enable all available protocols as a default #209

2 files changed, 15 insertions, 10 deletions

diff --git a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
index 8a92874..3b3d019 100644
--- a/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
+++ b/core/src/main/java/fi/iki/elonen/NanoHTTPD.java
@@ -33,6 +33,7 @@ package fi.iki.elonen;
  * #L%
  */
 
+import java.io.BufferedInputStream;
 import java.io.BufferedReader;
 import java.io.BufferedWriter;
 import java.io.ByteArrayInputStream;
@@ -49,7 +50,6 @@ import java.io.InputStreamReader;
 import java.io.OutputStream;
 import java.io.OutputStreamWriter;
 import java.io.PrintWriter;
-import java.io.BufferedInputStream;
 import java.io.RandomAccessFile;
 import java.io.UnsupportedEncodingException;
 import java.net.InetAddress;
@@ -1648,6 +1648,8 @@ public abstract class NanoHTTPD {
 
     private SSLServerSocketFactory sslServerSocketFactory;
 
+    private String[] sslProtocols;
+
     private Thread myThread;
 
     /**
@@ -1804,8 +1806,9 @@ public abstract class NanoHTTPD {
     /**
      * Call before start() to serve over HTTPS instead of HTTP
      */
-    public void makeSecure(SSLServerSocketFactory sslServerSocketFactory) {
+    public void makeSecure(SSLServerSocketFactory sslServerSocketFactory, String[] sslProtocols) {
         this.sslServerSocketFactory = sslServerSocketFactory;
+        this.sslProtocols = sslProtocols;
     }
 
     /**
@@ -1941,11 +1944,11 @@ public abstract class NanoHTTPD {
     public void start(final int timeout, boolean daemon) throws IOException {
         if (this.sslServerSocketFactory != null) {
             SSLServerSocket ss = (SSLServerSocket) this.sslServerSocketFactory.createServerSocket();
-            ss.setEnabledProtocols(new String[]{
-                "TLSv1",
-                "TLSv1.1",
-                "SSLv3"
-            });
+            if (this.sslProtocols != null) {
+                ss.setEnabledProtocols(this.sslProtocols);
+            } else {
+                ss.setEnabledProtocols(ss.getSupportedProtocols());
+            }
             ss.setUseClientMode(false);
             ss.setWantClientAuth(false);
             ss.setNeedClientAuth(false);
diff --git a/core/src/test/java/fi/iki/elonen/HttpSSLServerTest.java b/core/src/test/java/fi/iki/elonen/HttpSSLServerTest.java
index 4923cca..f6b1999 100644
--- a/core/src/test/java/fi/iki/elonen/HttpSSLServerTest.java
+++ b/core/src/test/java/fi/iki/elonen/HttpSSLServerTest.java
@@ -36,12 +36,11 @@ package fi.iki.elonen;
 import java.io.File;
 import java.io.IOException;
 
-import javax.net.ssl.SSLServerSocketFactory;
+import javax.net.ssl.SSLContext;
 
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.ClientProtocolException;
-import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpTrace;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.junit.After;
@@ -58,13 +57,16 @@ public class HttpSSLServerTest extends HttpServerTest {
         HttpResponse response = httpclient.execute(httphead);
         HttpEntity entity = response.getEntity();
         Assert.assertEquals(200, response.getStatusLine().getStatusCode());
+        
+        Assert.assertEquals(9043, this.testServer.getListeningPort());
+        Assert.assertTrue(this.testServer.isAlive());
     }
 
     @Before
     public void setUp() throws Exception {
         System.setProperty("javax.net.ssl.trustStore", new File("src/test/resources/keystore.jks").getAbsolutePath());
         this.testServer = new TestServer(9043);
-        this.testServer.makeSecure(NanoHTTPD.makeSSLSocketFactory("/keystore.jks", "password".toCharArray()));
+        this.testServer.makeSecure(NanoHTTPD.makeSSLSocketFactory("/keystore.jks", "password".toCharArray()), null);
         this.tempFileManager = new TestTempFileManager();
         this.testServer.start();
         try {