019 06:23:17 -0800 

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/master by this push:
     new 7231b30  CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
7231b30 is described below

commit 7231b30f208421756768b5a72f82304717e97c91
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Fri Nov 29 14:22:36 2019 +0000

    CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
---
 .../java/org/apache/camel/support/jsse/BaseSSLContextParameters.java  | 2 +-
 .../user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git 
a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
 
b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
index 31d5c3f..954e359 100644
--- 
a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
+++ 
b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
@@ -60,7 +60,7 @@ public abstract class BaseSSLContextParameters extends 
JsseParameters {
         Collections.unmodifiableList(Arrays.asList(".*"));
     
     protected static final List<String> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
-        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", 
".*_EXPORT_.*", ".*_DES_.*"));
+        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", 
".*_EXPORT_.*", ".*_DES_.*", ".*MD5", ".*RC4.*"));
     
     protected static final List<String> 
DEFAULT_SECURE_SOCKET_PROTOCOLS_FILTER_INCLUDE =
         Collections.unmodifiableList(Arrays.asList(".*"));
diff --git 
a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc 
b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
index 65f9753..7e81e13 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
@@ -114,8 +114,8 @@ as well as in the SSLEngine.  The patterns are applied over 
only the
 available cipher suites.  The exclude patterns have precedence over the
 include patterns.  If no cipherSuites and no cipherSuitesFilter are
 present, the default patterns applied are: +
-Includes .\*; Excludes .*_NULL_.*, .\*_anon_.*
-, .\*DES.* *Camel 2.15.4*, .\*EXPORT.* *Camel 2.15.4*.
+Includes .\*;
+Excludes .*_NULL_.*, .\*_anon_.*, .\*DES.*, .\*EXPORT.* *Camel 2.15.4*., 
.\*MD5, .\*RC4.* *Camel 3.0.1*
 secureSocketProtocols::
 This optional property represents a collection of explicitly named
 secure socket protocols, such as SSLv3/TLS/etc., to enable on both the

Reply via email to