The CryptoUtil.unsetSSLCiphers() has been modified not to ignore
exceptions.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From cdffde5b5449db804e98ccac624cdc5eeab29dce Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edew...@redhat.com>
Date: Sun, 19 Mar 2017 19:52:51 +0100
Subject: [PATCH] Fixed error handling in CryptoUtil.unsetSSLCiphers().
The CryptoUtil.unsetSSLCiphers() has been modified not to ignore
exceptions.
---
base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
index 17d314a010a8ba3e4c30e41c8816c14979cfb86a..70aaa373fc3a9e0ed9d533aaaf61de87912e4d7b 100644
--- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
+++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java
@@ -985,13 +985,13 @@ public class CryptoUtil {
/*
* unset all implemented cipehrs; for enforcing strict list of ciphers
*/
- private static void unsetSSLCiphers() throws SocketException {
- int ciphers[] = SSLSocket.getImplementedCipherSuites();
- try {
- for (int i = 0; ciphers != null && i < ciphers.length; i++) {
- SSLSocket.setCipherPreferenceDefault(ciphers[i], false);
- }
- } catch (Exception e) {
+ public static void unsetSSLCiphers() throws SocketException {
+
+ int cipherIDs[] = SSLSocket.getImplementedCipherSuites();
+ if (cipherIDs == null) return;
+
+ for (int cipherID : cipherIDs) {
+ SSLSocket.setCipherPreferenceDefault(cipherID, false);
}
}
--
2.9.3
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
