svn commit: r1737745 - in /tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net: AbstractJsseEndpoint.java LocalStrings.properties SSLHostConfig.java

Mon, 04 Apr 2016 14:07:50 -0700 

Author: markt
Date: Mon Apr  4 21:07:01 2016
New Revision: 1737745

URL: http://svn.apache.org/viewvc?rev=1737745&view=rev
Log:
Use newly added JreCompat to handle setting of honorCipherOrder

Modified:
    
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
    tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
    tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
--- 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java 
(original)
+++ 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java 
Mon Apr  4 21:07:01 2016
@@ -16,8 +16,6 @@
  */
 package org.apache.tomcat.util.net;
 
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.LinkedHashSet;
@@ -25,9 +23,9 @@ import java.util.List;
 import java.util.Set;
 
 import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLParameters;
 import javax.net.ssl.SSLSessionContext;
 
+import org.apache.tomcat.util.compat.JreCompat;
 import org.apache.tomcat.util.net.SSLHostConfig.Type;
 import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
 import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
@@ -147,23 +145,8 @@ public abstract class AbstractJsseEndpoi
         engine.setEnabledCipherSuites(sslHostConfig.getEnabledCiphers());
         engine.setEnabledProtocols(sslHostConfig.getEnabledProtocols());
 
-        SSLParameters sslParameters = engine.getSSLParameters();
-        if (sslHostConfig.getHonorCipherOrder()) {
-            // SSLParameters#setUseCipherSuiteOrder is java 8 and upwards
-            try {
-                Method m = SSLParameters.class.getMethod(
-                        "setUseCipherSuitesOrder", Boolean.TYPE);
-                m.invoke(sslParameters, Boolean.TRUE);
-            } catch (NoSuchMethodException | SecurityException
-                    | IllegalAccessException | IllegalArgumentException
-                    | InvocationTargetException e) {
-                throw new UnsupportedOperationException(
-                        
sm.getString("endpoint.jsse.cannotHonorServerCipherOrder"),
-                        e);
-            }
-        }
-        // In case the getter returns a defensive copy
-        engine.setSSLParameters(sslParameters);
+        JreCompat.getInstance().setUseServerCipherSuitesOrder(engine,
+                sslHostConfig.getHonorCipherOrder());
 
         return engine;
     }

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
--- 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties 
(original)
+++ 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties 
Mon Apr  4 21:07:01 2016
@@ -77,7 +77,6 @@ endpoint.apr.pollUnknownEvent=A socket w
 endpoint.apr.tooManyCertFiles=More certificate files were configured than the 
AprEndpoint can handle
 endpoint.apr.remoteport=APR socket [{0}] opened with remote port [{1}]
 endpoint.jsse.noSslContext=No SSLContext could be found for the host name [{0}]
-endpoint.jsse.cannotHonorServerCipherOrder=Java Runtime does not support 
"useServerCipherSuitesOrder". You must use Java 8 or later to use this feature.
 endpoint.nio.selectorCloseFail=Failed to close selector when closing the poller
 endpoint.nio.timeoutCme=Exception during processing of timeouts. The code has 
been checked repeatedly and no concurrent modification has been found. If you 
are able to repeat this error please open a Tomcat bug and provide the steps to 
reproduce.
 endpoint.nio2.exclusiveExecutor=The NIO2 connector requires an exclusive 
executor to operate properly on shutdown

Modified: 
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
URL: 
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java 
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Mon 
Apr  4 21:07:01 2016
@@ -25,7 +25,6 @@ import java.util.Map;
 import java.util.Set;
 
 import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLParameters;
 import javax.net.ssl.TrustManagerFactory;
 
 import org.apache.juli.logging.Log;
@@ -359,11 +358,6 @@ public class SSLHostConfig {
 
 
     public void setHonorCipherOrder(boolean honorCipherOrder) {
-        try {
-            SSLParameters.class.getMethod("setUseCipherSuitesOrder", 
Boolean.TYPE);
-        } catch (NoSuchMethodException | SecurityException e) {
-            throw new 
UnsupportedOperationException(sm.getString("endpoint.jsse.cannotHonorServerCipherOrder"),
 e);
-        }
         this.honorCipherOrder = honorCipherOrder;
     }
 



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to