Revert "Move cipher and protocol inclusion/exclusion logic to separate class"

This reverts commit 7d8233a7d9ab9a177d689b6faa03ae8dd7e4e13a.
author: Jon Marius Venstad <venstad@gmail.com> 2019-12-09 13:35:40 +0100
committer: Jon Marius Venstad <venstad@gmail.com> 2019-12-09 13:35:40 +0100
commit: 819f850ff89ca2f09046d800548fb38d96eae99c (patch)
tree: 31ac9e0f2594ae8e33c8b02a5b10e13ffb36e396 /jdisc_http_service
parent: f0e4d0f4c9eda61fc84a6842b126cf0303ee1cfa (diff)
2 files changed, 18 insertions, 38 deletions
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java
deleted file mode 100644
index a0172668cbb..00000000000
--- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java
+++ /dev/null
@@ -1,32 +0,0 @@
-// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-package com.yahoo.jdisc.http.ssl.impl;
-
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-
-import javax.net.ssl.SSLContext;
-import java.util.Arrays;
-import java.util.List;
-
-/**
- * @author bjorncs
- */
-class SslContextFactoryUtils {
-
-    static void setEnabledCipherSuites(SslContextFactory factory, SSLContext sslContext, List<String> enabledCiphers) {
-        String[] supportedCiphers = sslContext.getSupportedSSLParameters().getCipherSuites();
-        factory.setIncludeCipherSuites(enabledCiphers.toArray(String[]::new));
-        factory.setExcludeCipherSuites(createExclusionList(enabledCiphers, supportedCiphers));
-    }
-
-    static void setEnabledProtocols(SslContextFactory factory, SSLContext sslContext, List<String> enabledProtocols) {
-        String[] supportedProtocols = sslContext.getSupportedSSLParameters().getProtocols();
-        factory.setIncludeProtocols(enabledProtocols.toArray(String[]::new));
-        factory.setExcludeProtocols(createExclusionList(enabledProtocols, supportedProtocols));
-    }
-
-    private static String[] createExclusionList(List<String> enabledValues, String[] supportedValues) {
-        return Arrays.stream(supportedValues)
-                .filter(supportedValue -> !enabledValues.contains(supportedValue))
-                .toArray(String[]::new);
-    }
-}
diff --git a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/TlsContextBasedProvider.java b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/TlsContextBasedProvider.java
index 93d4f1dca3f..e8ae13e48be 100644
--- a/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/TlsContextBasedProvider.java
+++ b/jdisc_http_service/src/main/java/com/yahoo/jdisc/http/ssl/impl/TlsContextBasedProvider.java
@@ -8,10 +8,7 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
 
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLParameters;
-import java.util.List;
-
-import static com.yahoo.jdisc.http.ssl.impl.SslContextFactoryUtils.setEnabledCipherSuites;
-import static com.yahoo.jdisc.http.ssl.impl.SslContextFactoryUtils.setEnabledProtocols;
+import java.util.Arrays;
 
 /**
  * A {@link SslContextFactoryProvider} that creates {@link SslContextFactory} instances from {@link TlsContext} instances.
@@ -34,9 +31,24 @@ public abstract class TlsContextBasedProvider extends AbstractComponent implemen
         sslContextFactory.setNeedClientAuth(parameters.getNeedClientAuth());
         sslContextFactory.setWantClientAuth(parameters.getWantClientAuth());
 
-        setEnabledProtocols(sslContextFactory, sslContext, List.of(parameters.getProtocols()));
-        setEnabledCipherSuites(sslContextFactory, sslContext, List.of(parameters.getCipherSuites()));
+        String[] enabledProtocols = parameters.getProtocols();
+        sslContextFactory.setIncludeProtocols(enabledProtocols);
+        String[] supportedProtocols = sslContext.getSupportedSSLParameters().getProtocols();
+        sslContextFactory.setExcludeProtocols(createExclusionList(enabledProtocols, supportedProtocols));
 
+        String[] enabledCiphers = parameters.getCipherSuites();
+        String[] supportedCiphers = sslContext.getSupportedSSLParameters().getCipherSuites();
+        sslContextFactory.setIncludeCipherSuites(enabledCiphers);
+        sslContextFactory.setExcludeCipherSuites(createExclusionList(enabledCiphers, supportedCiphers));
         return sslContextFactory;
     }
+
+    private static String[] createExclusionList(String[] enabledValues, String[] supportedValues) {
+        return Arrays.stream(supportedValues)
+                .filter(supportedValue ->
+                                Arrays.stream(enabledValues)
+                                        .noneMatch(enabledValue -> enabledValue.equals(supportedValue)))
+                .toArray(String[]::new);
+    }
+
 }
author	Jon Marius Venstad <venstad@gmail.com>	2019-12-09 13:35:40 +0100
committer	Jon Marius Venstad <venstad@gmail.com>	2019-12-09 13:35:40 +0100
commit	819f850ff89ca2f09046d800548fb38d96eae99c (patch)
tree	31ac9e0f2594ae8e33c8b02a5b10e13ffb36e396 /jdisc_http_service
parent	f0e4d0f4c9eda61fc84a6842b126cf0303ee1cfa (diff)