New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Insight and CLI remove "anon" from disabled algorithms. #5943
Conversation
JDK-8211883 Code reuse to be refactored once decoupling is complete.
Best to copy-and-paste code until after the dust from #5934 settles. |
For
|
It's tricky to test. Tested so far:
|
Connecting to eel is enough I would think |
But I thought we want to do 5.4.10 insight -> we need to build it anyway ? |
Tested insight
|
enough to test the fix I mean |
Tested Insight on Linux (Debian) was well 👍 Unfortunately can't test CLI, no idea how to get Ice 3.6 for Debian. |
Tested:
|
@dominikl https://docs.openmicroscopy.org/omero/5.4.9/sysadmins/troubleshooting.html |
Thanks. With the debian OpenSSL patch applied it works (5.4.9 fails, 5.5.0 dev build works) 👍 |
I think we have expected results on 3 OS-es, Insight and CLI. Ready to merge FMPOV |
Sorry for the late comment, but would this have been better placed directly in |
I tend to be leery of touching that, especially as it's complex and mirrored in Python and C++; I also wasn't sure if it would always be wanted by every client instantiation (could be a utility method called from main methods?). Time's short and this is tested so probably okay for a 5.4.10? Also happy to refactor as you like for 5.5.0: was going to solicit suggestions on that. |
Understood. The downside is that other consumers will not get the fix, but that may be acceptable. Fine to see refactoring in 5.5. |
Superseded by #5947. |
What this PR does
On startup has Insight and command-line importer remove "anon" from among the value of the
jdk.tls.disabledAlgorithms
security property.Testing this PR
Insight should be able to connect to servers even with current Java installed: version 8u201 or later.
bin/omero import ...
should work similarly.Related reading
https://trello.com/c/q7we5yYn/68-insight-ssl-algorithms