stoty commented on code in PR #7142:
URL: https://github.com/apache/hbase/pull/7142#discussion_r2197413087
##########
hbase-common/src/test/java/org/apache/hadoop/hbase/io/crypto/tls/TestX509Util.java:
##########
@@ -96,7 +96,16 @@ public void testCreateSSLContextWithClientAuthNONE() throws
Exception {
public void testCreateSSLContextWithoutCustomProtocol() throws Exception {
SslContext sslContext = X509Util.createSslContextForClient(conf);
ByteBufAllocator byteBufAllocatorMock = mock(ByteBufAllocator.class);
- assertArrayEquals(new String[] { X509Util.DEFAULT_PROTOCOL },
+ assertArrayEquals(new String[] { "TLSv1.3", "TLSv1.2" },
Review Comment:
The default provider in JDK17+ has these defaults.
The same goes for the current tcnative in netty.
So all supported JREs should return this same list.
On older JDKs (7,8,11) the default protocol list is patch level dependent,
but I only plan to backport this to branch-3, not branch-2.
Very old tcnative also may not support TLSv1.3, but we only need this to
work with the current one and future ones.
If/when that list changes, I expect that we will need to update the TLS code
anyway.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@hbase.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
