RFR JDK-8239595/JDK-8239594 : ssl context version is not respected/jdk.tls.client.protocols is not respected
Sean Mullan
sean.mullan at oracle.com
Thu Mar 26 16:29:50 UTC 2020
I think you should mark one of the two bugs a duplicate. Typically I
mark the more recent one as a duplicate, unless there is a good reason
to do otherwise.
--Sean
On 3/26/20 12:28 PM, Sean Mullan wrote:
> Cross-posting to security-dev as this involves TLS/SSL configuration.
>
> --Sean
>
> On 3/26/20 10:02 AM, rahul.r.yadav at oracle.com wrote:
>> Hello,
>>
>> Request to have my fix reviewed for issues:
>>
>> JDK-8239595 : ssl context version is not respected
>> JDK-8239594 : jdk.tls.client.protocols is not respected
>>
>> The fix updates
>> jdk.internal.net.http.HttpClientImpl.getDefaultParams(SSLContext ctx)
>> to use ctx.getDefaultSSLParameters()instead of
>> ctx.getSupportedSSLParameters(),
>> as the latter does not respect the context parameters set by the user.
>>
>> Issue: https://bugs.openjdk.java.net/browse/JDK-8239595
>> Issue: https://bugs.openjdk.java.net/browse/JDK-8239594
>>
>> Webrev:
>> http://cr.openjdk.java.net/~jboes/rayayada/webrevs/8239595/webrev.00/
>>
>> -- Rahul
More information about the security-dev
mailing list