Skip to content

8341964: Add mechanism to disable different parts of TLS cipher suite #3123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

8341964: Add mechanism to disable different parts of TLS cipher suite #3123

wants to merge 1 commit into from

Conversation

@TheMangovnik
Copy link

@TheMangovnik TheMangovnik commented Nov 20, 2025
edited by openjdk bot
Loading

Backport of JDK-8341964 - Add mechanism to disable different parts of TLS cipher suite

Preparation for backport of JDK-8245545

Clean backport.
Passed T1 tests. Existing failures are the same as on the unpatched code, they are unrelated.
Passed gtests.
Passed Github Actions.

Progress

  • Change requires CSR request JDK-8343623 to be approved
  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • JDK-8341964 needs maintainer approval

Issues

  • JDK-8341964: Add mechanism to disable different parts of TLS cipher suite (Enhancement - P3 - Requested)
  • JDK-8343623: Add mechanism to disable different parts of TLS cipher suite (CSR)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk11u-dev.git pull/3123/head:pull/3123
$ git checkout pull/3123

Update a local copy of the PR:
$ git checkout pull/3123
$ git pull https://git.openjdk.org/jdk11u-dev.git pull/3123/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 3123

View PR using the GUI difftool:
$ git pr show -t 3123

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk11u-dev/pull/3123.diff

Using Webrev

Link to Webrev Comment

@bridgekeeper bridgekeeper bot added the oca Needs verification of OCA signatory status label Nov 20, 2025
@bridgekeeper
Copy link

bridgekeeper bot commented Nov 20, 2025

Hi @TheMangovnik, welcome to this OpenJDK project and thanks for contributing!

We do not recognize you as Contributor and need to ensure you have signed the Oracle Contributor Agreement (OCA). If you have not signed the OCA, please follow the instructions. Please fill in your GitHub username in the "Username" field of the application. Once you have signed the OCA, please let us know by writing /signed in a comment in this pull request.

If you already are an OpenJDK Author, Committer or Reviewer, please click here to open a new issue so that we can record that fact. Please use "Add GitHub user TheMangovnik" as summary for the issue.

If you are contributing this work on behalf of your employer and your employer has signed the OCA, please let us know by writing /covered in a comment in this pull request.

@TheMangovnik
Copy link
Author

TheMangovnik commented Nov 20, 2025

/covered

@bridgekeeper bridgekeeper bot added the oca-verify Needs verification of OCA signatory status label Nov 20, 2025
@bridgekeeper
Copy link

bridgekeeper bot commented Nov 20, 2025

Thank you! Please allow for a few business days to verify that your employer has signed the OCA. Also, please note that pull requests that are pending an OCA check will not usually be evaluated, so your patience is appreciated!

@openjdk
Copy link

openjdk bot commented Nov 20, 2025

❗ This change is not yet ready to be integrated.
See the Progress checklist in the description for automated requirements.

@openjdk openjdk bot changed the title backport c90978b8ec00bc19f467e6002528496283186579 8341964: Add mechanism to disable different parts of TLS cipher suite Nov 20, 2025
@openjdk
Copy link

openjdk bot commented Nov 20, 2025

This backport pull request has now been updated with issue from the original commit.

@openjdk openjdk bot added backport Port of a pull request already in a different code base clean Identical backport; no merge resolution required labels Nov 20, 2025
@bridgekeeper bridgekeeper bot removed oca Needs verification of OCA signatory status oca-verify Needs verification of OCA signatory status labels Nov 20, 2025
@openjdk
Copy link

openjdk bot commented Nov 20, 2025

⚠️ @TheMangovnik This change is now ready for you to apply for maintainer approval. This can be done directly in each associated issue or by using the /approval command.

@openjdk openjdk bot added the rfr Pull request is ready for review label Nov 20, 2025
@mlbridge
Copy link

mlbridge bot commented Nov 20, 2025

Webrevs

@TheMangovnik
Copy link
Author

TheMangovnik commented Nov 20, 2025

/approval request Clean back port enabling different parts of TLS cipher suite in preparation for another back port. Tests run on fedora 43. Gtests passed, same T1 failing before and after the backport - not related to this issue.

@openjdk
Copy link

openjdk bot commented Nov 20, 2025

@TheMangovnik
8341964: The approval request has been created successfully.

@openjdk openjdk bot added the approval Requires approval; will be removed when approval is received label Nov 20, 2025
@openjdk openjdk bot mentioned this pull request Nov 20, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approval Requires approval; will be removed when approval is received backport Port of a pull request already in a different code base clean Identical backport; no merge resolution required rfr Pull request is ready for review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TheMangovnik