| Summary: | SslContextFactory does not respect order for [included|excluded]Protocols() and [included|excluded]CipherSuites() | ||
|---|---|---|---|
| Product: | [RT] Jetty | Reporter: | Simone Bordet <simone.bordet> |
| Component: | server | Assignee: | Simone Bordet <simone.bordet> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | P3 | CC: | jetty-inbox |
| Version: | 7.6.0 | ||
| Target Milestone: | 7.5.x | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Whiteboard: | |||
Fixed by using LinkedHashSets where relevant. *** Bug 385424 has been marked as a duplicate of this bug. *** |
When setting sslContextFactory.setIncludedProtocols("TLSv1", "TLSv1.1"), the order is important because it determines what version the client will use in the ClientHello SSL message. Currently, included protocols are stored in a HashSet, thereby losing ordering.