[teiid-commits] teiid SVN: r2953 - in trunk/client/src/main: resources/org/teiid/jdbc and 1 other directory.

Author: shawkins Date: 2011-03-01 16:04:09 -0500 (Tue, 01 Mar 2011) New Revision: 2953 Modified: trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties Log: TEIID-1488 changed the assertion to a warning, which will allow for a later error if a suite cannot be negotiated. Modified: trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java =================================================================== --- trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java 2011-03-01 14:57:25 UTC (rev 2952) +++ trunk/client/src/main/java/org/teiid/net/socket/SocketUtil.java 2011-03-01 21:04:09 UTC (rev 2953) @@ -34,6 +34,7 @@ import java.security.cert.CertificateException; import java.util.Arrays; import java.util.Properties; +import java.util.logging.Logger; import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; @@ -42,7 +43,6 @@ import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; -import org.teiid.core.util.Assertion; import org.teiid.core.util.PropertiesUtils; import org.teiid.jdbc.JDBCPlugin; @@ -54,6 +54,7 @@ * ssl connection */ public class SocketUtil { + private static Logger logger = Logger.getLogger(SocketUtil.class.getName()); static final String TRUSTSTORE_PASSWORD = "org.teiid.ssl.trustStorePassword"; //$NON-NLS-1$ public static final String TRUSTSTORE_FILENAME = "org.teiid.ssl.trustStore"; //$NON-NLS-1$ @@ -71,6 +72,7 @@ public static class SSLSocketFactory { private boolean isAnon; + private boolean warned; private javax.net.ssl.SSLSocketFactory factory; public SSLSocketFactory(SSLContext context, boolean isAnon) { @@ -81,8 +83,9 @@ public synchronized Socket getSocket() throws IOException { SSLSocket result = (SSLSocket)factory.createSocket(); result.setUseClientMode(true); - if (isAnon) { - addCipherSuite(result, ANON_CIPHER_SUITE); + if (isAnon && !addCipherSuite(result, ANON_CIPHER_SUITE) && !warned) { + warned = true; + logger.warning(JDBCPlugin.Util.getString("SocketUtil.anon_not_available")); //$NON-NLS-1$ } return result; } @@ -131,8 +134,10 @@ return getSSLContext(keystore, password, truststore, truststorePassword, algorithm, keystoreType, protocol); } - public static void addCipherSuite(SSLSocket engine, String cipherSuite) { - Assertion.assertTrue(Arrays.asList(engine.getSupportedCipherSuites()).contains(cipherSuite)); + public static boolean addCipherSuite(SSLSocket engine, String cipherSuite) { + if (!Arrays.asList(engine.getSupportedCipherSuites()).contains(cipherSuite)) { + return false; + } String[] suites = engine.getEnabledCipherSuites(); @@ -142,6 +147,7 @@ newSuites[suites.length] = cipherSuite; engine.setEnabledCipherSuites(newSuites); + return true; } public static SSLContext getAnonSSLContext() throws IOException, GeneralSecurityException { Modified: trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties =================================================================== --- trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-03-01 14:57:25 UTC (rev 2952) +++ trunk/client/src/main/resources/org/teiid/jdbc/i18n.properties 2011-03-01 21:04:09 UTC (rev 2953) @@ -142,6 +142,7 @@ SocketServerConnection.closed=Server connection is closed SocketHelper.keystore_not_found=Key store ''{0}'' was not found. +SocketUtil.anon_not_available=The anonymous cipher suite TLS_DH_anon_WITH_AES_128_CBC_SHA could not be added. Anonymous SSL connections will fail. MMURL.INVALID_FORMAT=The required socket url format is mm[s]://server1:port1[,server2:port2] TeiidURL.invalid_ipv6_hostport=The IPv6 host:port ''{0}'' is not valid. {1}