From dae253973db482b94ca3a74155788382d0c01c6c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mariusz=20=C4=86wik=C5=82a?= <mariuszcwikla@gmail.com>
Date: Thu, 26 Nov 2020 10:43:06 +0100
Subject: [PATCH] Fix Java::JavaLang::StringIndexOutOfBoundsException on
 ctx.cipher=[]

---
 src/main/java/org/jruby/ext/openssl/CipherStrings.java | 6 ++++--
 src/test/ruby/ssl/test_context.rb                      | 8 ++++++++
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/jruby/ext/openssl/CipherStrings.java b/src/main/java/org/jruby/ext/openssl/CipherStrings.java
index c626fd9b..afda2819 100644
--- a/src/main/java/org/jruby/ext/openssl/CipherStrings.java
+++ b/src/main/java/org/jruby/ext/openssl/CipherStrings.java
@@ -512,8 +512,10 @@ static Collection<Def> matchingCiphers(final String cipherString, final String[]
             }
 
             int index = 0;
-            switch ( part.charAt(0) ) {
-                case '!': case '+': case '-': index++; break;
+            if (part.length() > 0) {
+                switch ( part.charAt(0) ) {
+                    case '!': case '+': case '-': index++; break;
+                }
             }
 
             final Collection<Def> matching;
diff --git a/src/test/ruby/ssl/test_context.rb b/src/test/ruby/ssl/test_context.rb
index 9d6158d5..ee15e0c3 100644
--- a/src/test/ruby/ssl/test_context.rb
+++ b/src/test/ruby/ssl/test_context.rb
@@ -178,4 +178,12 @@ def test_context_ciphers
     assert_equal [], diff
   end unless java7? # would need to filter out stuff such as ECDHE-RSA-AES128-GCM-SHA256
 
+  def test_set_ciphers_empty_array
+    context = OpenSSL::SSL::SSLContext.new
+    ex = assert_raise(OpenSSL::SSL::SSLError) do
+      context.ciphers = []
+    end
+    assert_equal "no cipher match", ex.message
+  end
+
 end