|
Lines 530-536
Link Here
|
| 530 |
|
530 |
|
| 531 |
// ----------------------------------------------- Public Lifecycle Methods |
531 |
// ----------------------------------------------- Public Lifecycle Methods |
| 532 |
|
532 |
|
|
|
533 |
private boolean isTLS11Supported() { |
| 534 |
return SSL.hasOp(SSL.SSL_OP_NO_TLSv1_1); |
| 535 |
} |
| 533 |
|
536 |
|
|
|
537 |
private boolean isTLS12Supported() { |
| 538 |
return SSL.hasOp(SSL.SSL_OP_NO_TLSv1_2); |
| 539 |
} |
| 540 |
|
| 541 |
private int getSSLProtocolAll() { |
| 542 |
int value = SSL.SSL_PROTOCOL_ALL; |
| 543 |
if (!isTLS11Supported()) { |
| 544 |
value &= ~SSL.SSL_PROTOCOL_TLSV1_1; |
| 545 |
} |
| 546 |
if (!isTLS12Supported()) { |
| 547 |
value &= ~SSL.SSL_PROTOCOL_TLSV1_2; |
| 548 |
} |
| 549 |
return value; |
| 550 |
} |
| 551 |
|
| 534 |
/** |
552 |
/** |
| 535 |
* Initialize the endpoint. |
553 |
* Initialize the endpoint. |
| 536 |
*/ |
554 |
*/ |
|
Lines 622-636
Link Here
|
| 622 |
if (SSLEnabled) { |
640 |
if (SSLEnabled) { |
| 623 |
|
641 |
|
| 624 |
// SSL protocol |
642 |
// SSL protocol |
| 625 |
int value = SSL.SSL_PROTOCOL_ALL; |
643 |
int value = SSL.SSL_PROTOCOL_NONE; |
| 626 |
if ("SSLv2".equalsIgnoreCase(SSLProtocol)) { |
644 |
if (SSLProtocol == null || SSLProtocol.length() == 0) { |
| 627 |
value = SSL.SSL_PROTOCOL_SSLV2; |
645 |
value = getSSLProtocolAll(); |
| 628 |
} else if ("SSLv3".equalsIgnoreCase(SSLProtocol)) { |
646 |
} else { |
| 629 |
value = SSL.SSL_PROTOCOL_SSLV3; |
647 |
for (String protocol : SSLProtocol.split("\\+")) { |
| 630 |
} else if ("TLSv1".equalsIgnoreCase(SSLProtocol)) { |
648 |
if ("ALL".equalsIgnoreCase(protocol)) { |
| 631 |
value = SSL.SSL_PROTOCOL_TLSV1; |
649 |
value = getSSLProtocolAll(); |
| 632 |
} else if ("SSLv2+SSLv3".equalsIgnoreCase(SSLProtocol)) { |
650 |
} else if ("SSLv2".equalsIgnoreCase(protocol)) { |
| 633 |
value = SSL.SSL_PROTOCOL_SSLV2 | SSL.SSL_PROTOCOL_SSLV3; |
651 |
value |= SSL.SSL_PROTOCOL_SSLV2; |
|
|
652 |
} else if ("SSLv3".equalsIgnoreCase(protocol)) { |
| 653 |
value |= SSL.SSL_PROTOCOL_SSLV3; |
| 654 |
} else if ("TLSv1".equalsIgnoreCase(protocol)) { |
| 655 |
value |= SSL.SSL_PROTOCOL_TLSV1; |
| 656 |
} else if ("TLSv1.1".equalsIgnoreCase(protocol)) { |
| 657 |
value |= SSL.SSL_PROTOCOL_TLSV1_1; |
| 658 |
} else if ("TLSv1.2".equalsIgnoreCase(protocol)) { |
| 659 |
value |= SSL.SSL_PROTOCOL_TLSV1_2; |
| 660 |
} |
| 661 |
} |
| 634 |
} |
662 |
} |
| 635 |
// Create SSL Context |
663 |
// Create SSL Context |
| 636 |
sslContext = SSLContext.make(rootPool, value, (reverseConnection) ? SSL.SSL_MODE_CLIENT : SSL.SSL_MODE_SERVER); |
664 |
sslContext = SSLContext.make(rootPool, value, (reverseConnection) ? SSL.SSL_MODE_CLIENT : SSL.SSL_MODE_SERVER); |