mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 0c1023cd | patch | commit | show whitespace
vharseko
18.47.2023 bde0a9a574452fd90abc3a12c90deb8b3d37d6fa 
Remove TLSv1 as default protocol (#303)

4 files modified
10 ■■■■ changed files
opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java 2 ●●● patch | view | raw | blame | history
opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiConnector.java 2 ●●● patch | view | raw | blame | history
opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java 4 ●●●● patch | view | raw | blame | history
opendj-server-legacy/src/test/java/org/opends/server/tools/RemoteConnection.java 2 ●●● patch | view | raw | blame | history 
 opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java


@@ -72,7 +72,7 @@




    private TrustManager trustManager;


    private KeyManager keyManager;


    private String protocol = PROTOCOL_TLS1_2;


    private String protocol = PROTOCOL_TLS;


    private SecureRandom random;




    /** These are mutually exclusive. */




 opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiConnector.java


@@ -285,7 +285,7 @@


              : SelectableCertificateKeyManager.wrap(provider.getKeyManagers(), nicknames);


        }




        SSLContext ctx = SSLContext.getInstance("TLSv1");


        SSLContext ctx = SSLContext.getInstance("TLS");


        ctx.init(


            keyManagers,


            null,




 opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java


@@ -72,8 +72,8 @@


    }


    catch (NoSuchAlgorithmException ex)


    {


      logger.trace("Unable to retrieve default TLS protocols of the JVM, defaulting to TLSv1", ex);


      protocols = Arrays.asList(SSLContextBuilder.PROTOCOL_TLS1);


      logger.trace("Unable to retrieve default TLS protocols of the JVM, defaulting to TLS", ex);


      protocols = Arrays.asList(SSLContextBuilder.PROTOCOL_TLS);


    }


    TLS_PROTOCOLS = protocols.toArray(new String[protocols.size()]);


  }




 opendj-server-legacy/src/test/java/org/opends/server/tools/RemoteConnection.java


@@ -96,7 +96,7 @@




  private Socket getSslSocket(String host, int port) throws Exception


  {


    SSLContext sslCtx = SSLContext.getInstance("TLSv1");


    SSLContext sslCtx = SSLContext.getInstance("TLS");


    TrustManager[] tm = new TrustManager[] { new BlindTrustManager() };


    sslCtx.init(null, tm, new SecureRandom());


    SSLSocketFactory socketFactory = sslCtx.getSocketFactory();