RFR: [11u] JDK-8236039: JSSE Client does not accept status_request extension in CertificateRequest messages for TLS 1.3
Andrew John Hughes
gnu.andrew at redhat.com
Wed Jan 15 19:18:00 UTC 2020
On 08/01/2020 06:46, Andrew John Hughes wrote:
> Bug: https://bugs.openjdk.java.net/browse/JDK-8236039
> Webrev: https://cr.openjdk.java.net/~andrew/openjdk11/8236039/webrev.01/
>
> TLS 1.3 allows the status_request extension, but, as the JSSE provider
> does not currently support it, it throws an exception. It should instead
> simply ignore the extension.
>
> Backporting this fix will increase compatibility with TLS 1.3 clients.
>
> Patch nearly applies cleanly, with the exception of the copyright header
> having been previously updated in 15u, but not 11u:
>
> @@ -1,5 +1,5 @@
> /*
> -- * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights
> reserved.
> +- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
> + * Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights
> reserved.
>
> Ok for 11.0.7?
>
> Thanks,
>
Ping?
Thanks,
--
Andrew :)
Senior Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
https://keybase.io/gnu_andrew
More information about the jdk-updates-dev
mailing list