Mercurial > hg > icedtea8-forest > jdk

changeset 14929:25ef0910e622

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8235874: The ordering of Cipher Suites is not maintained provided through jdk.tls.client.cipherSuites and jdk.tls.server.cipherSuites system property. Summary: Corrected Cipher Suites ordering through system properties Reviewed-by: xuelei, sgehwolf
author ssahoo
date Mon, 16 Dec 2019 00:23:50 -0800
parents 466b007eedbb
children f2f0ceec19fb
files src/share/classes/sun/security/ssl/SSLContextImpl.java test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java
diffstat 2 files changed, 5 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/ssl/SSLContextImpl.java	Fri Dec 13 01:43:14 2019 -0800
+++ b/src/share/classes/sun/security/ssl/SSLContextImpl.java	Mon Dec 16 00:23:50 2019 -0800
@@ -375,7 +375,7 @@
     private static List<CipherSuite> getApplicableCipherSuites(
             Collection<CipherSuite> allowedCipherSuites,
             List<ProtocolVersion> protocols) {
-        TreeSet<CipherSuite> suites = new TreeSet<>();
+        LinkedHashSet<CipherSuite> suites = new LinkedHashSet<>();
         if (protocols != null && (!protocols.isEmpty())) {
             for (CipherSuite suite : allowedCipherSuites) {
                 if (!suite.isAvailable()) {
--- a/test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java	Fri Dec 13 01:43:14 2019 -0800
+++ b/test/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java	Mon Dec 16 00:23:50 2019 -0800
@@ -30,18 +30,17 @@
  * @library /javax/net/ssl/templates
  *          /javax/net/ssl/TLSCommon
  * @summary Test TLS ciphersuites order set through System properties
- * @ignore Not applicable until the cipher order of system property maintained.
  * @run main/othervm
- *      -Djdk.tls.client.cipherSuites=TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
- *      -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256
+ *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
+ *      -Djdk.tls.server.cipherSuites=TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  *      SystemPropCipherSuitesOrder TLSv1.3
  * @run main/othervm
- *      -Djdk.tls.client.cipherSuites=TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
+ *      -Djdk.tls.client.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  *      SystemPropCipherSuitesOrder TLSv1.3
  * @run main/othervm
- *      -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_CHACHA20_POLY1305_SHA256,TLS_AES_256_GCM_SHA384
+ *      -Djdk.tls.server.cipherSuites=TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384
  *      -Djdk.tls.client.protocols="TLSv1.3,TLSv1.2,TLSv1.1,TLSv1,SSLv3"
  *      SystemPropCipherSuitesOrder TLSv1.3
  * @run main/othervm