Revert "Replace invalid default excludedProtocols in HttpsConnectorFa…

…ctory" Refs (#3533) This partially reverts commit 206e858.
dropwizard · Nov 26, 2020 · 0f0706c · 0f0706c
1 parent 5c31917
commit 0f0706c
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java b/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java
@@ -182,7 +182,7 @@
  *     </tr>
  *     <tr>
  *         <td>{@code excludedProtocols}</td>
- *         <td>["SSLv3", "TLSv1", "TLSv1.1"]</td>
+ *         <td>["SSL.*", "TLSv1", "TLSv1\.1"]</td>
  *         <td>
  *             A list of protocols (e.g., {@code SSLv3}, {@code TLSv1}) which are excluded. These
  *             protocols will be refused.
@@ -193,7 +193,7 @@
  *         <td>JVM default</td>
  *         <td>
  *             A list of cipher suites (e.g., {@code TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256}) which
- *             are supported. All other cipher suites will be refused.
+ *             are supported. All other cipher suites will be refused
  *         </td>
  *    </tr>
  *    <tr>
@@ -287,7 +287,7 @@ public class HttpsConnectorFactory extends HttpConnectorFactory {
     private List<String> supportedProtocols;
 
     @Nullable
-    private List<String> excludedProtocols = Arrays.asList("SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1");
+    private List<String> excludedProtocols = Arrays.asList("SSL.*", "TLSv1", "TLSv1\\.1");
 
     @Nullable
     private List<String> supportedCipherSuites;
@@ -762,12 +762,12 @@ protected SslContextFactory configureSslContextFactory(SslContextFactory factory
             factory.setKeyManagerPassword(keyManagerPassword);
         }
 
-        if (needClientAuth != null && factory instanceof SslContextFactory.Server) {
-            ((SslContextFactory.Server) factory).setNeedClientAuth(needClientAuth);
+        if (needClientAuth != null) {
+            factory.setNeedClientAuth(needClientAuth);
         }
 
-        if (wantClientAuth != null && factory instanceof SslContextFactory.Server) {
-            ((SslContextFactory.Server) factory).setWantClientAuth(wantClientAuth);
+        if (wantClientAuth != null) {
+            factory.setWantClientAuth(wantClientAuth);
         }
 
         if (certAlias != null) {