Skip to content

HttpsServer can use TLSv1.3 on JDK16+ #64496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 19, 2020
Merged

HttpsServer can use TLSv1.3 on JDK16+ #64496

merged 2 commits into from
Nov 19, 2020

Conversation

jaymode
Copy link
Member

@jaymode jaymode commented Nov 2, 2020

This commit changes code that previously pinned to TLSv1.2 when running
on JDK 12+ to allow the use of TLSv1.3 if on JDK 16 or newer. There was
a bug in the HttpsServer code that has finally been fixed, which
prevented the use of TLSv1.3 as the HttpsServer would endlessly loop.
The JDK bug is JDK-8254967.

Closes #38646

@jaymode
HttpsServer can use TLSv1.3 on JDK16+
1bbd039 
This commit changes code that previously pinned to TLSv1.2 when running
on JDK 12+ to allow the use of TLSv1.3 if on JDK 16 or newer. There was
a bug in the HttpsServer code that has finally been fixed, which
prevented the use of TLSv1.3 as the HttpsServer would endlessly loop.
The JDK bug is JDK-8254967.

Closes elastic#38646
@jaymode jaymode added >test Issues or PRs that are addressing/adding tests :Security/TLS SSL/TLS, Certificates v8.0.0 v7.11.0 labels Nov 2, 2020
@jaymode jaymode requested a review from jkakavas November 2, 2020 17:43
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Network)

@elasticmachine elasticmachine added the Team:Security Meta label for security team label Nov 2, 2020
jkakavas
jkakavas approved these changes Nov 13, 2020
View reviewed changes
Copy link
Member

@jkakavas jkakavas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jaymode jaymode merged commit 76c22f7 into elastic:master Nov 19, 2020
@jaymode jaymode deleted the tls13_httpsserver_fixed branch November 19, 2020 17:46
@jaymode jaymode mentioned this pull request Nov 19, 2020
Merged
jaymode added a commit that referenced this pull request Nov 19, 2020
@jaymode
HttpsServer can use TLSv1.3 on JDK16+ (#65274)
68a8947 
This commit changes code that previously pinned to TLSv1.2 when running
on JDK 12+ to allow the use of TLSv1.3 if on JDK 16 or newer. There was
a bug in the HttpsServer code that has finally been fixed, which
prevented the use of TLSv1.3 as the HttpsServer would endlessly loop.
The JDK bug is JDK-8254967.

Closes #38646
Backport of #64496
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkakavas jkakavas jkakavas approved these changes

Assignees
No one assigned
Labels
:Security/TLS SSL/TLS, Certificates Team:Security Meta label for security team >test Issues or PRs that are addressing/adding tests v7.11.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

MockWebServer incompatible with HttpClient closing on TLSv1.3
4 participants
@jaymode @elasticmachine @jkakavas @jakelandis