summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Hudson <nick.hudson@isode.com>2013-04-03 10:54:02 (GMT)
committerNick Hudson <nick.hudson@isode.com>2013-04-11 09:19:22 (GMT)
commitb50d3949d81d8cece6c71c2b094297317e584308 (patch)
tree81837d7a977700f590a2ccace53166564b70a4a6 /Makefile
parent00a381a2121fe68d318cddceed32d8bb230935ea (diff)
downloadstroke-b50d3949d81d8cece6c71c2b094297317e584308.zip
stroke-b50d3949d81d8cece6c71c2b094297317e584308.tar.bz2
Provide mechanism to allow clients to restrict available ciphersuites
By default, when a TLS connection is established, the SSLContext will enable all available ciphersuites. This may not be appropriate in situations where export restrictions apply and higher grade ciphersuites are prohibitied. This change allows a caller to configure a restricted set of ciphersuites to be used when establishing TLS connections. Callers use the JSSEContextFactory.setRestrictedCipherSuites() method to configure a list of ciphersuites. Any ciphersuites which are not included in the list will be excluded in subsequent TLS connections. If the JSSEContextFactory.setRestrictedCipherSuites() is never called, or called with a null parameter, then no restriction will apply. Test-information: Validated that by calling the new method to restrict the available ciphers, TLS connections initiated by Stroke only propose ciphersuites in the restricted list, and connections fail when the server fails to find an acceptable cipher. Change-Id: Id0b4b19553a6f386cda27a71f0172410d899218e Signed-off-by: Nick Hudson <nick.hudson@isode.com>
Diffstat (limited to 'Makefile')
0 files changed, 0 insertions, 0 deletions