Feat: TLSv1.3 support #146
Conversation
There was a problem hiding this comment.
Great stuff! Thanks for adding the SSL testing ❤️
Tests are failing on 6.8 with
Java::JavaxNetSsl::SSLHandshakeException:
No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
when using a modern Java8 JVM that supports TLS1.3, such as OpenJDK Runtime Environment (Temurin)(build 1.8.0_322-b06) on my local box, plus 1.8.0_282-b08 in the testing environment.
my bad - did not realize the TLS 1.3 detection won't do, due Manticore itself (used for testing) on Java 8 without the added a different way to detect whether |
CHANGELOG.md
Outdated
| @@ -1,3 +1,6 @@ | |||
| ## 3.4.6 | |||
There was a problem hiding this comment.
Given that this is an added feature, rather than a bug fix, does it make sense to make this a minor rather than patch release?
There was a problem hiding this comment.
fine by me, thought the changes are fully backwards compatible but it makes sense ... updated
src/main/java/org/logstash/plugins/inputs/http/util/SslSimpleBuilder.java
Outdated
Show resolved
Hide resolved
…uilder.java Co-authored-by: Rob Bavey <[email protected]>
Implements TLS 1.3 support in the plugin, using existing
tls_min_version/tls_max_versionoptions.The plugin was lacking TLS testing thus it's been added.
NOTE: a follow-up minor release is planned, where the protocol configuration will be changed to
ssl_supported_protocols => ...and thetls_min_version/tls_max_versionoptions are going to be deprecated.But for now this is worth shipping as a patch release.