Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6976117

SSLContext.getInstance("TLSv1.1") returns SSLEngines/SSLSockets without TLSv1.1 enabled

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b140
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Description

      This is a problem which we should address in TLS 1.2, but applies to 1.1.

      If an app wants to be a *CLIENT* and calls:

          SSLContext.getInstance("TLSv1.1");

      we're currently going to be returning an instance which won't have TLSv1.1 enabled by default. While technically ok by the Javadoc, I think we need to change that or we're going to have some surprised developers.

      Probably the easiest is extend SSLContextImpl with SSLv3, TLS1, TLSv1.1, and TLSv1.2 variants:

          public class TLSv11ContextImpl extends SSLContextImpl {

      and then update SunJSSE to recognize it:

              put("SSLContext.TLSv1.1",
                  "sun.security.ssl.TLSv11ContextImpl");

      Then on creation of the SSLContextImpl, we enable the protocol by default.

          return new SSLSocketFactoryImpl(this,
              new String[] { "TLSv1.1", ...other suitable defaults...);
      Need to integrate the update of CR 4619276 with this (to add a getDefaultProtocols/getSupportedProtocols to factories).

        Attachments

          Issue Links

          duplicates

          Enhancement - null JDK-4619276 could add a getDefaultProtocols/getSupportedProtocols to factories

          • P3 - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-8136713 [TEST_BUG] test/sun/security/ssl/javax/net/ssl/SSLContextVersion.java requires backport to JDK 6

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JDK-6996382 TLS 1.2 implementation cleanup

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JDK-7174244 NPE in Krb5ProxyImpl.getServerKeys()

          • P2 - Crashes, loss of data, severe memory leak.
          • Closed

          Enhancement - null JDK-4873188 Support TLS 1.1

          • P3 - Major loss of function.
          • Closed

          Enhancement - null JDK-6916074 Add support for TLS 1.2

          • P3 - Major loss of function.
          • Closed

            Activity

              People

              Assignee:
              xuelei Xue-Lei Fan
              Reporter:
              xuelei Xue-Lei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: