From 4d6e6d05d5270a0e81ae12e2583cae9c49667c88 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Fri, 17 Mar 2017 02:01:20 +0100
Subject: Removed duplicate code to configure SSL version ranges.

The duplicate code for configuring default SSL version ranges has
been merged into reusable methods in CryptoUtil.
---
 .../src/com/netscape/cmstools/HttpClient.java      | 24 +++++-----------------
 1 file changed, 5 insertions(+), 19 deletions(-)

(limited to 'base/java-tools/src')

diff --git a/base/java-tools/src/com/netscape/cmstools/HttpClient.java b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
index 6a008bf2c..aa3bd1743 100644
--- a/base/java-tools/src/com/netscape/cmstools/HttpClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
@@ -41,6 +41,7 @@ import org.mozilla.jss.ssl.SSLSocket;
 import org.mozilla.jss.util.Password;
 
 import com.netscape.cmsutil.crypto.CryptoUtil;
+import com.netscape.cmsutil.crypto.CryptoUtil.SSLVersion;
 import com.netscape.cmsutil.util.Utils;
 
 /**
@@ -122,29 +123,14 @@ public class HttpClient {
                 token.login(pass);
 
                 SSLHandshakeCompletedListener listener = new ClientHandshakeCB(this);
-                org.mozilla.jss.ssl.SSLSocket.SSLVersionRange stream_range =
-                    new org.mozilla.jss.ssl.SSLSocket.SSLVersionRange(
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_0,
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
-
-                SSLSocket.setSSLVersionRangeDefault(
-                    org.mozilla.jss.ssl.SSLSocket.SSLProtocolVariant.STREAM,
-                    stream_range);
-
-                org.mozilla.jss.ssl.SSLSocket.SSLVersionRange datagram_range =
-                    new org.mozilla.jss.ssl.SSLSocket.SSLVersionRange(
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_1,
-                        org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
-
-                SSLSocket.setSSLVersionRangeDefault(
-                    org.mozilla.jss.ssl.SSLSocket.SSLProtocolVariant.DATA_GRAM,
-                    datagram_range);
 
+                CryptoUtil.setSSLStreamVersionRange(SSLVersion.TLS_1_0, SSLVersion.TLS_1_2);
+                CryptoUtil.setSSLDatagramVersionRange(SSLVersion.TLS_1_1, SSLVersion.TLS_1_2);
                 CryptoUtil.setClientCiphers();
 
                 sslSocket = new SSLSocket(_host, _port);
-                // setSSLVersionRange needs to be exposed in jss
-                // sslSocket.setSSLVersionRange(org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_0, org.mozilla.jss.ssl.SSLSocket.SSLVersionRange.tls1_2);
+                // SSLSocket.setSSLVersionRange() needs to be exposed in JSS
+                // sslSocket.setSSLVersionRange(SSLVersionRange.tls1_0, SSLVersionRange.tls1_2);
                 sslSocket.addHandshakeCompletedListener(listener);
 
                 CryptoToken tt = cm.getThreadToken();
-- 
cgit