[jira] [Updated] (ARTEMIS-3038) unwind defunct changes from ARTEMIS-1264

Wed, 18 Aug 2021 03:03:04 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-3038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robbie Gemmell updated ARTEMIS-3038:
------------------------------------
        Fix Version/s:     (was: 2.18.0)
    Affects Version/s: 2.18.0
          Description: 
The changes made in ARTEMIS-1264 are essentially defunct and should be unwound. 
The Kerberos TLS cipher suites were already not recommended for use at the time 
due to being weak, they had already been removed entirely from Java 11 by then, 
and have been disabled by default in Java 8 releases for some time now.

 The related tests have already been removed as they were failing, then 
ignored, and essentialy couldnt run anywhere. The non-test changes are now 
untested and essentially defunct already, but once releases require Java 11 
they will become entirely unusable.

 

Originally described with 
"CoreClientOverOneWaySSLKerb5Test#testOneWaySSLWithGoodClientCipherSuite is 
failing....  I set the test with an ignore .. until we investigate what we 
should do."

  was:
CoreClientOverOneWaySSLKerb5Test#testOneWaySSLWithGoodClientCipherSuite is 
failing because of:

 

[https://www.oracle.com/security-alerts/poodlecve-2014-3566.html]

 

I set the test with an ignore .. until we investigate what we should do.

              Summary: unwind defunct changes from ARTEMIS-1264  (was: 
Investigate 
CoreClientOverOneWaySSLKerb5Test#testOneWaySSLWithGoodClientCipherSuite)

> unwind defunct changes from ARTEMIS-1264
> ----------------------------------------
>
>                 Key: ARTEMIS-3038
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3038
>             Project: ActiveMQ Artemis
>          Issue Type: Task
>    Affects Versions: 2.18.0
>            Reporter: Clebert Suconic
>            Assignee: Gary Tully
>            Priority: Major
>
> The changes made in ARTEMIS-1264 are essentially defunct and should be 
> unwound. The Kerberos TLS cipher suites were already not recommended for use 
> at the time due to being weak, they had already been removed entirely from 
> Java 11 by then, and have been disabled by default in Java 8 releases for 
> some time now.
>  The related tests have already been removed as they were failing, then 
> ignored, and essentialy couldnt run anywhere. The non-test changes are now 
> untested and essentially defunct already, but once releases require Java 11 
> they will become entirely unusable.
>  
> Originally described with 
> "CoreClientOverOneWaySSLKerb5Test#testOneWaySSLWithGoodClientCipherSuite is 
> failing....  I set the test with an ignore .. until we investigate what we 
> should do."



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to