Hi Jonathan,
after a big fight, I finally found that the SslFilterTest was failing in
Mina 2.2 with Java 8 and 11 when the client was not set to use TLS V1.3
(it was set to use "TLS"). Note that the client is a plain SSL Socket,
created by a SSLSocketFactory.
So the combinations that work :
Java 8 + Client TLSv1.3 + Server TLSv1.2 -> OK
Java 11 + Client TLSv1.3 + Server TLSv1.2 -> OK
Java 8 + Client TLSv1.3 + Server TLSv1.3 -> OK
Java 11 + Client TLSv1.3 + Server TLSv1.3 -> OK
And for those that don't work:
Java 8 + Client TLSv1.2 + Server TLSv1.2 -> KO
Java 11 + Client TLSv1.2 + Server TLSv1.2 -> KO
Java 8 + Client TLSv1.2 + Server TLSv1.3 -> KO
Java 11 + Client TLSv1.2 + Server TLSv1.3 -> KO
That is a bit problematic as we may have client that aren't using TLS 1.3...
On 21/01/2022 16:23, Emmanuel Lécharny wrote:
On 21/01/2022 13:23, Jonathan Valliere wrote:
You can also use the DisableEncryptionWriteRequesf to wrap your
WriteRequest you want to bypass the SSL filter.
Yes, but all in all, I think this WriteRequest class should go. The
original Attribute was specifically created to bypass the SslFilter for
the StartTLS operation, and in retrospect, thatw as a mistake.
I like the Filter idea.
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecha...@busit.com https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
