Skip to content
Permalink
Browse files

[JENKINS-45841] - Recategorize the protocols

Now there are 3 categories: Active, Deprecated and Test
  • Loading branch information
oleg-nenashev committed Jul 31, 2017
1 parent 67edc4b commit 8374363405ed190ea3df89b5da25c887c58fd1f7
Showing with 34 additions and 14 deletions.
  1. +34 −14 docs/protocols.md
@@ -6,6 +6,37 @@ For example, Jenkins project defines its own protocols for the CLI client.

This section describes only the protocols available within the remoting library.

## Active protocols

This section lists all actively maintained protocols offered in Remoting.
There may be other actively maintained protocols in other Jenkins and 3rd-party components.

### JNLP4-connect

* Introduced in: Remoting 3.0, [JENKINS-36871](https://issues.jenkins-ci.org/browse/JENKINS-36871)

This protocol uses the <code>SSLEngine</code> provided by the Java Cryptography Architecture
to perform a TLS upgrade of the plaintext connection before any connection secrets are exchanged.
The subsequent connection is then secured using TLS.

The encryption algorithms and cyphers used by the <code>SSLEngine</code> when using Oracle JDK 1.8
are described in [Java Cryptography Architecture Standard Algorithm Name Documentation for JDK 8](http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html))
If stronger algorithms are needed (for example, AES with 256-bit keys), the [JCE Unlimited Strength Jurisdiction Policy Files](http://www.oracle.com/technetwork/java/javase/downloads/index.html)
can be obtained on Oracle website and installed in the JDK/JRE.


Protocol uses non-blocking I/O wherever possible which removes the performance bottleneck of the <code>JNLP3-connect</code> protocol.

## Deprecated protocols

All protocols below are not recommended for the production use.
They have been deprecated and replaced.

:exclamation: Disclaimer:
Deprecated protocols are not maintained in the Jenkins project.
New bugfix and performance enhancement proposals will be reviewed and probably integrated,
but confirmed protocol-specific issues will be closed and added to Errata.

### JNLP1-connect

* Legacy remoting protocol
@@ -53,21 +84,10 @@ On some configurations only one JNLP3 slave per IP address can be connected.
* [JENKINS-34121](https://issues.jenkins-ci.org/browse/JENKINS-34121) -
JNLP3 cannot be used on IBM Java, which doesn't support AES/CTR/PKCS5Padding.

### JNLP4-connect
## Test Protocols

* Introduced in: Remoting 3.0, [JENKINS-36871](https://issues.jenkins-ci.org/browse/JENKINS-36871)

This protocol uses the <code>SSLEngine</code> provided by the Java Cryptography Architecture
to perform a TLS upgrade of the plaintext connection before any connection secrets are exchanged.
The subsequent connection is then secured using TLS.

The encryption algorithms and cyphers used by the <code>SSLEngine</code> when using Oracle JDK 1.8
are described in [Java Cryptography Architecture Standard Algorithm Name Documentation for JDK 8](http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html))
If stronger algorithms are needed (for example, AES with 256-bit keys), the [JCE Unlimited Strength Jurisdiction Policy Files](http://www.oracle.com/technetwork/java/javase/downloads/index.html)
can be obtained on Oracle website and installed in the JDK/JRE.


Protocol uses non-blocking I/O wherever possible which removes the performance bottleneck of the <code>JNLP3-connect</code> protocol.
The protocols below exist for testing purposes only.
It is **not recommended** to use them in production.

### JNLP4-plaintext

0 comments on commit 8374363

Please sign in to comment.
You can’t perform that action at this time.