X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FLauncher.java;h=7448151a3bbc3bbef960438d943ad4ae5d100c2e;hb=91bfb697cacaf050e772472f20efea8988acf04a;hp=58758ffad99d1f9bfad4cbf810f42ae7d39ed900;hpb=99ef9ee7f8d4a2332e4f08c7a0b23cc84966f555;p=gigi.git

diff --git a/src/org/cacert/gigi/Launcher.java b/src/org/cacert/gigi/Launcher.java
index 58758ffa..7448151a 100644
--- a/src/org/cacert/gigi/Launcher.java
+++ b/src/org/cacert/gigi/Launcher.java
@@ -9,6 +9,7 @@ import java.security.NoSuchAlgorithmException;
 import java.security.UnrecoverableKeyException;
 import java.security.cert.Certificate;
 import java.util.List;
+import java.util.Locale;
 import java.util.Properties;
 import java.util.TimeZone;
 
@@ -47,7 +48,14 @@ import org.eclipse.jetty.util.ssl.SslContextFactory;
 public class Launcher {
 
     public static void main(String[] args) throws Exception {
+        System.setProperty("jdk.tls.ephemeralDHKeySize", "4096");
+        boot();
+    }
+
+    public static void boot() throws Exception {
+        Locale.setDefault(Locale.ENGLISH);
         TimeZone.setDefault(TimeZone.getTimeZone("UTC"));
+
         GigiConfig conf = GigiConfig.parse(System.in);
         ServerConstants.init(conf.getMainProps());
         initEmails(conf);
@@ -76,6 +84,9 @@ public class Launcher {
                 Log.getLogger(Launcher.class).warn("Couldn't set uid!");
             }
         }
+        if (conf.getMainProps().containsKey("testrunner")) {
+            DevelLauncher.addDevelPage();
+        }
     }
 
     private static ServerConnector createConnector(GigiConfig conf, Server s, HttpConfiguration httpConfig, boolean doHttps) throws GeneralSecurityException, IOException {
@@ -83,7 +94,7 @@ public class Launcher {
         if (doHttps) {
             connector = new ServerConnector(s, createConnectionFactory(conf), new HttpConnectionFactory(httpConfig));
         } else {
-            connector = new ServerConnector(s);
+            connector = new ServerConnector(s, new HttpConnectionFactory(httpConfig));
         }
         connector.setHost(conf.getMainProps().getProperty("host"));
         if (doHttps) {
@@ -194,6 +205,7 @@ public class Launcher {
         servlet.addServlet(webAppServlet, "/*");
         ErrorPageErrorHandler epeh = new ErrorPageErrorHandler();
         epeh.addErrorPage(404, "/error");
+        epeh.addErrorPage(403, "/denied");
         servlet.setErrorHandler(epeh);
 
         HandlerList hl = new HandlerList();
@@ -253,6 +265,7 @@ public class Launcher {
         scf.setRenegotiationAllowed(false);
 
         scf.setProtocol("TLS");
+        scf.setIncludeProtocols("TLSv1", "TLSv1.1", "TLSv1.2");
         scf.setTrustStore(conf.getTrustStore());
         KeyStore privateStore = conf.getPrivateStore();
         scf.setKeyStorePassword(conf.getPrivateStorePw());