Author: markt
Date: Mon Apr 4 21:07:01 2016
New Revision: 1737745
URL: http://svn.apache.org/viewvc?rev=1737745&view=rev
Log:
Use newly added JreCompat to handle setting of honorCipherOrder
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
---
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
(original)
+++
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AbstractJsseEndpoint.java
Mon Apr 4 21:07:01 2016
@@ -16,8 +16,6 @@
*/
package org.apache.tomcat.util.net;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedHashSet;
@@ -25,9 +23,9 @@ import java.util.List;
import java.util.Set;
import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSessionContext;
+import org.apache.tomcat.util.compat.JreCompat;
import org.apache.tomcat.util.net.SSLHostConfig.Type;
import org.apache.tomcat.util.net.openssl.OpenSSLImplementation;
import org.apache.tomcat.util.net.openssl.ciphers.Cipher;
@@ -147,23 +145,8 @@ public abstract class AbstractJsseEndpoi
engine.setEnabledCipherSuites(sslHostConfig.getEnabledCiphers());
engine.setEnabledProtocols(sslHostConfig.getEnabledProtocols());
- SSLParameters sslParameters = engine.getSSLParameters();
- if (sslHostConfig.getHonorCipherOrder()) {
- // SSLParameters#setUseCipherSuiteOrder is java 8 and upwards
- try {
- Method m = SSLParameters.class.getMethod(
- "setUseCipherSuitesOrder", Boolean.TYPE);
- m.invoke(sslParameters, Boolean.TRUE);
- } catch (NoSuchMethodException | SecurityException
- | IllegalAccessException | IllegalArgumentException
- | InvocationTargetException e) {
- throw new UnsupportedOperationException(
-
sm.getString("endpoint.jsse.cannotHonorServerCipherOrder"),
- e);
- }
- }
- // In case the getter returns a defensive copy
- engine.setSSLParameters(sslParameters);
+ JreCompat.getInstance().setUseServerCipherSuitesOrder(engine,
+ sslHostConfig.getHonorCipherOrder());
return engine;
}
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
---
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
(original)
+++
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/LocalStrings.properties
Mon Apr 4 21:07:01 2016
@@ -77,7 +77,6 @@ endpoint.apr.pollUnknownEvent=A socket w
endpoint.apr.tooManyCertFiles=More certificate files were configured than the
AprEndpoint can handle
endpoint.apr.remoteport=APR socket [{0}] opened with remote port [{1}]
endpoint.jsse.noSslContext=No SSLContext could be found for the host name [{0}]
-endpoint.jsse.cannotHonorServerCipherOrder=Java Runtime does not support
"useServerCipherSuitesOrder". You must use Java 8 or later to use this feature.
endpoint.nio.selectorCloseFail=Failed to close selector when closing the poller
endpoint.nio.timeoutCme=Exception during processing of timeouts. The code has
been checked repeatedly and no concurrent modification has been found. If you
are able to repeat this error please open a Tomcat bug and provide the steps to
reproduce.
endpoint.nio2.exclusiveExecutor=The NIO2 connector requires an exclusive
executor to operate properly on shutdown
Modified:
tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
URL:
http://svn.apache.org/viewvc/tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java?rev=1737745&r1=1737744&r2=1737745&view=diff
==============================================================================
--- tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java
(original)
+++ tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/SSLHostConfig.java Mon
Apr 4 21:07:01 2016
@@ -25,7 +25,6 @@ import java.util.Map;
import java.util.Set;
import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLParameters;
import javax.net.ssl.TrustManagerFactory;
import org.apache.juli.logging.Log;
@@ -359,11 +358,6 @@ public class SSLHostConfig {
public void setHonorCipherOrder(boolean honorCipherOrder) {
- try {
- SSLParameters.class.getMethod("setUseCipherSuitesOrder",
Boolean.TYPE);
- } catch (NoSuchMethodException | SecurityException e) {
- throw new
UnsupportedOperationException(sm.getString("endpoint.jsse.cannotHonorServerCipherOrder"),
e);
- }
this.honorCipherOrder = honorCipherOrder;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
