andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4373a1fba2
netty5/handler/src/main/java/io/netty/handler
History
Farid Zakaria 4373a1fba2 Increase default bits for SelfSignedCertificate (#9019) 
Motivation:
During OpenSsl.java initialization, a SelfSignedCertificate is created
during the static initialization block to determine if OpenSsl
can be used.

The default key strength for SelfSignedCertificate was too low if FIPS
mode is used and BouncyCastle-FIPS is the only available provider
(necessary for compliance). A simple fix is to just augment the key
strength to the minimum required about by FIPS.

Modification:
Set default key bit length to 2048 but also allow it to be dynamically set via a system property for future proofing to more stricter security compliance.

Result:
Fixes #9018

Signed-off-by: Farid Zakaria <farid.m.zakaria@gmail.com>
2019-04-08 20:08:59 +02:00
..
flow Fix javadoc issues 2017-02-22 07:31:07 +01:00
flush Publicize default explicitFlushAfterFlushes count. (#8683) 2018-12-25 22:35:58 +01:00
ipfilter Fix concurrency problem in UniqueIpFilter (#8635) 2018-12-07 13:50:00 +01:00
logging Fixes a LoggingHandler#format method with two arguments 2017-10-24 06:56:54 +02:00
ssl Increase default bits for SelfSignedCertificate (#9019) 2019-04-08 20:08:59 +02:00
stream Close consumed inputs in ChunkedWriteHandler (#8876) 2019-02-28 21:13:56 +01:00
timeout ReadTimeoutHandler - missing ) within JavaDoc example (#8645) 2018-12-10 20:50:38 +01:00
traffic Check if Log level is enabled before creating log statements (#8022) 2018-06-13 23:21:53 -07:00