From: Dave B. <bla...@us...> - 2013-03-14 13:50:15
|
Update of /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util In directory sfp-cvs-1.v30.ch3.sourceforge.com:/tmp/cvs-serv12422/src/org/sblim/cimclient/internal/util Modified Files: Util.java WBEMConfiguration.java Log Message: 2618 Need to add property to disable weak cipher suites for the secure indication Index: Util.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/Util.java,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- Util.java 15 Nov 2012 14:46:05 -0000 1.5 +++ Util.java 14 Mar 2013 13:50:13 -0000 1.6 @@ -1,5 +1,5 @@ /** - * (C) Copyright IBM Corp. 2006, 2012 + * (C) Copyright IBM Corp. 2006, 2013 * * THIS FILE IS PROVIDED UNDER THE TERMS OF THE ECLIPSE PUBLIC LICENSE * ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THIS FILE @@ -16,11 +16,14 @@ * 2003590 2008-06-30 blaschke-oss Change licensing from CPL to EPL * 2524131 2009-01-21 raman_arora Upgrade client to JDK 1.5 (Phase 1) * 3572993 2012-10-01 blaschke-oss parseDouble("2.2250738585072012e-308") DoS vulnerability + * 2618 2013-02-27 blaschke-oss Need to add property to disable weak cipher suites for the secure indication */ package org.sblim.cimclient.internal.util; import java.math.BigDecimal; +import java.util.StringTokenizer; +import java.util.Vector; /** * Class Util is responsible for storing commonly used static methods. @@ -74,4 +77,42 @@ // Do not use string if min < value < max return (min.compareTo(val) < 0 && max.compareTo(val) > 0); } + + /** + * Filters any elements listed in <code>pIgnoreElements</code> out of + * <code>pArray</code> and returns the updated array. For example, if + * <code>pArray = {"A", "B", "C", "D", "E", "F", "G"}</code> and + * <code>pIgnoreElements = "D,E,B"</code> then this method returns + * <code>{"A", "C", "F", "G"}</code>. + * + * @param pArray + * Original string array. + * @param pIgnoreElements + * Comma-separated list of array elements to ignore. + * @return Updated string array. + */ + public static String[] getFilteredStringArray(String[] pArray, String pIgnoreElements) { + int i, j; + + if (pArray == null || pArray.length == 0 || pIgnoreElements == null + || pIgnoreElements.length() == 0) return pArray; + + Vector<String> vecIgnore = new Vector<String>(); + StringTokenizer strtok = new StringTokenizer(pIgnoreElements, ","); + while (strtok.hasMoreElements()) { + String str = ((String) strtok.nextElement()).trim(); + if (str.length() > 0) vecIgnore.add(str); + } + + if (vecIgnore.size() == 0) return pArray; + + Vector<String> vecNew = new Vector<String>(); + for (i = 0; i < pArray.length; i++) { + for (j = 0; j < vecIgnore.size(); j++) + if (pArray[i].equalsIgnoreCase(vecIgnore.elementAt(j))) break; + if (j >= vecIgnore.size()) vecNew.add(pArray[i]); + } + + return vecNew.toArray(new String[0]); + } } Index: WBEMConfiguration.java =================================================================== RCS file: /cvsroot/sblim/jsr48-client/src/org/sblim/cimclient/internal/util/WBEMConfiguration.java,v retrieving revision 1.47 retrieving revision 1.48 diff -u -d -r1.47 -r1.48 --- WBEMConfiguration.java 6 Feb 2013 14:05:05 -0000 1.47 +++ WBEMConfiguration.java 14 Mar 2013 13:50:13 -0000 1.48 @@ -45,6 +45,7 @@ * 3572993 2012-10-01 blaschke-oss parseDouble("2.2250738585072012e-308") DoS vulnerability * 3576396 2012-10-11 blaschke-oss Improve logging of config file name * 3598613 2013-01-11 blaschke-oss different data type in cim instance and cim object path + * 2618 2013-02-27 blaschke-oss Need to add property to disable weak cipher suites for the secure indication */ package org.sblim.cimclient.internal.util; @@ -759,6 +760,15 @@ } /** + * Returns the comma-separated list of cipher suites to be disabled. + * + * @return The list of cipher suites + */ + public String getSslCipherSuitesToDisable() { + return getProperty(WBEMConfigurationProperties.SSL_CIPHER_SUITES_TO_DISABLE, null); + } + + /** * Returns the number of retries the client will attempt when the connection * was refused. * |