github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-01-15 08:13:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

skipped patch for Java 1.6 & 1.7 if the JRE is at least 1.8 - see issue #523

Browse Source
This commit is contained in:
Jeremy Long
2016-08-11 20:59:26 -04:00
parent 45941adb71
commit 9ea16ad1d1
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dependency-check-utils/src/main/java/org/owasp/dependencycheck/utils/URLConnectionFactory.java
View File

@@ -31,6 +31,8 @@ import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.lang3.JavaVersion;
import org.apache.commons.lang3.SystemUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -189,7 +191,7 @@ public final class URLConnectionFactory {
* @param conn the connection
*/
private static void configureTLS(URL url, HttpURLConnection conn) {
if ("https".equals(url.getProtocol())) {
if ("https".equals(url.getProtocol()) && !SystemUtils.isJavaVersionAtLeast(JavaVersion.JAVA_1_8)) {
try {
final HttpsURLConnection secCon = (HttpsURLConnection) conn;
final SSLSocketFactoryEx factory = new SSLSocketFactoryEx();