RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v14]

Artur Barashev abarashev at openjdk.org
Mon Aug 25 16:01:13 UTC 2025 

On Mon, 25 Aug 2025 13:34:51 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:

>> Hi,
>> 
>> Please find here a PR for the implementation of [JEP 517: HTTP/3 for the HTTP Client API](https://openjdk.org/jeps/517).
>> 
>> The CSR can be viewed at [JDK-8350588: Implement JEP 517: HTTP/3 for the HTTP Client API](https://bugs.openjdk.org/browse/JDK-8350588)
>> 
>> This JEP proposes to enhance the HttpClient implementation to support HTTP/3.
>> It adds a non-exposed / non-exported internal implementation of the QUIC protocol based on DatagramChannel and the SunJSSE SSLContext provider.
>
> Daniel Fuchs has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 628 commits:
> 
>  - merge latest changes from master branch
>  - http3: minor code cleanup
>  - http3: HeadersLowerCaseTest.java should close the clients it creates
>  - http3: add missing copyright in Http3ConnectionAccess and make the class final
>  - http3: improved test coverage for ImmutableSSLSession
>  - http3: make sure that abandonned HTTP/2 connections are closed
>  - http3: CustomRequestPublisher.java test should take into account server config
>  - Add QUIC support to SunX509 key manager, update copyrights
>  - Move getAlgorithmConstraints to X509KeyManagerCertChecking, update to match surrounding code
>  - Mark H3ErrorHndlingTest as intermittent
>  - ... and 618 more: https://git.openjdk.org/jdk/compare/ae0dac43...719f471d

src/java.base/share/classes/sun/security/ssl/X509KeyManagerCertChecking.java line 198:

> 196: 
> 197:     // Gets algorithm constraints of QUIC TLS engine.
> 198:     protected AlgorithmConstraints getAlgorithmConstraints(QuicTLSEngineImpl engine) {

Nit: To keep things consistent, let's move QuicTLSEngineImpl-specific methods under SSLEngine-specific methods here and in both key managers. Same as in `SSLAlgorithmConstraints`.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2298492609

More information about the security-dev mailing list