Artur Barashev
|
78a106ffbb
|
8375183: Remove unused SSLConfiguration.maximumProtocolVersion variable
Reviewed-by: djelinski, myankelevich, hchao
|
2026-01-15 13:18:20 +00:00 |
|
Artur Barashev
|
3439512401
|
8374317: Change GCM IV size to 12 bytes when encrypting/decrypting TLS session ticket
Reviewed-by: djelinski, mpowers, ascarpino
|
2026-01-02 13:28:15 +00:00 |
|
Sergey Bylokhov
|
36d2c277c4
|
8374327: Update copyright year to 2025 for files in java.base added/updated by commits in 2025
Reviewed-by: jpai
|
2025-12-31 09:13:32 +00:00 |
|
Artur Barashev
|
a99f340e1b
|
8371721: Refactor checkTrusted methods in X509TrustManagerImpl
Reviewed-by: coffeys, djelinski
|
2025-12-12 14:39:42 +00:00 |
|
Sean Coffey
|
852141b9d4
|
8372004: Have SSLLogger implement System.Logger
Reviewed-by: dfuchs, weijun
|
2025-11-20 07:32:06 +00:00 |
|
Volkan Yazici
|
866faa9d40
|
8366577: Deprecate java.net.Socket::setPerformancePreferences
Reviewed-by: dfuchs, alanb, jpai
|
2025-11-07 08:15:42 +00:00 |
|
Artur Barashev
|
02a7217491
|
8366364: Return enabled signature schemes with SSLConfiguration#getSSLParameters() call
Reviewed-by: mullan
|
2025-11-03 15:05:16 +00:00 |
|
Artur Barashev
|
436dc687ba
|
8367059: DTLS: loss of NewSessionTicket message results in handshake failure
Reviewed-by: jnimeh, djelinski
|
2025-10-29 17:25:31 +00:00 |
|
Pavel Rappo
|
28f2591bad
|
8370568: Refer to Thread.interrupted as "interrupted status" consistently
Reviewed-by: jpai, rriggs, alanb
|
2025-10-29 15:36:43 +00:00 |
|
Mikhail Yankelevich
|
5ebc2c7212
|
8369995: Fix StringIndexOutOfBoundsException and implement extra logging and/or propagate errors in X509KeyManagerImpl
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Reviewed-by: wetmore, djelinski, abarashev
|
2025-10-28 16:51:15 +00:00 |
|
Artur Barashev
|
233d3a8d43
|
8366244: TLS1.3 ChangeCipherSpec message received after the client's Finished message should trigger a connection abort with "unexpected message"
Reviewed-by: hchao
|
2025-10-09 13:59:31 +00:00 |
|
Daniel Jeliński
|
56baf64ada
|
8368520: TLS 1.3 KeyUpdate fails with SunPKCS11 provider
Reviewed-by: valeriep
|
2025-10-02 13:29:45 +00:00 |
|
Daniel Jeliński
|
3c9fd7688f
|
8368514: TLS stateless session ticket decryption fails on some providers
Reviewed-by: valeriep, abarashev
|
2025-09-25 18:47:32 +00:00 |
|
Daniel Jeliński
|
80cb0ead50
|
8367133: DTLS: fragmentation of Finished message results in handshake failure
Reviewed-by: jnimeh
|
2025-09-25 18:17:19 +00:00 |
|
Artur Barashev
|
569e78080b
|
8365820: Apply certificate scope constraints to algorithms in "signature_algorithms" extension when "signature_algorithms_cert" extension is not being sent
Reviewed-by: hchao
|
2025-09-25 14:44:06 +00:00 |
|
Alice Pellegrini
|
ba44656b97
|
8366454: TLS1.3 server fails with bad_record_mac when receiving encrypted records with empty body
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Reviewed-by: djelinski
|
2025-09-25 08:44:14 +00:00 |
|
Sean Coffey
|
47efe3c794
|
8343395: SSLLogger doesn't work for formatted messages
Reviewed-by: weijun
|
2025-09-22 18:41:07 +00:00 |
|
Daniel Fuchs
|
e8db14f584
|
8349910: Implement JEP 517: HTTP/3 for the HTTP Client API
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Bradford Wetmore <wetmore@openjdk.org>
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Co-authored-by: Darragh Clarke <dclarke@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Co-authored-by: Michael McMahon <michaelm@openjdk.org>
Co-authored-by: Volkan Yazici <vyazici@openjdk.org>
Co-authored-by: Conor Cleary <conor.cleary@oracle.com>
Co-authored-by: Patrick Concannon <patrick.concannon@oracle.com>
Co-authored-by: Rahul Yadav <rahul.r.yadav@oracle.com>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Reviewed-by: djelinski, jpai, aefimov, abarashev, michaelm
|
2025-09-22 10:12:12 +00:00 |
|
Artur Barashev
|
3798dcf75b
|
8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints
Reviewed-by: mullan
|
2025-09-19 13:06:25 +00:00 |
|
Artur Barashev
|
4ea8979b93
|
8365953: Key manager returns no certificates when handshakeSession is not an ExtendedSSLSession
Reviewed-by: djelinski, wetmore
|
2025-09-11 13:53:08 +00:00 |
|
Artur Barashev
|
e544cd9920
|
8359956: Support algorithm constraints and certificate checks in SunX509 key manager
Reviewed-by: mullan
|
2025-07-31 13:57:19 +00:00 |
|
Sean Coffey
|
f53d0519b9
|
8340312: sun.security.ssl.SSLLogger uses incorrect log level ALL for finest log events
Reviewed-by: wetmore
|
2025-07-28 16:32:58 +00:00 |
|
Kevin Driver
|
5ad102ca3f
|
8349594: Enhance TLS protocol support
Reviewed-by: rhalade, ahgross, wetmore, jnimeh
|
2025-07-15 12:02:14 -07:00 |
|
Daniel Jeliński
|
e9a62d79cd
|
8361125: Fix typo in onTradAbsence
Reviewed-by: hchao, mullan, shade
|
2025-07-01 19:19:25 +00:00 |
|
Artur Barashev
|
a471fe992f
|
8360539: DTLS handshakes fails due to improper cookie validation logic
Reviewed-by: ascarpino, hchao
|
2025-06-27 14:15:55 +00:00 |
|
Artur Barashev
|
2af869b193
|
8156715: TrustStoreManager does not buffer keystore input stream
Reviewed-by: ascarpino
|
2025-06-24 15:32:13 +00:00 |
|
Bradford Wetmore
|
2926435d22
|
8341346: Add support for exporting TLS Keying Material
Reviewed-by: hchao, jnimeh, weijun
|
2025-05-30 23:06:36 +00:00 |
|
Artur Barashev
|
99048c3d4a
|
8357033: Reduce stateless session ticket size
Reviewed-by: wetmore, djelinski, ascarpino
|
2025-05-30 16:03:13 +00:00 |
|
Valerie Peng
|
4c0a0ab6bc
|
8353578: Refactor existing usage of internal HKDF impl to use the KDF API
Co-authored-by: Kevin Driver <kdriver@openjdk.org>
Reviewed-by: djelinski, wetmore, mullan, kdriver, weijun
|
2025-05-13 22:43:31 +00:00 |
|
Koushik Thirupattur
|
68a118509a
|
8310003: Improve logging when default truststore is inaccessible
Reviewed-by: mullan
|
2025-05-09 19:20:17 +00:00 |
|
nibjen
|
2c1eb339d6
|
8350830: Values converted incorrectly when reading TLS session tickets
Reviewed-by: djelinski, ascarpino
|
2025-05-08 09:06:19 +00:00 |
|
Artur Barashev
|
34807df762
|
8355779: When no "signature_algorithms_cert" extension is present we do not apply certificate scope constraints to algorithms in "signature_algorithms" extension
Reviewed-by: mullan
|
2025-05-01 13:09:14 +00:00 |
|
Bradford Wetmore
|
21b0f5ea15
|
8355637: SSLSessionImpl's "serialization" list documentation is incorrectly ordered
Reviewed-by: ascarpino
|
2025-04-26 05:46:05 +00:00 |
|
Sean Coffey
|
1ec64811a3
|
8350582: Correct the parsing of the ssl value in javax.net.debug
Reviewed-by: wetmore, hchao
|
2025-04-24 12:01:34 +00:00 |
|
Artur Barashev
|
abb23828f9
|
8350807: Certificates using MD5 algorithm that are disabled by default are incorrectly allowed in TLSv1.3 when re-enabled
Reviewed-by: mullan
|
2025-04-17 13:45:47 +00:00 |
|
Artur Barashev
|
dfa79c3730
|
8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures
Reviewed-by: mullan
|
2025-04-08 13:02:50 +00:00 |
|
Artur Barashev
|
9c06dcb439
|
8349583: Add mechanism to disable signature schemes based on their TLS scope
Reviewed-by: mullan, ascarpino
|
2025-03-31 16:45:40 +00:00 |
|
Bradford Wetmore
|
68c6623d38
|
8345840: Add missing TLS handshake messages to SSLHandshake.java
Reviewed-by: jnimeh
|
2024-12-23 19:05:07 +00:00 |
|
Magnus Ihse Bursie
|
ddf0461788
|
8345799: Update copyright year to 2024 for core-libs in files where it was missed
Reviewed-by: joehw, jlu, mli, lancea, kevinw
|
2024-12-11 21:08:22 +00:00 |
|
Kevin Driver
|
4c39e9faa0
|
8344924: Default CA certificates loaded despite request to use custom keystore
Reviewed-by: ascarpino
|
2024-12-10 20:49:13 +00:00 |
|
Sean Mullan
|
ddc8a9d5da
|
8344366: Remove Security Manager dependencies from javax.net.ssl and sun.security.ssl packages
Reviewed-by: coffeys, ascarpino, hchao
|
2024-11-25 13:10:59 +00:00 |
|
Patricio Chilano Mateo
|
78b80150e0
|
8338383: Implement JEP 491: Synchronize Virtual Threads without Pinning
Co-authored-by: Patricio Chilano Mateo <pchilanomate@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Andrew Haley <aph@openjdk.org>
Co-authored-by: Fei Yang <fyang@openjdk.org>
Co-authored-by: Coleen Phillimore <coleenp@openjdk.org>
Co-authored-by: Richard Reingruber <rrich@openjdk.org>
Co-authored-by: Martin Doerr <mdoerr@openjdk.org>
Reviewed-by: aboldtch, dholmes, coleenp, fbredberg, dlong, sspitsyn
|
2024-11-12 15:23:48 +00:00 |
|
Artur Barashev
|
8b4749713c
|
8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server
Reviewed-by: wetmore, djelinski, xuelei
|
2024-11-04 18:46:38 +00:00 |
|
Hai-May Chao
|
dadcee1b89
|
8307383: Enhance DTLS connections
Co-authored-by: Jamil Nimeh <jnimeh@openjdk.org>
Reviewed-by: rhalade, mschoene, ascarpino
|
2024-10-15 17:04:27 +05:30 |
|
Jamil Nimeh
|
b6e72ff971
|
8339403: sun.security.ssl.StatusResponseManager.get swallows interrupt status
Reviewed-by: valeriep
|
2024-10-03 17:16:31 +00:00 |
|
Anthony Scarpino
|
0c2b175898
|
8328608: Multiple NewSessionTicket support for TLS
Reviewed-by: djelinski
|
2024-08-28 17:24:33 +00:00 |
|
Hai-May Chao
|
fd741a88e8
|
8327538: The SSLExtension class specifies incorrect values for heartbeat per RFC 6520 and post_handshake_auth per RFC 8446
Reviewed-by: wetmore
|
2024-07-21 17:05:46 +00:00 |
|
Prajwal Kumaraswamy
|
1b9270ac8a
|
8328723: IP Address error when client enables HTTPS endpoint check on server socket
Reviewed-by: wetmore, djelinski
|
2024-07-18 22:42:34 +00:00 |
|
Anthony Scarpino
|
07bc523df8
|
8334670: SSLSocketOutputRecord buffer miscalculation
Reviewed-by: djelinski, ssahoo
|
2024-06-26 22:28:33 +00:00 |
|
nibjen
|
e681b4e9b3
|
8332524: Instead of printing "TLSv1.3," it is showing "TLS13"
Reviewed-by: mullan
|
2024-06-18 13:28:37 +00:00 |
|