X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FLauncher.java;h=7448151a3bbc3bbef960438d943ad4ae5d100c2e;hb=91bfb697cacaf050e772472f20efea8988acf04a;hp=983c18dcd03fbff23b632e840328849697bfb713;hpb=e87392fd58e9152531a8d1cb34cb46e370062108;p=gigi.git diff --git a/src/org/cacert/gigi/Launcher.java b/src/org/cacert/gigi/Launcher.java index 983c18dc..7448151a 100644 --- a/src/org/cacert/gigi/Launcher.java +++ b/src/org/cacert/gigi/Launcher.java @@ -48,8 +48,14 @@ import org.eclipse.jetty.util.ssl.SslContextFactory; public class Launcher { public static void main(String[] args) throws Exception { + System.setProperty("jdk.tls.ephemeralDHKeySize", "4096"); + boot(); + } + + public static void boot() throws Exception { Locale.setDefault(Locale.ENGLISH); TimeZone.setDefault(TimeZone.getTimeZone("UTC")); + GigiConfig conf = GigiConfig.parse(System.in); ServerConstants.init(conf.getMainProps()); initEmails(conf); @@ -78,6 +84,9 @@ public class Launcher { Log.getLogger(Launcher.class).warn("Couldn't set uid!"); } } + if (conf.getMainProps().containsKey("testrunner")) { + DevelLauncher.addDevelPage(); + } } private static ServerConnector createConnector(GigiConfig conf, Server s, HttpConfiguration httpConfig, boolean doHttps) throws GeneralSecurityException, IOException { @@ -196,6 +205,7 @@ public class Launcher { servlet.addServlet(webAppServlet, "/*"); ErrorPageErrorHandler epeh = new ErrorPageErrorHandler(); epeh.addErrorPage(404, "/error"); + epeh.addErrorPage(403, "/denied"); servlet.setErrorHandler(epeh); HandlerList hl = new HandlerList(); @@ -255,6 +265,7 @@ public class Launcher { scf.setRenegotiationAllowed(false); scf.setProtocol("TLS"); + scf.setIncludeProtocols("TLSv1", "TLSv1.1", "TLSv1.2"); scf.setTrustStore(conf.getTrustStore()); KeyStore privateStore = conf.getPrivateStore(); scf.setKeyStorePassword(conf.getPrivateStorePw());