On Tue, 17 Nov 2020 17:55:19 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> This change disables the TLSv1 and TLSv1.1 protocols by adding them to the >> jdk.tls.disabledAlgorithms security property in the java.security file. >> These protocols use weak algorithms and are being deprecated by the IETF. >> They should be disabled by default to improve the default security >> configuration of the JDK. See the CSR for more rationale: >> https://bugs.openjdk.java.net/browse/JDK-8254713 >> >> The fix mostly involves changes to existing tests that for one reason or >> another depend on the TLSv1 and TLSv1.1 protocols being enabled. There is a >> new test specifically for this issue: >> test/jdk/sun/security/ssl/SSLContextImpl/SSLContextDefault.java > > Sean Mullan has updated the pull request incrementally with one additional > commit since the last revision: > > More test changes. Marked as reviewed by xuelei (Reviewer). test/jdk/sun/security/ssl/EngineArgs/DebugReportsOneExtraByte.java line 95: > 93: > 94: private SSLEngine clientEngine; // client Engine > 95: private ByteBuffer clientOut; // write side of clientEngine Good to see cleanup like this. ------------- PR: https://git.openjdk.java.net/jdk/pull/1235
