Disable SSlv2ClientHello by default, close AsyncHttpClient#934

Author: slandelle

api/src/main/java/org/asynchttpclient/AsyncHttpClientConfig.java

@@ -605,7 +605,7 @@ public static class Builder {
         private int maxRequestRetry = defaultMaxRequestRetry();
         private boolean disableUrlEncodingForBoundRequests = defaultDisableUrlEncodingForBoundRequests();
         private int ioThreadMultiplier = defaultIoThreadMultiplier();
-        private String[] enabledProtocols;
+        private String[] enabledProtocols = defaultEnabledProtocols();
         private String[] enabledCipherSuites;
         private Integer sslSessionCacheSize = defaultSslSessionCacheSize();
         private Integer sslSessionTimeout = defaultSslSessionTimeout();

api/src/main/java/org/asynchttpclient/channel/SSLEngineFactory.java

@@ -13,6 +13,8 @@
  */
 package org.asynchttpclient.channel;
 
+import static org.asynchttpclient.util.MiscUtils.isNonEmpty;
+
 import java.security.GeneralSecurityException;
 
 import javax.net.ssl.SSLContext;
@@ -55,10 +57,10 @@ public SSLEngine newSSLEngine(String peerHost, int peerPort) throws GeneralSecur
             }
             sslEngine.setUseClientMode(true);
 
-            if (config.getEnabledProtocols() != null)
+            if (isNonEmpty(config.getEnabledProtocols()))
                 sslEngine.setEnabledProtocols(config.getEnabledProtocols());
 
-            if (config.getEnabledCipherSuites() != null)
+            if (isNonEmpty(config.getEnabledCipherSuites()))
                 sslEngine.setEnabledCipherSuites(config.getEnabledCipherSuites());
 
             return sslEngine;

api/src/main/java/org/asynchttpclient/config/AsyncHttpClientConfigDefaults.java

@@ -70,6 +70,10 @@ public static String defaultUserAgent() {
     public static int defaultIoThreadMultiplier() {
         return AsyncHttpClientConfigHelper.getAsyncHttpClientConfig().getInt(ASYNC_CLIENT_CONFIG_ROOT + "ioThreadMultiplier");
     }
+    
+    public static String[] defaultEnabledProtocols() {
+        return AsyncHttpClientConfigHelper.getAsyncHttpClientConfig().getStringArray(ASYNC_CLIENT_CONFIG_ROOT + "enabledProtocols");
+    }
 
     public static boolean defaultUseProxySelector() {
         return AsyncHttpClientConfigHelper.getAsyncHttpClientConfig().getBoolean(ASYNC_CLIENT_CONFIG_ROOT + "useProxySelector");

api/src/main/java/org/asynchttpclient/config/AsyncHttpClientConfigHelper.java

@@ -73,6 +73,15 @@ public String apply(String key) {
             });
         }
 
+        public String[] getStringArray(String key) {
+            String s = getString(key);
+            String[] rawArray = s.split(",");
+            String[] array = new String[rawArray.length];
+            for (int i = 0; i < rawArray.length; i++)
+                array[i] = rawArray[i].trim();
+            return array;
+        }
+        
         public int getInt(String key) {
             return Integer.parseInt(getString(key));
         }

api/src/main/resources/ahc-default.properties

@@ -11,6 +11,7 @@ org.asynchttpclient.maxRedirects=5
 org.asynchttpclient.compressionEnforced=false
 org.asynchttpclient.userAgent=NING/1.0
 org.asynchttpclient.ioThreadMultiplier=2
+org.asynchttpclient.enabledProtocols=TLSv1.2, TLSv1.1, TLSv1
 org.asynchttpclient.useProxySelector=false
 org.asynchttpclient.useProxyProperties=false
 org.asynchttpclient.strict302Handling=false