-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
have Java clients remove "anon" from disabled algorithms #5947
Conversation
Only quick thought based on ongoing conversations is whether or not |
It's a good idea but for an emergency patch I'd keep things real simple so I'd suggest targeting that for 5.5. |
Understood. Someone can always downgrade back to 5.4.9 if this has any issues. Just waiting on the doc push, then let's merge and build. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The same code worked well in insight and the importer, so 👍 for moving it to all Java clients. "Disabling" the workaround will be equivalent to not using 5.4.10 which seems fair enough.
Thanks all. Merging for the creation of first 5.4.10 release candidate. |
Just as a bit of feedback after the fact here and with #5949 on the go these changes result in there being a Guava dependency now for clients. While using Anyone who has been using exclude lists to keep their dependency tree in check as an OMERO client will need to take this into account now. |
What this PR does
On initialization has clients remove "anon" from among the value of the
jdk.tls.disabledAlgorithms
security property.Testing this PR
Insight should be able to connect to servers even with current Java installed: version 8u201 or later.
bin/omero import ...
should work similarly.Related reading
https://trello.com/c/q7we5yYn/68-insight-ssl-algorithms
#5943 (comment)