Skip to content

Return an ExtendSSLSession whenever possible to allow more strict che…#8281

Merged
normanmaurer merged 1 commit into4.1from
extended_ssl_session
Sep 14, 2018
Merged

Return an ExtendSSLSession whenever possible to allow more strict che…#8281
normanmaurer merged 1 commit into4.1from
extended_ssl_session

Conversation

@normanmaurer
Copy link
Copy Markdown
Member

@normanmaurer normanmaurer commented Sep 11, 2018

…cking when using OpenSSL

Motivation:

When an ExtendedSSLSession is used its possible to do more strict checking of the keys during handshake. We should do this whenever possible.

Modification:

  • Return an ExtendedSSLSession when using client-mode and Java7+
  • Add unit test
  • Simplify unit tests

Result:

More consistent behaviour.

carl-mastrangelo
carl-mastrangelo approved these changes Sep 11, 2018
View reviewed changes
Copy link
Copy Markdown
Member

@carl-mastrangelo carl-mastrangelo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

handler/src/test/java/io/netty/handler/ssl/SniClientJava8TestUtil.java Outdated
Assert.assertNotNull(session);
if (session instanceof ExtendedSSLSession) {
ExtendedSSLSession extendedSSLSession = (ExtendedSSLSession) session;
List<SNIServerName> names = extendedSSLSession.getRequestedServerNames();
Copy link
Copy Markdown
Member

@carl-mastrangelo carl-mastrangelo Sep 11, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

double space after =

@normanmaurer
Return an ExtendSSLSession whenever possible to allow more strict che…
0143695 
…cking when using OpenSSL

Motivation:

When an ExtendedSSLSession is used its possible to do more strict checking of the keys during handshake. We should do this whenever possible.

Modification:

- Return an ExtendedSSLSession when using client-mode and Java7+
- Add unit test
- Simplify unit tests

Result:

More consistent behaviour.
@normanmaurer normanmaurer mentioned this pull request Sep 12, 2018
Merged
@normanmaurer normanmaurer added this to the 4.1.30.Final milestone Sep 12, 2018
@normanmaurer normanmaurer self-assigned this Sep 14, 2018
@normanmaurer normanmaurer merged commit 6ed7c6c into 4.1 Sep 14, 2018
@normanmaurer normanmaurer deleted the extended_ssl_session branch January 22, 2019 10:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@carl-mastrangelo carl-mastrangelo carl-mastrangelo approved these changes

@Scottmitch Scottmitch Awaiting requested review from Scottmitch

@trustin trustin Awaiting requested review from trustin

@bryce-anderson bryce-anderson Awaiting requested review from bryce-anderson

@ejona86 ejona86 Awaiting requested review from ejona86

@vkostyukov vkostyukov Awaiting requested review from vkostyukov

Assignees

@normanmaurer normanmaurer

Labels

None yet

Projects

None yet

Milestone

4.1.30.Final

Development

Successfully merging this pull request may close these issues.

2 participants

@normanmaurer @carl-mastrangelo