Removed duplicate code to configure SSL version ranges.

The duplicate code for configuring default SSL version ranges has been merged into reusable methods in CryptoUtil.
author: Endi S. Dewata <edewata@redhat.com> 2017-03-17 02:01:20 +0100
committer: Endi S. Dewata <edewata@redhat.com> 2017-03-17 16:17:03 +0100
commit: 4d6e6d05d5270a0e81ae12e2583cae9c49667c88 (patch)
tree: 474a48ab4a679ed6e55a5c2f8ccd4fb6c8e01cab /base/java-tools/src/com/netscape
parent: 9c0fb168900913a8249745a0185af1859c715571 (diff)
download: pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.tar.gz
pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.tar.xz
pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.zip
1 files changed, 5 insertions, 19 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/HttpClient.java b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
index 6a008bf2c..aa3bd1743 100644
--- a/base/java-tools/src/com/netscape/cmstools/HttpClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
@@ -41,6 +41,7 @@ import org.mozilla.jss.ssl.SSLSocket;
 import org.mozilla.jss.util.Password;
 
 import com.netscape.cmsutil.crypto.CryptoUtil;
+import com.netscape.cmsutil.crypto.CryptoUtil.SSLVersion;
 import com.netscape.cmsutil.util.Utils;
 
 /**
@@ -122,29 +123,14 @@ public class HttpClient {
                 token.login(pass);
 
                 SSLHandshakeCompletedListener listener = new ClientHandshakeCB(this);
-                org.mozilla.jss.ssl.SSLSocket.SSLVersionRange stream_range =
-                    new org.mozilla.jss.ssl.SSLSocket.SSLVersionRange(
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_0,
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
-
-                SSLSocket.setSSLVersionRangeDefault(
-                    org.mozilla.jss.ssl.SSLSocket.SSLProtocolVariant.STREAM,
-                    stream_range);
-
-                org.mozilla.jss.ssl.SSLSocket.SSLVersionRange datagram_range =
-                    new org.mozilla.jss.ssl.SSLSocket.SSLVersionRange(
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_1,
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
-
-                SSLSocket.setSSLVersionRangeDefault(
-                    org.mozilla.jss.ssl.SSLSocket.SSLProtocolVariant.DATA_GRAM,
-                    datagram_range);
 
+                CryptoUtil.setSSLStreamVersionRange(SSLVersion.TLS_1_0, SSLVersion.TLS_1_2);
+                CryptoUtil.setSSLDatagramVersionRange(SSLVersion.TLS_1_1, SSLVersion.TLS_1_2);
                 CryptoUtil.setClientCiphers();
 
                 sslSocket = new SSLSocket(_host, _port);
-                // setSSLVersionRange needs to be exposed in jss
-                // sslSocket.setSSLVersionRange(org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_0, org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
+                // SSLSocket.setSSLVersionRange() needs to be exposed in JSS
+                // sslSocket.setSSLVersionRange(SSLVersionRange.tls1_0, SSLVersionRange.tls1_2);
                 sslSocket.addHandshakeCompletedListener(listener);
 
                 CryptoToken tt = cm.getThreadToken();
author	Endi S. Dewata <edewata@redhat.com>	2017-03-17 02:01:20 +0100
committer	Endi S. Dewata <edewata@redhat.com>	2017-03-17 16:17:03 +0100
commit	4d6e6d05d5270a0e81ae12e2583cae9c49667c88 (patch)
tree	474a48ab4a679ed6e55a5c2f8ccd4fb6c8e01cab /base/java-tools/src/com/netscape
parent	9c0fb168900913a8249745a0185af1859c715571 (diff)
download	pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.tar.gz pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.tar.xz pki-4d6e6d05d5270a0e81ae12e2583cae9c49667c88.zip