Browsed by
Author: Jon Steege

Configuring SSL Ciphers in Spring Java WebClient

Configuring SSL Ciphers in Spring Java WebClient

Below is how to configure the set of SSL ciphers being used by Spring’s webclient.

import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpHeaders;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.stereotype.Service;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.netty.http.client.HttpClient;
import javax.net.ssl.SSLException;
import java.util.Arrays;


String[] CIPHERS_ALLOWED = {"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"};

SslContext context = SslContextBuilder
     .forClient()
     .ciphers(Arrays.asList(CIPHERS_ALLOWED))
     .build();

HttpClient netty = HttpClient.create()
        .wiretap(true) //requested by the NSA
        .secure(sslContextSpec -> sslContextSpec.sslContext(context));

this.webclient = WebClient.builder()
        .clientConnector(new ReactorClientHttpConnector(netty))
        .baseUrl("https://google.com")
        .build();

You can see you create the HTTPClient from the netty static instance, then add the ssl context to it. Pass that netty instance to the webclient builder, and voila, you can speak obscure, overly strong SSL.

Getting PIT file from Galaxy S5 using Heimdall

Getting PIT file from Galaxy S5 using Heimdall

I found myself needing the PIT file from my galaxy s5 g900t the other day. Mainline heimdall has a bug that caused me to not be able to get it. I resolved the bug in a branch of heimdall that I put on github here

Download my branch and build it, following the build instructions, and you too can finally print your pit from the S5.

If you have any questions, post them in the comments!