public static SSLContext createSSLContext(KeyManager[] keyManagers, TrustManager trustManager) throws IOException { final TrustManager[] trustManagers = new TrustManager[] {trustManager != null ? trustManager : getEmptyTrustManager()}; keyManagers = keyManagers != null ? keyManagers : EMPTY_KEY_MANAGERS; try { return createSSLContext(keyManagers, trustManagers, getEnabledSSLProtocols(true)); } catch (NoSuchAlgorithmException e) { try { return createSSLContext(keyManagers, trustManagers, getEnabledSSLProtocols(false)); } catch (NoSuchAlgorithmException e1) { throw new IOException(e1.getMessage()); } } }
public static Socket configureSSLSocket(Socket socket) { if (socket == null || !(socket instanceof SSLSocket)) { return null; } final SSLSocket sslSocket = (SSLSocket) socket; // configure enabled protocols enabling those supported. final List<String> enabledProtocols = getEnabledSSLProtocols(true); final List<String> defaultEnabledProtocols = Arrays.asList(sslSocket.getEnabledProtocols()); final List<String> supportedProtocols = Arrays.asList(sslSocket.getSupportedProtocols()); final List<String> protocolsToEnable = new ArrayList<String>(); for (String enabledProtocol : enabledProtocols) { for (String supportedProtocol : supportedProtocols) { if (supportedProtocol.startsWith(enabledProtocol)) { protocolsToEnable.add(supportedProtocol); } } } if (protocolsToEnable.isEmpty()) { // fall back to default. protocolsToEnable.addAll(defaultEnabledProtocols); } sslSocket.setEnabledProtocols(protocolsToEnable.toArray(new String[protocolsToEnable.size()])); SVNDebugLog.getDefaultLog().logFinest(SVNLogType.NETWORK, "SSL protocols explicitly enabled: " + protocolsToEnable); return sslSocket; } }