提交 84278f23 authored 作者: Tomas Pospichal's avatar Tomas Pospichal

Make anonymous TLS ciphers first in order when enabled.

Allow also anonymous 3DES ciphers to be used.
上级 84745974
...@@ -23,6 +23,7 @@ import java.security.spec.PKCS8EncodedKeySpec; ...@@ -23,6 +23,7 @@ import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Properties; import java.util.Properties;
import javax.net.ServerSocketFactory; import javax.net.ServerSocketFactory;
import javax.net.ssl.SSLServerSocket; import javax.net.ssl.SSLServerSocket;
...@@ -270,16 +271,16 @@ public class CipherFactory { ...@@ -270,16 +271,16 @@ public class CipherFactory {
} }
private static String[] enableAnonymous(String[] enabled, String[] supported) { private static String[] enableAnonymous(String[] enabled, String[] supported) {
HashSet<String> set = new HashSet<String>(); LinkedHashSet<String> set = new LinkedHashSet<String>();
Collections.addAll(set, enabled);
for (String x : supported) { for (String x : supported) {
if (!x.startsWith("SSL") && if (!x.startsWith("SSL") &&
x.indexOf("_anon_") >= 0 && x.indexOf("_anon_") >= 0 &&
x.indexOf("_AES_") >= 0 && (x.indexOf("_AES_") >= 0 || x.indexOf("_3DES_") >= 0) &&
x.indexOf("_SHA") >= 0) { x.indexOf("_SHA") >= 0) {
set.add(x); set.add(x);
} }
} }
Collections.addAll(set, enabled);
return set.toArray(new String[0]); return set.toArray(new String[0]);
} }
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论