Ubuntu
openjdk-7 package

  1. Bug #1482924
  2. Comment #9

Comment 9 for bug 1482924

Revision history for this message
Nathan Bryant (nrb) wrote :

Here's a small test class and the results from a few different JVMs I have access to:

--- cut here ---
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;

public class TLSVersions
{
  public static void main( String[] args )
  {
    String vendor = System.getProperty( "java.vendor" );
    String version = System.getProperty( "java.version" );

    System.out.println( String.format( "java.vendor\tjava.version\tproto\tenabledProtocols" ) );
    for ( String protocol : new String[]{ "TLSv1.2", "TLSv1.1", "TLSv1", "TLS", "SSL" } )
    {
      try
      {
        SSLContext context = SSLContext.getInstance( protocol );
        context.init( null, null, null );
        SSLSocket socket = ( SSLSocket ) context.getSocketFactory().createSocket();
        String enabledProtocols = join( socket.getEnabledProtocols() );
        System.out.println( String.format( "%s\t%s\t%s\t%s", vendor, version, protocol, enabledProtocols ) );
      }
      catch ( Exception e )
      {
        System.out.println( String.format( "%s\t%s\t%s\t%s", vendor, version, protocol, e.toString() ) );
      }
    }
  }

  private static String join( String[] array )
  {
    if ( array.length == 0 )
    {
      return "";
    }
    StringBuilder sb = new StringBuilder( array[ 0 ] );
    for ( int i = 1; i < array.length; i++ )
    {
      sb.append( ',' ).append( array[ i ] );
    }
    return sb.toString();
  }
}
--- cut here ---

java.vendor or dpkg java.version proto enabledProtocols
Apple Inc. 1.6.0_37 TLSv1.2 java.security.NoSuchAlgorithmException: TLSv1.2 SSLContext not available
Apple Inc. 1.6.0_37 TLSv1.1 java.security.NoSuchAlgorithmException: TLSv1.1 SSLContext not available
Apple Inc. 1.6.0_37 TLSv1 SSLv2Hello,SSLv3,TLSv1
Apple Inc. 1.6.0_37 TLS SSLv2Hello,SSLv3,TLSv1
Apple Inc. 1.6.0_37 SSL SSLv2Hello,SSLv3,TLSv1
Oracle Corporation 1.7.0_80 TLSv1.2 TLSv1,TLSv1.1,TLSv1.2
Oracle Corporation 1.7.0_80 TLSv1.1 TLSv1,TLSv1.1
Oracle Corporation 1.7.0_80 TLSv1 TLSv1
Oracle Corporation 1.7.0_80 TLS TLSv1
Oracle Corporation 1.7.0_80 SSL TLSv1
Oracle Corporation 1.8.0_60 TLSv1.2 TLSv1,TLSv1.1,TLSv1.2
Oracle Corporation 1.8.0_60 TLSv1.1 TLSv1,TLSv1.1
Oracle Corporation 1.8.0_60 TLSv1 TLSv1
Oracle Corporation 1.8.0_60 TLS TLSv1,TLSv1.1,TLSv1.2
Oracle Corporation 1.8.0_60 SSL TLSv1,TLSv1.1,TLSv1.2
6b36-1.13.8-0ubuntu1 1.6.0_36 TLSv1.2 java.security.NoSuchAlgorithmException: TLSv1.2 SSLContext not available
6b36-1.13.8-0ubuntu1 1.6.0_36 TLSv1.1 SSLv3,TLSv1,TLSv1.1
6b36-1.13.8-0ubuntu1 1.6.0_36 TLSv1 SSLv3,TLSv1
6b36-1.13.8-0ubuntu1 1.6.0_36 TLS SSLv3,TLSv1
6b36-1.13.8-0ubuntu1 1.6.0_36 SSL SSLv3,TLSv1
7u79-2.5.6-0ubuntu1 1.7.0_79 TLSv1.2 TLSv1,TLSv1.1,TLSv1.2
7u79-2.5.6-0ubuntu1 1.7.0_79 TLSv1.1 TLSv1,TLSv1.1
7u79-2.5.6-0ubuntu1 1.7.0_79 TLSv1 TLSv1
7u79-2.5.6-0ubuntu1 1.7.0_79 TLS TLSv1
7u79-2.5.6-0ubuntu1 1.7.0_79 SSL TLSv1

6b36-1.13.8-0ubuntu2~ppa2 1.6.0_36 TLSv1.2 java.security.NoSuchAlgorithmException: TLSv1.2 SSLContext not available
6b36-1.13.8-0ubuntu2~ppa2 1.6.0_36 TLSv1.1 SSLv3,TLSv1,TLSv1.1
6b36-1.13.8-0ubuntu2~ppa2 1.6.0_36 TLSv1 SSLv3,TLSv1
6b36-1.13.8-0ubuntu2~ppa2 1.6.0_36 TLS SSLv3,TLSv1
6b36-1.13.8-0ubuntu2~ppa2 1.6.0_36 SSL SSLv3,TLSv1

TL;DR: in 1.8.0_60, which to be clear is the current (binary-only) Oracle release downloaded from java.sun.com for the OS X platform, the default configuration of a SSLSocket created with the generic SSLContext.getInstance("TLS") or SSLContext.getInstance("SSL") includes v1.2 by default. This is not the case in any of the other examples