infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-02-05 16:09:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
85,314 Commits 343 Branches 1,071 Tags
Commit Graph

308 Commits

Author SHA1 Message Date
Daniel Jeliński
56baf64ada 8368520: TLS 1.3 KeyUpdate fails with SunPKCS11 provider 
Reviewed-by: valeriep
 2025-10-02 13:29:45 +00:00
Daniel Jeliński
3c9fd7688f 8368514: TLS stateless session ticket decryption fails on some providers 
Reviewed-by: valeriep, abarashev
 2025-09-25 18:47:32 +00:00
Daniel Jeliński
80cb0ead50 8367133: DTLS: fragmentation of Finished message results in handshake failure 
Reviewed-by: jnimeh
 2025-09-25 18:17:19 +00:00
Artur Barashev
569e78080b 8365820: Apply certificate scope constraints to algorithms in "signature_algorithms" extension when "signature_algorithms_cert" extension is not being sent 
Reviewed-by: hchao
 2025-09-25 14:44:06 +00:00
Alice Pellegrini
ba44656b97 8366454: TLS1.3 server fails with bad_record_mac when receiving encrypted records with empty body 
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Reviewed-by: djelinski
 2025-09-25 08:44:14 +00:00
Sean Coffey
47efe3c794 8343395: SSLLogger doesn't work for formatted messages 
Reviewed-by: weijun
 2025-09-22 18:41:07 +00:00
Daniel Fuchs
e8db14f584 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API 
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Bradford Wetmore <wetmore@openjdk.org>
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Co-authored-by: Darragh Clarke <dclarke@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Co-authored-by: Michael McMahon <michaelm@openjdk.org>
Co-authored-by: Volkan Yazici <vyazici@openjdk.org>
Co-authored-by: Conor Cleary <conor.cleary@oracle.com>
Co-authored-by: Patrick Concannon <patrick.concannon@oracle.com>
Co-authored-by: Rahul Yadav <rahul.r.yadav@oracle.com>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Reviewed-by: djelinski, jpai, aefimov, abarashev, michaelm
 2025-09-22 10:12:12 +00:00
Artur Barashev
3798dcf75b 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints 
Reviewed-by: mullan
 2025-09-19 13:06:25 +00:00
Artur Barashev
4ea8979b93 8365953: Key manager returns no certificates when handshakeSession is not an ExtendedSSLSession 
Reviewed-by: djelinski, wetmore
 2025-09-11 13:53:08 +00:00
Artur Barashev
e544cd9920 8359956: Support algorithm constraints and certificate checks in SunX509 key manager 
Reviewed-by: mullan
 2025-07-31 13:57:19 +00:00
Sean Coffey
f53d0519b9 8340312: sun.security.ssl.SSLLogger uses incorrect log level ALL for finest log events 
Reviewed-by: wetmore
 2025-07-28 16:32:58 +00:00
Kevin Driver
5ad102ca3f 8349594: Enhance TLS protocol support 
Reviewed-by: rhalade, ahgross, wetmore, jnimeh
 2025-07-15 12:02:14 -07:00
Daniel Jeliński
e9a62d79cd 8361125: Fix typo in onTradAbsence 
Reviewed-by: hchao, mullan, shade
 2025-07-01 19:19:25 +00:00
Artur Barashev
a471fe992f 8360539: DTLS handshakes fails due to improper cookie validation logic 
Reviewed-by: ascarpino, hchao
 2025-06-27 14:15:55 +00:00
Artur Barashev
2af869b193 8156715: TrustStoreManager does not buffer keystore input stream 
Reviewed-by: ascarpino
 2025-06-24 15:32:13 +00:00
Bradford Wetmore
2926435d22 8341346: Add support for exporting TLS Keying Material 
Reviewed-by: hchao, jnimeh, weijun
 2025-05-30 23:06:36 +00:00
Artur Barashev
99048c3d4a 8357033: Reduce stateless session ticket size 
Reviewed-by: wetmore, djelinski, ascarpino
 2025-05-30 16:03:13 +00:00
Valerie Peng
4c0a0ab6bc 8353578: Refactor existing usage of internal HKDF impl to use the KDF API 
Co-authored-by: Kevin Driver <kdriver@openjdk.org>
Reviewed-by: djelinski, wetmore, mullan, kdriver, weijun
 2025-05-13 22:43:31 +00:00
Koushik Thirupattur
68a118509a 8310003: Improve logging when default truststore is inaccessible 
Reviewed-by: mullan
 2025-05-09 19:20:17 +00:00
nibjen
2c1eb339d6 8350830: Values converted incorrectly when reading TLS session tickets 
Reviewed-by: djelinski, ascarpino
 2025-05-08 09:06:19 +00:00
Artur Barashev
34807df762 8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension 
Reviewed-by: mullan
 2025-05-01 13:09:14 +00:00
Bradford Wetmore
21b0f5ea15 8355637: SSLSessionImpl's "serialization" list documentation is incorrectly ordered 
Reviewed-by: ascarpino
 2025-04-26 05:46:05 +00:00
Sean Coffey
1ec64811a3 8350582: Correct the parsing of the ssl value in javax.net.debug 
Reviewed-by: wetmore, hchao
 2025-04-24 12:01:34 +00:00
Artur Barashev
abb23828f9 8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled 
Reviewed-by: mullan
 2025-04-17 13:45:47 +00:00
Artur Barashev
dfa79c3730 8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures 
Reviewed-by: mullan
 2025-04-08 13:02:50 +00:00
Artur Barashev
9c06dcb439 8349583: Add mechanism to disable signature schemes based on their TLS scope 
Reviewed-by: mullan, ascarpino
 2025-03-31 16:45:40 +00:00
Bradford Wetmore
68c6623d38 8345840: Add missing TLS handshake messages to SSLHandshake.java 
Reviewed-by: jnimeh
 2024-12-23 19:05:07 +00:00
Magnus Ihse Bursie
ddf0461788 8345799: Update copyright year to 2024 for core-libs in files where it was missed 
Reviewed-by: joehw, jlu, mli, lancea, kevinw
 2024-12-11 21:08:22 +00:00
Kevin Driver
4c39e9faa0 8344924: Default CA certificates loaded despite request to use custom keystore 
Reviewed-by: ascarpino
 2024-12-10 20:49:13 +00:00
Sean Mullan
ddc8a9d5da 8344366: Remove Security Manager dependencies from javax.net.ssl and sun.security.ssl packages 
Reviewed-by: coffeys, ascarpino, hchao
 2024-11-25 13:10:59 +00:00
Patricio Chilano Mateo
78b80150e0 8338383: Implement JEP 491: Synchronize Virtual Threads without Pinning 
Co-authored-by: Patricio Chilano Mateo <pchilanomate@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Andrew Haley <aph@openjdk.org>
Co-authored-by: Fei Yang <fyang@openjdk.org>
Co-authored-by: Coleen Phillimore <coleenp@openjdk.org>
Co-authored-by: Richard Reingruber <rrich@openjdk.org>
Co-authored-by: Martin Doerr <mdoerr@openjdk.org>
Reviewed-by: aboldtch, dholmes, coleenp, fbredberg, dlong, sspitsyn
 2024-11-12 15:23:48 +00:00
Artur Barashev
8b4749713c 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server 
Reviewed-by: wetmore, djelinski, xuelei
 2024-11-04 18:46:38 +00:00
Hai-May Chao
dadcee1b89 8307383: Enhance DTLS connections 
Co-authored-by: Jamil Nimeh <jnimeh@openjdk.org>
Reviewed-by: rhalade, mschoene, ascarpino
 2024-10-15 17:04:27 +05:30
Jamil Nimeh
b6e72ff971 8339403: sun.security.ssl.StatusResponseManager.get swallows interrupt status 
Reviewed-by: valeriep
 2024-10-03 17:16:31 +00:00
Anthony Scarpino
0c2b175898 8328608: Multiple NewSessionTicket support for TLS 
Reviewed-by: djelinski
 2024-08-28 17:24:33 +00:00
Hai-May Chao
fd741a88e8 8327538: The SSLExtension class specifies incorrect values for heartbeat per RFC 6520 and post_handshake_auth per RFC 8446 
Reviewed-by: wetmore
 2024-07-21 17:05:46 +00:00
Prajwal Kumaraswamy
1b9270ac8a 8328723: IP Address error when client enables HTTPS endpoint check on server socket 
Reviewed-by: wetmore, djelinski
 2024-07-18 22:42:34 +00:00
Anthony Scarpino
07bc523df8 8334670: SSLSocketOutputRecord buffer miscalculation 
Reviewed-by: djelinski, ssahoo
 2024-06-26 22:28:33 +00:00
nibjen
e681b4e9b3 8332524: Instead of printing "TLSv1.3," it is showing "TLS13" 
Reviewed-by: mullan
 2024-06-18 13:28:37 +00:00
Prasadrao Koppula
d44aaa37f9 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message 
Reviewed-by: djelinski, coffeys, jjiang, ascarpino
 2024-03-22 07:02:37 +00:00
John Jiang
9059727df1 8327182: Move serverAlias into the loop 
Reviewed-by: gli, mullan
 2024-03-19 02:03:13 +00:00
Prajwal Kumaraswamy
bdd1aebea3 8312383: Log X509ExtendedKeyManager implementation class name in TLS/SSL connection 
Reviewed-by: coffeys
 2024-03-08 09:04:16 +00:00
Anthony Scarpino
f62b5789ad 8311644: Server should not send bad_certificate alert when the client does not send any certificates 
Reviewed-by: djelinski, jjiang, ssahoo
 2024-02-26 16:49:01 +00:00
Christoph Langer
c2d9fa26ce 8326000: Remove obsolete comments for class sun.security.ssl.SunJSSE 
Reviewed-by: mbaesken, ascarpino
 2024-02-18 06:58:22 +00:00
John Jiang
fe78c0f191 8325022: Incorrect error message on client authentication 
Reviewed-by: jnimeh, hchao, djelinski
 2024-02-01 02:35:34 +00:00
Ben Perez
c328f9589d 8296787: Unify debug printing format of X.509 cert serial numbers 
Reviewed-by: mullan, coffeys
 2023-12-14 17:57:36 +00:00
Hai-May Chao
a95062b39a 8319670: Improve comments describing system properties for TLS server and client for max chain length 
Reviewed-by: mullan
 2023-11-09 20:21:15 +00:00
Hai-May Chao
0064cf90ff 8311596: Add separate system properties for TLS server and client for maximum chain length 
Reviewed-by: jnimeh, weijun, mullan
 2023-10-31 15:22:18 +00:00
Jaikiran Pai
0259da9283 8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session 
Reviewed-by: djelinski, wetmore
 2023-09-29 05:00:02 +00:00
Daniel Jeliński
fee9d3362c 8293176: SSLEngine handshaker does not send an alert after a bad parameters 
Reviewed-by: mdonovan, jnimeh
 2023-09-27 07:33:52 +00:00