[jdk17u-dev] RFR: 8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled

Goetz Lindenmaier goetz at openjdk.org
Mon Sep 1 12:16:04 UTC 2025


I would like to backport this to 17, too.  The backport is based on the push to 21.

I had to resolve larger chunks in CertificateMessage.java

Also, I had to adapt the tests as https://bugs.openjdk.org/browse/JDK-8282723 "Add constructors taking a cause to JSSE exceptions" is not in 17 and the message text reads differently.

For each there is an extra commit.

-------------

Commit messages:
 - Adapt test to exc message in 17
 - resolved chunks
 - backport abb23828f9dc5f4cdb75d5b924dd6f45925102cd

Changes: https://git.openjdk.org/jdk17u-dev/pull/3879/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk17u-dev&pr=3879&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8350807
  Stats: 486 lines in 16 files changed: 300 ins; 132 del; 54 mod
  Patch: https://git.openjdk.org/jdk17u-dev/pull/3879.diff
  Fetch: git fetch https://git.openjdk.org/jdk17u-dev.git pull/3879/head:pull/3879

PR: https://git.openjdk.org/jdk17u-dev/pull/3879


More information about the jdk-updates-dev mailing list