From 1bab1d0855f8813a54028aa58715db75d9c06ca0 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Wed, 28 Jan 2015 13:41:00 +0530 Subject: [PATCH] use a preferable protocol that works on jvm 1.6 Signed-off-by: Rohit Yadav (cherry picked from commit f5f6c2d1a74444bbbf5a5f4565953b6410b87a5c) Signed-off-by: Rohit Yadav Conflicts: services/console-proxy-rdp/rdpconsole/src/main/java/streamer/SocketWrapperImpl.java --- .../org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java | 2 +- .../rdpconsole/src/main/java/streamer/SocketWrapperImpl.java | 4 +--- utils/src/org/apache/cloudstack/utils/security/SSLUtils.java | 4 ++-- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/plugins/event-bus/rabbitmq/src/org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java b/plugins/event-bus/rabbitmq/src/org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java index 25ecb75b958..bd414dbf4bc 100644 --- a/plugins/event-bus/rabbitmq/src/org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java +++ b/plugins/event-bus/rabbitmq/src/org/apache/cloudstack/mom/rabbitmq/RabbitMQEventBus.java @@ -59,7 +59,7 @@ public class RabbitMQEventBus extends ManagerBase implements EventBus { private static Integer port; private static String username; private static String password; - private static String secureProtocol = "TLSv1.2"; + private static String secureProtocol = "TLSv1"; public synchronized static void setVirtualHost(String virtualHost) { RabbitMQEventBus.virtualHost = virtualHost; diff --git a/services/console-proxy-rdp/rdpconsole/src/main/java/streamer/SocketWrapperImpl.java b/services/console-proxy-rdp/rdpconsole/src/main/java/streamer/SocketWrapperImpl.java index 6d996286a36..14089ce609c 100755 --- a/services/console-proxy-rdp/rdpconsole/src/main/java/streamer/SocketWrapperImpl.java +++ b/services/console-proxy-rdp/rdpconsole/src/main/java/streamer/SocketWrapperImpl.java @@ -48,8 +48,6 @@ public class SocketWrapperImpl extends PipelineImpl implements SocketWrapper { protected SSLSocket sslSocket; - protected String sslVersionToUse = "TLSv1.2"; - protected SSLState sslState; public SocketWrapperImpl(String id, SSLState sslState) { @@ -134,7 +132,7 @@ public class SocketWrapperImpl extends PipelineImpl implements SocketWrapper { // Use most secure implementation of SSL available now. // JVM will try to negotiate TLS1.2, then will fallback to TLS1.0, if // TLS1.2 is not supported. - SSLContext sslContext = SSLContext.getInstance(sslVersionToUse); + SSLContext sslContext = SSLUtils.getSSLContext(); // Trust all certificates (FIXME: insecure) sslContext.init(null, new TrustManager[] {new TrustAllX509TrustManager(sslState)}, null); diff --git a/utils/src/org/apache/cloudstack/utils/security/SSLUtils.java b/utils/src/org/apache/cloudstack/utils/security/SSLUtils.java index 7f9ee77c985..3de4c50c7bf 100644 --- a/utils/src/org/apache/cloudstack/utils/security/SSLUtils.java +++ b/utils/src/org/apache/cloudstack/utils/security/SSLUtils.java @@ -42,10 +42,10 @@ public class SSLUtils { } public static SSLContext getSSLContext() throws NoSuchAlgorithmException { - return SSLContext.getInstance("TLSv1.2"); + return SSLContext.getInstance("TLSv1"); } public static SSLContext getSSLContext(String provider) throws NoSuchAlgorithmException, NoSuchProviderException { - return SSLContext.getInstance("TLSv1.2", provider); + return SSLContext.getInstance("TLSv1", provider); } }