RFR: [11u] JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
Andrew John Hughes
gnu.andrew at redhat.com
Wed Jan 8 06:46:04 UTC 2020
Bug: https://bugs.openjdk.java.net/browse/JDK-8236039
Webrev: https://cr.openjdk.java.net/~andrew/openjdk11/8236039/webrev.01/
TLS 1.3 allows the status_request extension, but, as the JSSE provider
does not currently support it, it throws an exception. It should instead
simply ignore the extension.
Backporting this fix will increase compatibility with TLS 1.3 clients.
Patch nearly applies cleanly, with the exception of the copyright header
having been previously updated in 15u, but not 11u:
@@ -1,5 +1,5 @@
/*
-- * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights
reserved.
+- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights
reserved.
Ok for 11.0.7?
Thanks,
--
Andrew :)
Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
https://keybase.io/gnu_andrew
More information about the jdk-updates-dev
mailing list