Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8334335

[TESTBUG] Backport of 8279164 to 11u & 17u includes elements of JDK-8163327

    XMLWordPrintable

Details

    • b01
    • b01
    • generic
    • generic

    Backports

      Description

        In trunk, the JDK-8279164 change to test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java is as follows:

        - // supported 3DES, DES, RC4, NULL, and anon cipher suites
        - // it does not contain KRB5 cipher suites because they need a KDC
        - private static final String[] desede_des_rc4_null_anon_ciphersuites
        + // disabled 3DES, DES, RC4, NULL, anon, and ECDH cipher suites
        + private static final String[] disabled_ciphersuites

        and

        @@ -109,7 +108,19 @@ public class DisabledAlgorithms {
                 "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
                 "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
                 "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
        - "SSL_RSA_WITH_3DES_EDE_CBC_SHA"
        + "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
        + "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",

        In backporting to 17u, changes related to 3DES from JDK-8163327 have been incorporated that don't belong in this fix.

        - // supported RC4, NULL, and anon cipher suites
        - // it does not contain KRB5 cipher suites because they need a KDC
        - private static final String[] rc4_null_anon_ciphersuites = new String[] {
        + // disabled 3DES, DES, RC4, NULL, anon, and ECDH cipher suites
        + private static final String[] disabled_ciphersuites
        + = new String[] {

        and

        - "TLS_ECDH_anon_WITH_RC4_128_SHA"
        + "TLS_ECDH_anon_WITH_RC4_128_SHA",
        + "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
        + "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",

        The 17u version has been used as the basis for the 11u one so this is affected too.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8334625 [TESTBUG] Backport of 8279164 to 11u & 17u includes elements of JDK-8163327

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            relates to

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8333998 Disable TLS_ECDH_* cipher suites

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8334194 Disable TLS_ECDH_* cipher suites

            • P3 - Major loss of function.
            • Resolved
            links to

            Commit Commit openjdk/jdk11u-dev/fcff4a9a

            Commit Commit openjdk/jdk17u-dev/5c3fc1d7

            Review Review openjdk/jdk11u-dev/2798

            Review Review openjdk/jdk17u-dev/2593

            Activity

              People

                andrew Andrew Hughes
                andrew Andrew Hughes
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: