setting HTTP client default TLS version back to 1.2 only JDK-8145252-TLS13-branch
authorapetcher
Wed, 06 Jun 2018 14:29:49 -0400
branchJDK-8145252-TLS13-branch
changeset 56684 89bfd8e0ff19
parent 56683 cf2370de8673
child 56685 c7e7234828c0
setting HTTP client default TLS version back to 1.2 only
src/java.net.http/share/classes/jdk/internal/net/http/HttpClientImpl.java
test/jdk/java/net/httpclient/http2/TLSConnection.java
--- a/src/java.net.http/share/classes/jdk/internal/net/http/HttpClientImpl.java	Wed Jun 06 09:39:14 2018 -0700
+++ b/src/java.net.http/share/classes/jdk/internal/net/http/HttpClientImpl.java	Wed Jun 06 14:29:49 2018 -0400
@@ -298,7 +298,7 @@
 
     private static SSLParameters getDefaultParams(SSLContext ctx) {
         SSLParameters params = ctx.getSupportedSSLParameters();
-        params.setProtocols(new String[]{"TLSv1.2", "TLSv1.3"});
+        params.setProtocols(new String[]{"TLSv1.2"});
         return params;
     }
 
--- a/test/jdk/java/net/httpclient/http2/TLSConnection.java	Wed Jun 06 09:39:14 2018 -0700
+++ b/test/jdk/java/net/httpclient/http2/TLSConnection.java	Wed Jun 06 14:29:49 2018 -0400
@@ -92,7 +92,7 @@
                     "---\nTest #2: default SSL parameters, "
                             + "expect successful connection",
                     () -> connect(uriString, USE_DEFAULT_SSL_PARAMETERS));
-            success &= checkProtocol(handler.getSSLSession(), "TLSv1.3");
+            success &= checkProtocol(handler.getSSLSession(), "TLSv1.2");
 
             // set SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA cipher suite
             // which has less priority in default cipher suite list