[8u] RFR 8234728: Some security tests should support TLSv1.3
Andrew Hughes
gnu.andrew at redhat.com
Mon Jan 25 17:17:57 UTC 2021
On 17:06 Fri 22 Jan , Martin Balao wrote:
> Hi,
>
> I'd like to request a review for the 8u backport of JDK-8234728 [1].
>
> Webrev.00:
>
> *
> http://cr.openjdk.java.net/~mbalao/webrevs/8234728/8234728.webrev.8u.jdk.00/
>
> 11u patch applies cleanly but the following changes were needed for
> tests to work in 8u:
>
> * test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java
> * test/sun/security/ssl/HandshakeHash/HandshakeHashCloneExhaustion.java
> * The 8u backport of SunJSSE does not currently enable TLSv1.3 on the
> client by default. Enable it for the tests (as done with multiple other
> TLSv1.3 tests backported to 8u before).
>
> * test/sun/security/ssl/HandshakeHash/DigestBase.java
> * See an explanation of this change here [2].
>
> No regressions found in tests affected by this patch. Risk for this
> patch is low as only tests are affected.
>
> Note:
> test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java
> introduced by this patch raises an error because it has the '@ignore'
> label. This label is removed by a followup patch that I intend to
> backport to 8u. See JDK-8235874 [3].
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8234728
> [2] -
> https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013350.html
> [3] - https://bugs.openjdk.java.net/browse/JDK-8235874
>
Looks good to me. Thanks for the detailed explanation. Please flag for approval.
--
Andrew :)
Senior Free Java Software Engineer
OpenJDK Package Owner
Red Hat, Inc. (http://www.redhat.com)
PGP Key: ed25519/0xCFDA0F9B35964222 (hkp://keys.gnupg.net)
Fingerprint = 5132 579D D154 0ED2 3E04 C5A0 CFDA 0F9B 3596 4222
More information about the jdk8u-dev
mailing list