Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 877c386dc -> dc8a99dd8
Backmerging cipher suite change Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0fafa8c7 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0fafa8c7 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0fafa8c7 Branch: refs/heads/3.0.x-fixes Commit: 0fafa8c78969bb4b0f34a39e002fcb8975879db3 Parents: 877c386 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Dec 10 15:00:12 2014 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Dec 10 15:00:12 2014 +0000 ---------------------------------------------------------------------- .../java/org/apache/cxf/configuration/jsse/SSLUtils.java | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/0fafa8c7/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java ---------------------------------------------------------------------- diff --git a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java index 396d53c..534c256 100644 --- a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java +++ b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java @@ -68,14 +68,16 @@ public final class SSLUtils { private static final boolean DEFAULT_REQUIRE_CLIENT_AUTHENTICATION = false; private static final boolean DEFAULT_WANT_CLIENT_AUTHENTICATION = true; - /** - * By default, only include export-compatible ciphersuites. - */ private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_INCLUDE = Arrays.asList(new String[] {".*"}); + /** + * By default, exclude NULL, anon, EXPORT, DES ciphersuites + */ private static final List<String> DEFAULT_CIPHERSUITE_FILTERS_EXCLUDE = Arrays.asList(new String[] {".*_NULL_.*", - ".*_anon_.*"}); + ".*_anon_.*", + ".*_EXPORT_.*", + ".*_DES_.*"}); private static volatile KeyManager[] defaultManagers;