Initial fix for missing Java 8 ciphers

This adds one specific cipher suite only, which we are using internally to connect to redis over SSL.
jruby · Aug 3, 2018 · eeaf644 · csstaub · Nov 15, 2018 · eeaf644
1 parent 035a5e1
commit eeaf644
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 2 deletions.
diff --git a/jopenssl.tar.gz b/jopenssl.tar.gz
diff --git a/lib/jopenssl/version.rb b/lib/jopenssl/version.rb
@@ -1,5 +1,5 @@
 module Jopenssl
-  VERSION = '0.9.21'
+  VERSION = '0.9.21.ciphers.2'
   BOUNCY_CASTLE_VERSION = '1.56'
   # @deprecated
   module Version

diff --git a/pom.xml b/pom.xml
@@ -11,7 +11,7 @@ DO NOT MODIFIY - GENERATED CODE
   <modelVersion>4.0.0</modelVersion>
   <groupId>rubygems</groupId>
   <artifactId>jruby-openssl</artifactId>
-  <version>0.9.21</version>
+  <version>0.9.21.ciphers.2</version>
   <packaging>gem</packaging>
   <name>JRuby OpenSSL</name>
   <description>JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.</description>

diff --git a/src/main/java/org/jruby/ext/openssl/CipherStrings.java b/src/main/java/org/jruby/ext/openssl/CipherStrings.java
@@ -1794,6 +1794,12 @@ private static Collection<Def> matchingPattern(
             SSL_NOT_EXP|SSL_HIGH, 128, 256, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS
         ));
 
+        SuiteToOSSL.put("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", name = "ECDHE-RSA-AES128-GCM-SHA256");
+        CipherNames.put(name, new Def(name,
+            SSL_kECDHE|SSL_RSA|SSL_AES|SSL_SHA|SSL_TLSV1,
+            SSL_NOT_EXP, 128, 256, SSL_ALL_CIPHERS, SSL_ALL_STRENGTHS
+        ));
+
         SuiteToOSSL.put("TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",   name = "ECDHE-RSA-AES256-SHA384");
 	    CipherNames.put(name, new Def(name,
             SSL_kECDHE|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1,