Repository: mina-sshd Updated Branches: refs/heads/master 80a69cb2b -> 41857c7e8
[SSHD-719] Provide a configurable way to disable BC support for all security entities even if regigstrar enabled Project: http://git-wip-us.apache.org/repos/asf/mina-sshd/repo Commit: http://git-wip-us.apache.org/repos/asf/mina-sshd/commit/41857c7e Tree: http://git-wip-us.apache.org/repos/asf/mina-sshd/tree/41857c7e Diff: http://git-wip-us.apache.org/repos/asf/mina-sshd/diff/41857c7e Branch: refs/heads/master Commit: 41857c7e8a59ab9428594b1248c8ae56a061f649 Parents: 80a69cb Author: Lyor Goldstein <lyor.goldst...@gmail.com> Authored: Fri Dec 9 15:46:55 2016 +0200 Committer: Lyor Goldstein <lyor.goldst...@gmail.com> Committed: Fri Dec 9 15:46:55 2016 +0200 ---------------------------------------------------------------------- .../util/security/SecurityProviderRegistrar.java | 6 ++++++ .../BouncyCastleSecurityProviderRegistrar.java | 15 ++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/41857c7e/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityProviderRegistrar.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityProviderRegistrar.java b/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityProviderRegistrar.java index 110d160..2254f86 100644 --- a/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityProviderRegistrar.java +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/security/SecurityProviderRegistrar.java @@ -74,6 +74,8 @@ public interface SecurityProviderRegistrar extends SecurityProviderChoice, Optio String ALL_OPTIONS_VALUE = "all"; String ALL_OPTIONS_WILDCARD = "*"; + String NO_OPTIONS_VALUE = "none"; + /** * All the entities that are used in calls to {@link #isSecurityEntitySupported(Class, String)} */ @@ -261,6 +263,10 @@ public interface SecurityProviderRegistrar extends SecurityProviderChoice, Optio propValue = defaultValue; } + if (NO_OPTIONS_VALUE.equalsIgnoreCase(propValue)) { + return false; + } + String[] values = GenericUtils.split(propValue, ','); if (GenericUtils.isEmpty(values)) { return false; http://git-wip-us.apache.org/repos/asf/mina-sshd/blob/41857c7e/sshd-core/src/main/java/org/apache/sshd/common/util/security/bouncycastle/BouncyCastleSecurityProviderRegistrar.java ---------------------------------------------------------------------- diff --git a/sshd-core/src/main/java/org/apache/sshd/common/util/security/bouncycastle/BouncyCastleSecurityProviderRegistrar.java b/sshd-core/src/main/java/org/apache/sshd/common/util/security/bouncycastle/BouncyCastleSecurityProviderRegistrar.java index 87744a1..a04e217 100644 --- a/sshd-core/src/main/java/org/apache/sshd/common/util/security/bouncycastle/BouncyCastleSecurityProviderRegistrar.java +++ b/sshd-core/src/main/java/org/apache/sshd/common/util/security/bouncycastle/BouncyCastleSecurityProviderRegistrar.java @@ -40,6 +40,7 @@ public class BouncyCastleSecurityProviderRegistrar extends AbstractSecurityProvi public static final String PROVIDER_CLASS = "org.bouncycastle.jce.provider.BouncyCastleProvider"; // Do not define a static registrar instance to minimize class loading issues private final AtomicReference<Boolean> supportHolder = new AtomicReference<>(null); + private final AtomicReference<String> allSupportHolder = new AtomicReference<>(); public BouncyCastleSecurityProviderRegistrar() { super(SecurityUtils.BOUNCY_CASTLE); @@ -73,7 +74,19 @@ public class BouncyCastleSecurityProviderRegistrar extends AbstractSecurityProvi @Override public String getDefaultSecurityEntitySupportValue(Class<?> entityType) { - return ALL_OPTIONS_VALUE; + String allValue = allSupportHolder.get(); + if (GenericUtils.length(allValue) > 0) { + return allValue; + } + + String propName = getConfigurationPropertyName("supportAll"); + allValue = PropertyResolverUtils.getStringProperty(this, propName, ALL_OPTIONS_VALUE); + if (GenericUtils.isEmpty(allValue)) { + allValue = NO_OPTIONS_VALUE; + } + + allSupportHolder.set(allValue); + return allValue; } @Override