提交 d4c470a8 authored 作者: Thomas Mueller's avatar Thomas Mueller

H2 Console and server mode: SSL is now disabled

上级 a06ab05e
...@@ -92,8 +92,8 @@ public class CipherFactory { ...@@ -92,8 +92,8 @@ public class CipherFactory {
SSLSocket secureSocket = (SSLSocket) f.createSocket(); SSLSocket secureSocket = (SSLSocket) f.createSocket();
secureSocket.connect(new InetSocketAddress(address, port), secureSocket.connect(new InetSocketAddress(address, port),
SysProperties.SOCKET_CONNECT_TIMEOUT); SysProperties.SOCKET_CONNECT_TIMEOUT);
secureSocket.setEnabledCipherSuites( secureSocket.setEnabledProtocols(
disableSSL(secureSocket.getEnabledCipherSuites())); disableSSL(secureSocket.getEnabledProtocols()));
if (SysProperties.ENABLE_ANONYMOUS_TLS) { if (SysProperties.ENABLE_ANONYMOUS_TLS) {
String[] list = enableAnonymous( String[] list = enableAnonymous(
secureSocket.getEnabledCipherSuites(), secureSocket.getEnabledCipherSuites(),
...@@ -124,15 +124,15 @@ public class CipherFactory { ...@@ -124,15 +124,15 @@ public class CipherFactory {
} else { } else {
secureSocket = (SSLServerSocket) f.createServerSocket(port, 0, bindAddress); secureSocket = (SSLServerSocket) f.createServerSocket(port, 0, bindAddress);
} }
secureSocket.setEnabledCipherSuites( secureSocket.setEnabledProtocols(
disableSSL(secureSocket.getEnabledCipherSuites())); disableSSL(secureSocket.getEnabledProtocols()));
if (SysProperties.ENABLE_ANONYMOUS_TLS) { if (SysProperties.ENABLE_ANONYMOUS_TLS) {
String[] list = enableAnonymous( String[] list = enableAnonymous(
secureSocket.getEnabledCipherSuites(), secureSocket.getEnabledCipherSuites(),
secureSocket.getSupportedCipherSuites()); secureSocket.getSupportedCipherSuites());
secureSocket.setEnabledCipherSuites(list); secureSocket.setEnabledCipherSuites(list);
} }
socket = secureSocket; socket = secureSocket;
return socket; return socket;
} }
...@@ -270,11 +270,11 @@ public class CipherFactory { ...@@ -270,11 +270,11 @@ public class CipherFactory {
} }
private static String[] enableAnonymous(String[] enabled, String[] supported) { private static String[] enableAnonymous(String[] enabled, String[] supported) {
HashSet<String> set = new HashSet<String>(); HashSet<String> set = new HashSet<String>();
Collections.addAll(set, enabled); Collections.addAll(set, enabled);
for (String x : supported) { for (String x : supported) {
if (x.startsWith("SSL") && if (!x.startsWith("SSL") &&
x.indexOf("_anon_") >= 0 && x.indexOf("_anon_") >= 0 &&
x.indexOf("_AES_") >= 0 && x.indexOf("_AES_") >= 0 &&
x.indexOf("_SHA") >= 0) { x.indexOf("_SHA") >= 0) {
set.add(x); set.add(x);
...@@ -287,7 +287,7 @@ public class CipherFactory { ...@@ -287,7 +287,7 @@ public class CipherFactory {
HashSet<String> set = new HashSet<String>(); HashSet<String> set = new HashSet<String>();
for (String x : enabled) { for (String x : enabled) {
if (!x.startsWith("SSL")) { if (!x.startsWith("SSL")) {
set.add(x); set.add(x);
} }
} }
return set.toArray(new String[0]); return set.toArray(new String[0]);
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论