[camel] branch camel-3.0.x updated: CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default

Fri, 29 Nov 2019 06:24:17 -0800 

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch camel-3.0.x
in repository https://gitbox.apache.org/repos/asf/camel.git


The following commit(s) were added to refs/heads/camel-3.0.x by this push:
     new a73692d  CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
a73692d is described below

commit a73692daac12003d5a736010f15020fde3174fe6
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Fri Nov 29 14:22:36 2019 +0000

    CAMEL-14230 - Disable RC4 and MD5 TLS ciphersuites by default
---
 .../java/org/apache/camel/support/jsse/BaseSSLContextParameters.java  | 2 +-
 .../user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git 
a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
 
b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
index 31d5c3f..954e359 100644
--- 
a/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
+++ 
b/core/camel-api/src/main/java/org/apache/camel/support/jsse/BaseSSLContextParameters.java
@@ -60,7 +60,7 @@ public abstract class BaseSSLContextParameters extends 
JsseParameters {
         Collections.unmodifiableList(Arrays.asList(".*"));
     
     protected static final List<String> DEFAULT_CIPHER_SUITES_FILTER_EXCLUDE =
-        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", 
".*_EXPORT_.*", ".*_DES_.*"));
+        Collections.unmodifiableList(Arrays.asList(".*_NULL_.*", ".*_anon_.*", 
".*_EXPORT_.*", ".*_DES_.*", ".*MD5", ".*RC4.*"));
     
     protected static final List<String> 
DEFAULT_SECURE_SOCKET_PROTOCOLS_FILTER_INCLUDE =
         Collections.unmodifiableList(Arrays.asList(".*"));
diff --git 
a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc 
b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
index 65f9753..7e81e13 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-configuration-utilities.adoc
@@ -114,8 +114,8 @@ as well as in the SSLEngine.  The patterns are applied over 
only the
 available cipher suites.  The exclude patterns have precedence over the
 include patterns.  If no cipherSuites and no cipherSuitesFilter are
 present, the default patterns applied are: +
-Includes .\*; Excludes .*_NULL_.*, .\*_anon_.*
-, .\*DES.* *Camel 2.15.4*, .\*EXPORT.* *Camel 2.15.4*.
+Includes .\*;
+Excludes .*_NULL_.*, .\*_anon_.*, .\*DES.*, .\*EXPORT.* *Camel 2.15.4*., 
.\*MD5, .\*RC4.* *Camel 3.0.1*
 secureSocketProtocols::
 This optional property represents a collection of explicitly named
 secure socket protocols, such as SSLv3/TLS/etc., to enable on both the

Reply via email to