[teiid-commits] teiid SVN: r2953 - in trunk/client/src/main: resources/org/teiid/jdbc and 1 other directory.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Tue Mar 1 16:04:09 EST 2011
Author: shawkins
Date: 2011-03-01 16:04:09 -0500 (Tue, 01 Mar 2011)
New Revision: 2953
Modified:
trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java
trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties
Log:
TEIID-1488 changed the assertion to a warning, which will allow for a later error if a suite cannot be negotiated.
Modified: trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java
===================================================================
--- trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java 2011-03-01 14:57:25 UTC (rev 2952)
+++ trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java 2011-03-01 21:04:09 UTC (rev 2953)
@@ -34,6 +34,7 @@
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Properties;
+import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
@@ -42,7 +43,6 @@
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
-import org.teiid.core.util.Assertion;
import org.teiid.core.util.PropertiesUtils;
import org.teiid.jdbc.JDBCPlugin;
@@ -54,6 +54,7 @@
* ssl connection
*/
public class SocketUtil {
+ private static Logger logger = Logger.getLogger(SocketUtil.class.getName());
static final String TRUSTSTORE_PASSWORD = "org.teiid.ssl.trustStorePassword"; //$NON-NLS-1$
public static final String TRUSTSTORE_FILENAME = "org.teiid.ssl.trustStore"; //$NON-NLS-1$
@@ -71,6 +72,7 @@
public static class SSLSocketFactory {
private boolean isAnon;
+ private boolean warned;
private javax.net.ssl.SSLSocketFactory factory;
public SSLSocketFactory(SSLContext context, boolean isAnon) {
@@ -81,8 +83,9 @@
public synchronized Socket getSocket() throws IOException {
SSLSocket result = (SSLSocket)factory.createSocket();
result.setUseClientMode(true);
- if (isAnon) {
- addCipherSuite(result, ANON_CIPHER_SUITE);
+ if (isAnon && !addCipherSuite(result, ANON_CIPHER_SUITE) && !warned) {
+ warned = true;
+ logger.warning(JDBCPlugin.Util.getString("SocketUtil.anon_not_available")); //$NON-NLS-1$
}
return result;
}
@@ -131,8 +134,10 @@
return getSSLContext(keystore, password, truststore, truststorePassword, algorithm, keystoreType, protocol);
}
- public static void addCipherSuite(SSLSocket engine, String cipherSuite) {
- Assertion.assertTrue(Arrays.asList(engine.getSupportedCipherSuites()).contains(cipherSuite));
+ public static boolean addCipherSuite(SSLSocket engine, String cipherSuite) {
+ if (!Arrays.asList(engine.getSupportedCipherSuites()).contains(cipherSuite)) {
+ return false;
+ }
String[] suites = engine.getEnabledCipherSuites();
@@ -142,6 +147,7 @@
newSuites[suites.length] = cipherSuite;
engine.setEnabledCipherSuites(newSuites);
+ return true;
}
public static SSLContext getAnonSSLContext() throws IOException, GeneralSecurityException {
Modified: trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties
===================================================================
--- trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-03-01 14:57:25 UTC (rev 2952)
+++ trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-03-01 21:04:09 UTC (rev 2953)
@@ -142,6 +142,7 @@
SocketServerConnection.closed=Server connection is closed
SocketHelper.keystore_not_found=Key store ''{0}'' was not found.
+SocketUtil.anon_not_available=The anonymous cipher suite TLS_DH_anon_WITH_AES_128_CBC_SHA could not be added. Anonymous SSL connections will fail.
MMURL.INVALID_FORMAT=The required socket url format is mm[s]://server1:port1[,server2:port2]
TeiidURL.invalid_ipv6_hostport=The IPv6 host:port ''{0}'' is not valid. {1}
More information about the teiid-commits
mailing list