diff options
| author | Simon Rettberg | 2022-10-18 15:12:09 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2022-10-18 15:12:09 +0200 |
| commit | 6c3f95b62d38d250dc3fbb161e9de43271da07b6 (patch) | |
| tree | 3192328168ab042a6701c4ccbeb1a1ac586d03b8 /dozentenmodul/src | |
| parent | [server] Send another EHLO after STARTTLS, as we SHOULD (diff) | |
| download | tutor-module-6c3f95b62d38d250dc3fbb161e9de43271da07b6.tar.gz tutor-module-6c3f95b62d38d250dc3fbb161e9de43271da07b6.tar.xz tutor-module-6c3f95b62d38d250dc3fbb161e9de43271da07b6.zip | |
[client] Test for TLSv1.3 availability before using it with apache-http
Unfortunately, adding a TLS version to the list of supported versions
that is not supported by the currently running JVM will make the apache
http client bail out immediately with an exception, instead of trying
the remaining TLS versions from that list.
Diffstat (limited to 'dozentenmodul/src')
| -rw-r--r-- | dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java index a6dede1c..035d310b 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/util/ProxyConfigurator.java @@ -7,6 +7,8 @@ import java.net.Socket; import java.text.MessageFormat; import java.util.concurrent.atomic.AtomicReference; +import javax.net.ssl.SSLContext; + import org.apache.hc.client5.http.HttpRoute; import org.apache.hc.client5.http.classic.methods.HttpGet; import org.apache.hc.client5.http.config.ConnectionConfig; @@ -57,11 +59,25 @@ public class ProxyConfigurator { private static AtomicReference<CloseableHttpClient> apacheClient = new AtomicReference<>(); - private static final TLS[] SUPPORTED_TLS_VERSIONS = { TLS.V_1_3, TLS.V_1_2, TLS.V_1_1 }; + private static final TLS[] SUPPORTED_TLS_VERSIONS; private static final Timeout TIMEOUT_CONNECT = Timeout.ofSeconds(8); private static final Timeout TIMEOUT_SOCKET = Timeout.ofSeconds(8); private static final Timeout TIMEOUT_REQUEST = Timeout.ofSeconds(3); + + static { + boolean ok = false; + try { + SSLContext.getInstance("TLSv1.3"); + ok = true; + } catch (Exception e) { + } + if (ok) { + SUPPORTED_TLS_VERSIONS = new TLS[] { TLS.V_1_3, TLS.V_1_2, TLS.V_1_1 }; + } else { + SUPPORTED_TLS_VERSIONS = new TLS[] { TLS.V_1_2, TLS.V_1_1 }; + } + } /** * Initialization method. |