[jdk11u-dev] RFR: 8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated
Andrew John Hughes
andrew at openjdk.org
Mon Dec 22 18:59:27 UTC 2025
On Wed, 3 Dec 2025 15:10:30 GMT, Radek Cap <duke at openjdk.org> wrote:
> Backport of JDK-8301379 - Verify TLS_ECDH_* cipher suites cannot be negotiated
>
> Backporting for parity with 11.0.26-oracle.
>
> More or less a clean backport, just adding merge with the current jdk11u-dev repo state.
>
> Passed tier1 tests.
> Passed gtests.
>
> GH Actions are passing
Common failure is:
~~~
/home/andrew/projects/openjdk/upstream/jdk11u-dev/test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java:59: error: cannot find symbol
public static final SSLContextTemplate.Cert[] CERTIFICATES = {
^
symbol: class Cert
location: interface SSLContextTemplate
/home/andrew/projects/openjdk/upstream/jdk11u-dev/test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java:239: error: no interface expected here
static class SSLServer extends SSLContextTemplate implements Runnable, AutoCloseable {
~~~
These tests rely on a newer `SSLContextTemplate` than is in 11u and need to be adapted to what is in 11u.
-------------
PR Comment: https://git.openjdk.org/jdk11u-dev/pull/3128#issuecomment-3683647356
More information about the jdk-updates-dev
mailing list