hcq/openGauss-connector-jdbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add sslcontext param to support different ssl context

Browse Source
This commit is contained in:
justbk
2022-09-05 15:28:20 +08:00
committed by justbk
parent 66b0da5a72
commit 6a0f05bd4a
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pgjdbc/src/main/java/org/postgresql/PGProperty.java
View File

@ -198,7 +198,12 @@ public enum PGProperty {
*/ */
SSL_MODE("sslmode", null, "Parameter governing the use of SSL", false, SSL_MODE("sslmode", null, "Parameter governing the use of SSL", false,
"disable", "allow", "prefer", "require", "verify-ca", "verify-full"), "disable", "allow", "prefer", "require", "verify-ca", "verify-full"),
/**
* Context of SSL(SSLContext.getInstance("@code")): empty for TLS,valid values{SSL/SSLv2/SSLv3/TLS/TLSv1/TLSv1.1/TLSv1.2}
*/
SSL_CONTEXT("sslcontext", null, "Control use of SSL Context(SSL, TLS, TLSv1.2, etc)"),
/** /**
* Classname of the SSL Factory to use (instance of {@code javax.net.ssl.SSLSocketFactory}). * Classname of the SSL Factory to use (instance of {@code javax.net.ssl.SSLSocketFactory}).
*/ */

2
pgjdbc/src/main/java/org/postgresql/ssl/DbKeyStoreSocketFactory.java
View File

@ -43,7 +43,7 @@ public abstract class DbKeyStoreSocketFactory extends org.postgresql.ssl.Wrapped
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustfact.init(keys); trustfact.init(keys);
SSLContext ctx = SSLContext.getInstance("SSL"); SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(keyfact.getKeyManagers(), trustfact.getTrustManagers(), null); ctx.init(keyfact.getKeyManagers(), trustfact.getTrustManagers(), null);
_factory = ctx.getSocketFactory(); _factory = ctx.getSocketFactory();
} catch (java.security.GeneralSecurityException gse) { } catch (java.security.GeneralSecurityException gse) {

6
pgjdbc/src/main/java/org/postgresql/ssl/LibPQFactory.java
View File

@ -52,7 +52,11 @@ public class LibPQFactory extends WrappedFactory {
*/ */
public LibPQFactory(Properties info) throws PSQLException { public LibPQFactory(Properties info) throws PSQLException {
try { try {
SSLContext ctx = SSLContext.getInstance("TLS"); // or "SSL" ? String contextConfig = PGProperty.SSL_CONTEXT.get(info);
if (contextConfig == null || "".equals(contextConfig.trim())) {
contextConfig = "TLS";
}
SSLContext ctx = SSLContext.getInstance(contextConfig); // or "SSL" ?
// Determining the default file location // Determining the default file location
String pathsep = System.getProperty("file.separator"); String pathsep = System.getProperty("file.separator");