openjdk team mailing list archive
-
openjdk team
-
Mailing list archive
-
Message #10102
[Bug 1314113] [NEW] TLS 1.1 and 1.2 are disabled by default
Public bug reported:
OpenJDK-7 disables TLS 1.1 and 1.2 by default. It might be a good idea
to enable them. The past interop issues are rarely encountered in 2014.
The program below only prints "TLSv1" even though I expected to see
"TLSv1", "TLSv1.1" and "TLSv1.2". In fact, the protocols are available -
they are just not enabled by default.
And "no comment" on why I'm getting "SSLv3" when I asked for "TLS". That
will get its own bug report.
$ javac ProtocolTest.java && java ProtocolTest
Supported Protocols: 5
SSLv2Hello
SSLv3
TLSv1
TLSv1.1
TLSv1.2
Enabled Protocols: 2
SSLv3
TLSv1
**********
Ubuntu 14.04 (x64), fully patched:
$ uname -a
Linux ubuntu 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
**********
$ java -version
java version "1.7.0_51"
OpenJDK Runtime Environment (IcedTea 2.4.6) (7u51-2.4.6-1ubuntu4)
OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode)
**********
SSLContext context = SSLContext.getInstance("TLS");
context.init(null,null,null);
SSLSocketFactory factory = (SSLSocketFactory)context.getSocketFactory();
SSLSocket socket = (SSLSocket)factory.createSocket();
String[] protocols = socket.getSupportedProtocols();
System.out.println("Supported Protocols: " + protocols.length);
for(int i = 0; i < protocols.length; i++)
{
System.out.println(" " + protocols[i]);
}
protocols = socket.getEnabledProtocols();
System.out.println("Enabled Protocols: " + protocols.length);
for(int i = 0; i < protocols.length; i++)
{
System.out.println(" " + protocols[i]);
}
** Affects: openjdk-7 (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "Program to test supported and enabled protocols."
https://bugs.launchpad.net/bugs/1314113/+attachment/4100235/+files/ProtocolTest.java
--
You received this bug notification because you are a member of OpenJDK,
which is subscribed to openjdk-7 in Ubuntu.
https://bugs.launchpad.net/bugs/1314113
Title:
TLS 1.1 and 1.2 are disabled by default
Status in “openjdk-7” package in Ubuntu:
New
Bug description:
OpenJDK-7 disables TLS 1.1 and 1.2 by default. It might be a good idea
to enable them. The past interop issues are rarely encountered in
2014.
The program below only prints "TLSv1" even though I expected to see
"TLSv1", "TLSv1.1" and "TLSv1.2". In fact, the protocols are available
- they are just not enabled by default.
And "no comment" on why I'm getting "SSLv3" when I asked for "TLS".
That will get its own bug report.
$ javac ProtocolTest.java && java ProtocolTest
Supported Protocols: 5
SSLv2Hello
SSLv3
TLSv1
TLSv1.1
TLSv1.2
Enabled Protocols: 2
SSLv3
TLSv1
**********
Ubuntu 14.04 (x64), fully patched:
$ uname -a
Linux ubuntu 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
**********
$ java -version
java version "1.7.0_51"
OpenJDK Runtime Environment (IcedTea 2.4.6) (7u51-2.4.6-1ubuntu4)
OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode)
**********
SSLContext context = SSLContext.getInstance("TLS");
context.init(null,null,null);
SSLSocketFactory factory = (SSLSocketFactory)context.getSocketFactory();
SSLSocket socket = (SSLSocket)factory.createSocket();
String[] protocols = socket.getSupportedProtocols();
System.out.println("Supported Protocols: " + protocols.length);
for(int i = 0; i < protocols.length; i++)
{
System.out.println(" " + protocols[i]);
}
protocols = socket.getEnabledProtocols();
System.out.println("Enabled Protocols: " + protocols.length);
for(int i = 0; i < protocols.length; i++)
{
System.out.println(" " + protocols[i]);
}
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/1314113/+subscriptions
Follow ups
References
