< prev index next >
src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java
Print this page
rev 52899 : 8232424: More constrained algorithms
Reviewed-by: jnimeh, rhalade, ahgross
@@ -50,11 +50,11 @@
/**
* SSL/(D)TLS configuration.
*/
final class SSLConfiguration implements Cloneable {
// configurations with SSLParameters
- AlgorithmConstraints algorithmConstraints;
+ AlgorithmConstraints userSpecifiedAlgorithmConstraints;
List<ProtocolVersion> enabledProtocols;
List<CipherSuite> enabledCipherSuites;
ClientAuthType clientAuthType;
String identificationProtocol;
List<SNIServerName> serverNames;
@@ -115,11 +115,12 @@
}
SSLConfiguration(SSLContextImpl sslContext, boolean isClientMode) {
// Configurations with SSLParameters, default values.
- this.algorithmConstraints = SSLAlgorithmConstraints.DEFAULT;
+ this.userSpecifiedAlgorithmConstraints =
+ SSLAlgorithmConstraints.DEFAULT;
this.enabledProtocols =
sslContext.getDefaultProtocolVersions(!isClientMode);
this.enabledCipherSuites =
sslContext.getDefaultCipherSuites(!isClientMode);
this.clientAuthType = ClientAuthType.CLIENT_AUTH_NONE;
@@ -152,11 +153,11 @@
}
SSLParameters getSSLParameters() {
SSLParameters params = new SSLParameters();
- params.setAlgorithmConstraints(this.algorithmConstraints);
+ params.setAlgorithmConstraints(this.userSpecifiedAlgorithmConstraints);
params.setProtocols(ProtocolVersion.toStringArray(enabledProtocols));
params.setCipherSuites(CipherSuite.namesOf(enabledCipherSuites));
switch (this.clientAuthType) {
case CLIENT_AUTH_REQUIRED:
params.setNeedClientAuth(true);
@@ -192,11 +193,11 @@
}
void setSSLParameters(SSLParameters params) {
AlgorithmConstraints ac = params.getAlgorithmConstraints();
if (ac != null) {
- this.algorithmConstraints = ac;
+ this.userSpecifiedAlgorithmConstraints = ac;
} // otherwise, use the default value
String[] sa = params.getCipherSuites();
if (sa != null) {
this.enabledCipherSuites = CipherSuite.validValuesOf(sa);
< prev index next >