Make the TLSv1.3 check more robust and not depend on the Java version…#10409
Merged
normanmaurer merged 2 commits into4.1from Jul 17, 2020
Merged
Make the TLSv1.3 check more robust and not depend on the Java version…#10409normanmaurer merged 2 commits into4.1from
normanmaurer merged 2 commits into4.1from
Conversation
Member
Author
|
This is related to having TLSv1.3 shipped as part of OracleJDK 1.8u262: |
… to detect if its supported or not Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
6f7f3b3 to
32f0fb9
Compare
ejona86
reviewed
Jul 16, 2020
Member
Author
|
Addressed all comments.... PTAL |
ejona86
approved these changes
Jul 16, 2020
normanmaurer
added a commit
that referenced
this pull request
Jul 17, 2020
#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
Kvicii
pushed a commit
to Kvicii/netty
that referenced
this pull request
Jul 20, 2020
* '4.1-read' of github.com:Kvicii/netty: (43 commits) Make the TLSv1.3 check more robust and not depend on the Java version… (netty#10409) Reduce the scope of synchronized block in PoolArena (netty#10410) Add IndexOutOfBoundsException error message (netty#10405) Add default handling for switch statement (netty#10408) Review PooledByteBufAllocator in respect of jemalloc 4.x changes and update allocate algorithm.(netty#10267) Support session cache for client and server when using native SSLEngine implementation (netty#10331) Simple fix typo (netty#10403) Eliminate a redundant method call in HpackDynamicTable.add(...) (netty#10399) jdk.tls.client.enableSessionTicketExtension must be respected by OPENSSL and OPENSSL_REFCNT SslProviders (netty#10401) 重新编译4.1分支 [maven-release-plugin] prepare for next development iteration [maven-release-plugin] prepare release netty-4.1.51.Final Correctly return NEED_WRAP if we produced some data even if we could not consume any during SSLEngine.wrap(...) (netty#10396) Modify OpenSSL native library loading to accommodate GraalVM (netty#10395) Update to netty-tcnative 2.0.31.Final and make SslErrorTest more robust (netty#10392) Add option to HttpObjectDecoder to allow duplicate Content-Lengths (netty#10349) Add detailed error message corresponding to the IndexOutOfBoundsException while calling getEntry(...) (netty#10386) Do not report ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify as blocking call (netty#10387) Add unit test for HpackDynamicTable. (netty#10389) netty用于测试的内嵌Channel | ChannelInboundHandler主要方法 ...
ihanyong
pushed a commit
to ihanyong/netty
that referenced
this pull request
Jul 31, 2020
netty#10409) Motivation: TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used. Modifications: - Add SslProvider.isTlsv13Supported(...) and use it in tests to detect if we should run tests against TLSv1.3 as well - Adjust testcase to work on latest JDK 8 release as well Result: Correct detection of TLSv1.3 support even if Java version < 11.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
… to detect if its supported or not
Motivation:
TLSv1.3 is not strictly limited to Java11+ anymore as different vendors backported TLSv1.3 to Java8 as well. We should ensure we make the detection of if TLSv1.3 is supported not depend on the Java version that is used.
Modifications:
Result:
Correct detection of TLSv1.3 support even if Java version < 11.