[jdk21u-dev] Integrated: 8328638: Fallback option for POST-only OCSP requests
Aleksey Shipilev
shade at openjdk.org
Thu Apr 4 16:11:19 UTC 2024
On Wed, 27 Mar 2024 15:28:36 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> Improves JDK OCSP compatibility with some real world OCSP responders. Starts to be a problem since JDK 17 introduced GET OCSP requests. The default behavior is not changed.
>
> The backports are almost clean, I just had to add the import for `Locale` in one of the files. It is added in mainline by [JDK-8312443](https://bugs.openjdk.org/browse/JDK-8312443), which I do not want to backport at the moment, as it changes existing security code.
>
> Additional testing:
> - [x] `jdk_security` pass, including new test cases
This pull request has now been integrated.
Changeset: fbc5871c
Author: Aleksey Shipilev <shade at openjdk.org>
URL: https://git.openjdk.org/jdk21u-dev/commit/fbc5871c084bd90f926358d1f49dfeaee06e1a52
Stats: 128 lines in 5 files changed: 123 ins; 0 del; 5 mod
8328638: Fallback option for POST-only OCSP requests
8329213: Better validation for com.sun.security.ocsp.useget option
Reviewed-by: serb
Backport-of: 614db2ea9e10346475eef34629eab54878aa482d
-------------
PR: https://git.openjdk.org/jdk21u-dev/pull/413
More information about the jdk-updates-dev
mailing list