Lines 530-536
Link Here
|
530 |
|
530 |
|
531 |
// ----------------------------------------------- Public Lifecycle Methods |
531 |
// ----------------------------------------------- Public Lifecycle Methods |
532 |
|
532 |
|
|
|
533 |
private boolean isTLS11Supported() { |
534 |
return SSL.hasOp(SSL.SSL_OP_NO_TLSv1_1); |
535 |
} |
533 |
|
536 |
|
|
|
537 |
private boolean isTLS12Supported() { |
538 |
return SSL.hasOp(SSL.SSL_OP_NO_TLSv1_2); |
539 |
} |
540 |
|
541 |
private int getSSLProtocolAll() { |
542 |
int value = SSL.SSL_PROTOCOL_ALL; |
543 |
if (!isTLS11Supported()) { |
544 |
value &= ~SSL.SSL_PROTOCOL_TLSV1_1; |
545 |
} |
546 |
if (!isTLS12Supported()) { |
547 |
value &= ~SSL.SSL_PROTOCOL_TLSV1_2; |
548 |
} |
549 |
return value; |
550 |
} |
551 |
|
534 |
/** |
552 |
/** |
535 |
* Initialize the endpoint. |
553 |
* Initialize the endpoint. |
536 |
*/ |
554 |
*/ |
Lines 622-636
Link Here
|
622 |
if (SSLEnabled) { |
640 |
if (SSLEnabled) { |
623 |
|
641 |
|
624 |
// SSL protocol |
642 |
// SSL protocol |
625 |
int value = SSL.SSL_PROTOCOL_ALL; |
643 |
int value = SSL.SSL_PROTOCOL_NONE; |
626 |
if ("SSLv2".equalsIgnoreCase(SSLProtocol)) { |
644 |
if (SSLProtocol == null || SSLProtocol.length() == 0) { |
627 |
value = SSL.SSL_PROTOCOL_SSLV2; |
645 |
value = getSSLProtocolAll(); |
628 |
} else if ("SSLv3".equalsIgnoreCase(SSLProtocol)) { |
646 |
} else { |
629 |
value = SSL.SSL_PROTOCOL_SSLV3; |
647 |
for (String protocol : SSLProtocol.split("\\+")) { |
630 |
} else if ("TLSv1".equalsIgnoreCase(SSLProtocol)) { |
648 |
if ("ALL".equalsIgnoreCase(protocol)) { |
631 |
value = SSL.SSL_PROTOCOL_TLSV1; |
649 |
value = getSSLProtocolAll(); |
632 |
} else if ("SSLv2+SSLv3".equalsIgnoreCase(SSLProtocol)) { |
650 |
} else if ("SSLv2".equalsIgnoreCase(protocol)) { |
633 |
value = SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3; |
651 |
value |= SSL.SSL_PROTOCOL_SSLV2; |
|
|
652 |
} else if ("SSLv3".equalsIgnoreCase(protocol)) { |
653 |
value |= SSL.SSL_PROTOCOL_SSLV3; |
654 |
} else if ("TLSv1".equalsIgnoreCase(protocol)) { |
655 |
value |= SSL.SSL_PROTOCOL_TLSV1; |
656 |
} else if ("TLSv1.1".equalsIgnoreCase(protocol)) { |
657 |
value |= SSL.SSL_PROTOCOL_TLSV1_1; |
658 |
} else if ("TLSv1.2".equalsIgnoreCase(protocol)) { |
659 |
value |= SSL.SSL_PROTOCOL_TLSV1_2; |
660 |
} |
661 |
} |
634 |
} |
662 |
} |
635 |
// Create SSL Context |
663 |
// Create SSL Context |
636 |
sslContext = SSLContext.make(rootPool, value, (reverseConnection) ? SSL.SSL_MODE_CLIENT : SSL.SSL_MODE_SERVER); |
664 |
sslContext = SSLContext.make(rootPool, value, (reverseConnection) ? SSL.SSL_MODE_CLIENT : SSL.SSL_MODE_SERVER); |