netty5

History

Stephane Landelle 79e24d1a17 Add javadoc warning on SslContext#newHandler client-side Motivation: SslContext#newHandler currently creates underlying SSLEngine without enabling HTTPS endpointIdentificationAlgorithm. This behavior in unsecured when used on the client side. We can’t harden the behavior for now, as it would break existing behavior, for example tests using self signed certificates. Proper hardening will happen in a future major version when we can break behavior. Modifications: Add javadoc warnings with code snippets. Result: Existing unsafe behavior and workaround documented.	2017-03-01 10:44:44 +01:00
..
src	Add javadoc warning on SslContext#newHandler client-side	2017-03-01 10:44:44 +01:00
pom.xml	Use the correct arguments when run with jdk9	2017-02-15 10:15:00 +01:00

Stephane Landelle 79e24d1a17 Add javadoc warning on SslContext#newHandler client-side

Motivation:

SslContext#newHandler currently creates underlying SSLEngine without
enabling HTTPS endpointIdentificationAlgorithm. This behavior in
unsecured when used on the client side.

We can’t harden the behavior for now, as it would break existing
behavior, for example tests using self signed certificates.

Proper hardening will happen in a future major version when we can
break behavior.

Modifications:

Add javadoc warnings with code snippets.

Result:

Existing unsafe behavior and workaround documented.

2017-03-01 10:44:44 +01:00

src

Add javadoc warning on SslContext#newHandler client-side

2017-03-01 10:44:44 +01:00

pom.xml

Use the correct arguments when run with jdk9

2017-02-15 10:15:00 +01:00