#934 MongoDB - Atlas connectivity settings

Former-commit-id: 8786a8fa

#934 MongoDB - Atlas connectivity settings
Former-commit-id: 8786a8fa
88712127 · serge-rider · cd95c56f · 88712127
显示空白变更内容
内联并排

Showing with 8 addition and 1 deletion

plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java ...kiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java +8 -1

未找到文件。
--- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java
+++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/net/SSLHandlerTrustStoreImpl.java
@@ -43,8 +43,12 @@ public class SSLHandlerTrustStoreImpl extends SSLHandlerImpl {
    public static final String PROP_SSL_SELF_SIGNED_CERT = "ssl.self-signed-cert";
    public static final String PROP_SSL_KEYSTORE = "ssl.keystore";
    public static final String PROP_SSL_METHOD = "ssl.method";
+    public static final String PROP_SSL_FORCE_TLS12 = "ssl.forceTls12";
    public static final String CERT_TYPE = "ssl";

+    public static final String TLS_PROTOCOL_VAR_NAME = "jdk.tls.client.protocols";
+    public static final String TLS_1_2_VERSION = "TLSv1.2";
+
    /**
     * Creates certificates and adds them into trust store
     */
@@ -115,7 +119,10 @@ public class SSLHandlerTrustStoreImpl extends SSLHandlerImpl {
            trustManagers = trustManagerFactory.getTrustManagers();
        }

-        SSLContext sslContext = SSLContext.getInstance("SSL");
+        final boolean forceTLS12 = sslConfig.getBooleanProperty(PROP_SSL_FORCE_TLS12);
+
+
+        SSLContext sslContext = forceTLS12 ? SSLContext.getInstance(TLS_1_2_VERSION) : SSLContext.getInstance("SSL");
        sslContext.init(keyManagers, trustManagers, new SecureRandom());
        return sslContext;
    }