From dc6ac495aff03d13f0b830de6cdc29d509534206 Mon Sep 17 00:00:00 2001 From: James Moger Date: Fri, 29 Mar 2013 16:39:16 -0400 Subject: [PATCH] Disable SNI extensions for client SSL connections --- releases.moxie | 1 + src/main/java/com/gitblit/utils/ConnectionUtils.java | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/releases.moxie b/releases.moxie index 0f5aa115..15c7da9b 100644 --- a/releases.moxie +++ b/releases.moxie @@ -10,6 +10,7 @@ r17: { fixes: - Could not reset settings with $ or { characters through Gitblit Manager because they are not properly escaped - Added more error checking to blob page and blame page + - Disable SNI extensions for client SSL connections - Fix NPE when getting user's fork without repository list caching (issue 182) - Fix internal error on folder history links (issue 192) - Fixed incorrect icon file name for .doc files (issue 200) diff --git a/src/main/java/com/gitblit/utils/ConnectionUtils.java b/src/main/java/com/gitblit/utils/ConnectionUtils.java index f0b41118..feeedd21 100644 --- a/src/main/java/com/gitblit/utils/ConnectionUtils.java +++ b/src/main/java/com/gitblit/utils/ConnectionUtils.java @@ -61,6 +61,10 @@ public class ConnectionUtils { SSL_CONTEXT = context; HOSTNAME_VERIFIER = new DummyHostnameVerifier(); CHARSET = "UTF-8"; + + // Disable Java 7 SNI checks + // http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0 + System.setProperty("jsse.enableSNIExtension", "false"); } public static void setAuthorization(URLConnection conn, String username, char[] password) { -- 2.39.5