Attachment #252494 for bug #464737

Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Lines 281-286 Link Here

(-)a/rse/plugins/org.eclipse.dstore.core/src/org/eclipse/dstore/core/server/ConnectionEstablisher.java (+51 lines)
281	// for security, enable only ciphers and protocols that are common	281	// for security, enable only ciphers and protocols that are common
282	enableCiphers(sslServerSocket);	282	enableCiphers(sslServerSocket);
283	enableProtocols(sslServerSocket);	283	enableProtocols(sslServerSocket);
		284
		285	logAvailableCiphersAndProtocols(sslServerSocket);
284	}	286	}
285		287
286	Socket newSocket = _serverSocket.accept();	288	Socket newSocket = _serverSocket.accept();
Lines 612-617 Link Here
612	}	614	}
613	writer.println(version);	615	writer.println(version);
614	writer.flush();	616	writer.flush();
		617
		618	if (socket instanceof SSLSocket){ // log the protocol and cipher suite used
		619	SSLSocket sslSocket = (SSLSocket)socket;
		620	SSLSession session = sslSocket.getSession();
		621	String protocol = session.getProtocol();
		622	String cipherSuite = session.getCipherSuite();
		623	IServerLogger logger = _dataStore.getClient().getLogger();
		624
		625	String cn = getClass().toString();
		626
		627	logger.logInfo(cn, "SSL/TLS Protocol: "+protocol); //$NON-NLS-1$
		628	logger.logInfo(cn, "SSL/TLS Cipher Suite: " + cipherSuite); //$NON-NLS-1$
		629	}
615	}	630	}
616	catch (IOException e)	631	catch (IOException e)
617	{	632	{
Lines 623-628 Link Here
623		638
624	}	639	}
625		640
		641
		642
		643	private void logAvailableCiphersAndProtocols(SSLServerSocket sslSocket){
		644	IServerLogger logger = _dataStore.getClient().getLogger();
		645
		646	String cn = getClass().toString();
		647	// list the supported and available ciphers and protocols
		648	logger.logDebugMessage(cn, "SSL/TLS Enabled Cipher Suites:"); //$NON-NLS-1$
		649	String[] enabledSuites = sslSocket.getEnabledCipherSuites();
		650	for (int i = 0; i < enabledSuites.length; i++){
		651	String suite = enabledSuites[i];
		652	logger.logDebugMessage(cn, '\t' + suite);
		653	}
		654
		655	String[] supportedSuites = sslSocket.getSupportedCipherSuites();
		656	logger.logDebugMessage(cn, "SSL/TLS Supported Cipher Suites:"); //$NON-NLS-1$
		657	for (int i = 0; i < supportedSuites.length; i++){
		658	String suite = supportedSuites[i];
		659	logger.logDebugMessage(cn, '\t' + suite);
		660	}
		661
		662	String[] enabledProtocols = sslSocket.getEnabledProtocols();
		663	logger.logDebugMessage(cn, "SSL/TLS Enabled Protocols:"); //$NON-NLS-1$
		664	for (int i = 0; i < enabledProtocols.length; i++){
		665	String eprotocol = enabledProtocols[i];
		666	logger.logDebugMessage(cn, '\t' + eprotocol);
		667	}
		668
		669	String[] supportedProtocols = sslSocket.getSupportedProtocols();
		670	logger.logDebugMessage(cn, "SSL/TLS Supported Protocols:"); //$NON-NLS-1$
		671	for (int i = 0; i < supportedProtocols.length; i++){
		672	String sprotocol = supportedProtocols[i];
		673	logger.logDebugMessage(cn, '\t' + sprotocol);
		674	}
		675	}
		676
626	/**	677	/**
627	* Specify cipher patterns to be disabled when using SSL sockets	678	* Specify cipher patterns to be disabled when using SSL sockets
628	* @param cipherPatterns regex patterns of ciphers to disable	679	* @param cipherPatterns regex patterns of ciphers to disable

Return to bug 464737