RFR: 8371887: HttpClient: SSLParameters with no protocols configured disable HTTP2+ support [v2]
Jaikiran Pai
jpai at openjdk.org
Tue Nov 25 13:12:23 UTC 2025
On Tue, 25 Nov 2025 12:18:30 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> src/java.net.http/share/classes/jdk/internal/net/http/HttpClientImpl.java line 480:
>>
>>> 478: hasRequiredH3TLS = Arrays.asList(sslProtocols).contains("TLSv1.3");
>>> 479: // HTTP/2 MUST use TLS version 1.2 or higher for HTTP/2 over TLS
>>> 480: hasRequiredH2TLS = hasRequiredH3TLS || Arrays.asList(sslProtocols).contains("TLSv1.2");
>>
>> Hello Daniel, I think if a `HttpClient` is configured with `sslParameters(new SSLParameters())`, then even with this new change in this PR, where we default the `sslProtocols` here to `new String[0]`, `hasRequiredH2TLS` would continue to return `false` right? Thus H2 is still disabled?
>
> Hi Jaikiran, we default the protocols to `sslContext.getDefaultSSLParameters().getProtocols()` which are documented to be always non-null for compliant SSLContext implementations. The fallback to `new String[0]` is only used for non-compliant SSLContexts.
That helped. I understand this change better now. I hadn't paid attention that we are now passing `sslContext.getDefaultSSLParameters().getProtocols()` to the `requireNonNullElseGet` method:
requireNonNullElseGet(sslContext.getDefaultSSLParameters().getProtocols(), ...
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28480#discussion_r2559931418
More information about the net-dev
mailing list