felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Adrien PAILHES (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (FELIX-4376) Allow inclusion/exclusion of cipher suites in SSL connector
Date Wed, 23 Jul 2014 16:03:40 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4376?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14071887#comment-14071887
] 

Adrien PAILHES edited comment on FELIX-4376 at 7/23/14 4:02 PM:
----------------------------------------------------------------

Hello, 

I've got a pb with multiple exclude(or include) ciphersuites. Something like:
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5
{code}
does not work whereas
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA
{code}
works correctly.

I think(but I'm not sure) that org.apache.felix.http.jetty.internal.JettyConfig#getStringArrayProperty
always get a String property(org.apache.felix.http.jetty.internal.JettyConfig#getProperty(java.lang.String))
instead of an array.

I don't know how to debug it... so maybe somebody can try that kind of use case and tell me
if he can reproduce the problem with comma-separated params?





was (Author: apailhes):
Hello, 

I've got a pb with multiple exclude(or include) ciphersuites. Something like:
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5
{code}
whereas
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA
{code}
works correctly.

I think(but I'm not sure) that org.apache.felix.http.jetty.internal.JettyConfig#getStringArrayProperty
always get a String property(org.apache.felix.http.jetty.internal.JettyConfig#getProperty(java.lang.String))
instead of an array.

I don't know how to debug it... so maybe somebody can try that kind of use case and tell me
if he can reproduce the problem with comma-separated params?




> Allow inclusion/exclusion of cipher suites in SSL connector
> -----------------------------------------------------------
>
>                 Key: FELIX-4376
>                 URL: https://issues.apache.org/jira/browse/FELIX-4376
>             Project: Felix
>          Issue Type: Improvement
>          Components: HTTP Service
>    Affects Versions: http-2.2.1
>            Reporter: Dominique Pfister
>            Assignee: Felix Meschberger
>             Fix For: http-2.2.2
>
>         Attachments: patch.txt
>
>
> Jetty allows including/excluding cipher suites (in o.e.j.s.ssl.SslConnector). It would
be great to make this available in the Jetty Bridge OSGI configuration. Ideally, there could
be 2 properties, of type String[], that dictate what suites to explicitly include or exclude.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message