netty5

History

Daniel Gartmann 9c70dc8ba5 Replaced obsolete cryptographic primitive with a modern/secure one. (#8450 ) Motivation: SHA1 is a broken hash function and shouldn't be used anymore (see: https://shattered.io/). Security scanning tools will raise this as an issue and it will reflect badly on netty and I, therefore, recommend to use a SHA2 hash function which is secure and won't be flagged by such tools. Modifications: Replaced insecure SHA1 based signing scheme with SHA2. Result: Modern and thus secure cryptographic primitives will be in use and won't be flagged by security scanning tools.	2018-11-02 07:20:54 +01:00
..
main/java/io/netty/handler	Replaced obsolete cryptographic primitive with a modern/secure one. (#8450 )	2018-11-02 07:20:54 +01:00
test	Add test to verify that invalid ciphers are handled in all SSLEngine implementations correctly. (#8443 )	2018-10-30 17:58:08 +01:00

Daniel Gartmann 9c70dc8ba5 Replaced obsolete cryptographic primitive with a modern/secure one. (#8450 )

Motivation:

SHA1 is a broken hash function and shouldn't be used anymore (see: https://shattered.io/).
Security scanning tools will raise this as an issue and it will reflect badly on netty and I, therefore, recommend to use a SHA2 hash function which is secure and won't be flagged by such tools.

Modifications:

Replaced insecure SHA1 based signing scheme with SHA2.

Result:

Modern and thus secure cryptographic primitives will be in use and won't be flagged by security scanning tools.

2018-11-02 07:20:54 +01:00

main/java/io/netty/handler

Replaced obsolete cryptographic primitive with a modern/secure one. (#8450 )

2018-11-02 07:20:54 +01:00

test

Add test to verify that invalid ciphers are handled in all SSLEngine implementations correctly. (#8443 )

2018-10-30 17:58:08 +01:00