diff options
Diffstat (limited to 'container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java')
-rw-r--r-- | container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java b/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java index 07c599aa229..e7c9e4f0bee 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/ssl/impl/SslContextFactoryUtils.java @@ -4,6 +4,8 @@ package com.yahoo.jdisc.http.ssl.impl; import org.eclipse.jetty.util.ssl.SslContextFactory; import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLParameters; +import java.security.NoSuchAlgorithmException; import java.util.Arrays; import java.util.List; @@ -12,14 +14,14 @@ import java.util.List; */ class SslContextFactoryUtils { - static void setEnabledCipherSuites(SslContextFactory factory, SSLContext sslContext, List<String> enabledCiphers) { - String[] supportedCiphers = sslContext.getSupportedSSLParameters().getCipherSuites(); + static void setEnabledCipherSuites(SslContextFactory factory, SSLContext sslContextOrNull, List<String> enabledCiphers) { + String[] supportedCiphers = supportedSslParams(sslContextOrNull).getCipherSuites(); factory.setIncludeCipherSuites(enabledCiphers.toArray(String[]::new)); factory.setExcludeCipherSuites(createExclusionList(enabledCiphers, supportedCiphers)); } - static void setEnabledProtocols(SslContextFactory factory, SSLContext sslContext, List<String> enabledProtocols) { - String[] supportedProtocols = sslContext.getSupportedSSLParameters().getProtocols(); + static void setEnabledProtocols(SslContextFactory factory, SSLContext sslContextOrNull, List<String> enabledProtocols) { + String[] supportedProtocols = supportedSslParams(sslContextOrNull).getProtocols(); factory.setIncludeProtocols(enabledProtocols.toArray(String[]::new)); factory.setExcludeProtocols(createExclusionList(enabledProtocols, supportedProtocols)); } @@ -29,4 +31,14 @@ class SslContextFactoryUtils { .filter(supportedValue -> !enabledValues.contains(supportedValue)) .toArray(String[]::new); } + + private static SSLParameters supportedSslParams(SSLContext ctx) { + try { + return ctx != null + ? ctx.getSupportedSSLParameters() + : SSLContext.getDefault().getSupportedSSLParameters(); + } catch (NoSuchAlgorithmException e) { + throw new IllegalStateException(e); + } + } } |