diff options
| author | Harald Musum <musum@oath.com> | 2018-11-07 11:18:53 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-11-07 11:18:53 +0100 |
| commit | 07430fcda1778d68eaaf6ef343cfde404f0c68d6 (patch) | |
| tree | d1f64927942a44a26be5c75efd0faa33f701a7db /jrt | |
| parent | 95ffa3196cc6719a6295ad3ba7cee366499864f1 (diff) | |
Revert "Bjorncs/accepted ciphers"
Diffstat (limited to 'jrt')
| -rw-r--r-- | jrt/src/com/yahoo/jrt/TlsCryptoEngine.java | 22 |
1 files changed, 6 insertions, 16 deletions
diff --git a/jrt/src/com/yahoo/jrt/TlsCryptoEngine.java b/jrt/src/com/yahoo/jrt/TlsCryptoEngine.java index 25a154be107..b3daf5c296d 100644 --- a/jrt/src/com/yahoo/jrt/TlsCryptoEngine.java +++ b/jrt/src/com/yahoo/jrt/TlsCryptoEngine.java @@ -2,15 +2,17 @@ package com.yahoo.jrt; import com.yahoo.security.SslContextBuilder; +import com.yahoo.security.X509CertificateUtils; import com.yahoo.security.tls.TransportSecurityOptions; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; +import java.io.IOException; +import java.io.UncheckedIOException; import java.nio.channels.SocketChannel; -import java.util.Arrays; -import java.util.Collections; +import java.nio.file.Files; +import java.security.cert.X509Certificate; import java.util.List; -import java.util.logging.Logger; /** * A {@link CryptoSocket} that creates {@link TlsCryptoSocket} instances. @@ -19,33 +21,21 @@ import java.util.logging.Logger; */ public class TlsCryptoEngine implements CryptoEngine { - private static final Logger log = Logger.getLogger(TlsCryptoEngine.class.getName()); - private final SSLContext sslContext; - private final List<String> acceptedCiphers; public TlsCryptoEngine(SSLContext sslContext) { - this(sslContext, Collections.emptyList()); - } - - public TlsCryptoEngine(SSLContext sslContext, List<String> acceptedCiphers) { this.sslContext = sslContext; - this.acceptedCiphers = acceptedCiphers; } public TlsCryptoEngine(TransportSecurityOptions options) { - this(createSslContext(options), options.getAcceptedCiphers()); + this(createSslContext(options)); } @Override public TlsCryptoSocket createCryptoSocket(SocketChannel channel, boolean isServer) { SSLEngine sslEngine = sslContext.createSSLEngine(); - log.fine(() -> String.format("Supported ciphers: %s", Arrays.toString(sslEngine.getSupportedCipherSuites()))); sslEngine.setNeedClientAuth(true); sslEngine.setUseClientMode(!isServer); - if (!acceptedCiphers.isEmpty()) { - sslEngine.setEnabledCipherSuites(acceptedCiphers.toArray(new String[0])); - } return new TlsCryptoSocket(channel, sslEngine); } |