From 668406dfe22db656629e693a397db318f179a423 Mon Sep 17 00:00:00 2001 From: Gus Brodman Date: Fri, 6 Mar 2026 16:37:10 -0500 Subject: [PATCH] Always allow both TLS 1.2 and 1.3 The JDK version of SSL has long supported TLS v1.3 (since version 11) so fortunately we can use TLS v1.3 regardless if which implementation of SSL we're using. We prefer OpenSSL in general so I'm not entirely sure why we were using the JDK version of SSL on the proxy before, but this should work and be a good idea regardless. Tested on alpha by running ``` $ openssl s_client -connect epp.registryalpha.foo:700 -tls1_3 -ciphersuites "TLS_AES_128_GCM_SHA256" ``` Previously we'd get a failure, now it returns the proper cert data. --- .../handler/SslServerInitializer.java | 21 ++++++++----------- 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/networking/src/main/java/google/registry/networking/handler/SslServerInitializer.java b/networking/src/main/java/google/registry/networking/handler/SslServerInitializer.java index af419873ae9..a35df22705e 100644 --- a/networking/src/main/java/google/registry/networking/handler/SslServerInitializer.java +++ b/networking/src/main/java/google/registry/networking/handler/SslServerInitializer.java @@ -70,10 +70,10 @@ public class SslServerInitializer extends ChannelInitializer< /** * The list of cipher suites that are currently acceptable to create a successful handshake. * - *

This list includes all of the current TLS1.3 ciphers and a collection of TLS1.2 ciphers with - * no known security vulnerabilities. Note that OpenSSL uses a separate nomenclature for the - * ciphers internally but the IANA names listed here will be transparently translated by the - * OpenSSL provider (if used), so there is no need to include the OpenSSL name variants here. More + *

This list includes all the current TLS1.3 ciphers and a collection of TLS1.2 ciphers with no + * known security vulnerabilities. Note that OpenSSL uses a separate nomenclature for the ciphers + * internally but the IANA names listed here will be transparently translated by the OpenSSL + * provider (if used), so there is no need to include the OpenSSL name variants here. More * information about these cipher suites and their OpenSSL names can be found at ciphersuite.info. */ private static final ImmutableList ALLOWED_TLS_CIPHERS = @@ -90,6 +90,10 @@ public class SslServerInitializer extends ChannelInitializer< "TLS_AES_128_CCM_SHA256", "TLS_AES_128_CCM_8_SHA256"); + /** Thankfully, the JDK supports TLS version 1.3 now. */ + private static final ImmutableList SUPPORTED_TLS_VERSIONS = + ImmutableList.of("TLSv1.3", "TLSv1.2"); + private static final FluentLogger logger = FluentLogger.forEnclosingClass(); private final boolean requireClientCert; // TODO(jianglai): Always validate client certs (if required). @@ -99,7 +103,6 @@ public class SslServerInitializer extends ChannelInitializer< // change when the artifacts on GCS changes. private final Supplier privateKeySupplier; private final Supplier> certificatesSupplier; - private final ImmutableList supportedSslVersions; public SslServerInitializer( boolean requireClientCert, @@ -116,12 +119,6 @@ public SslServerInitializer( this.sslProvider = sslProvider; this.privateKeySupplier = privateKeySupplier; this.certificatesSupplier = certificatesSupplier; - this.supportedSslVersions = - sslProvider == SslProvider.OPENSSL - ? ImmutableList.of("TLSv1.3", "TLSv1.2") - // JDK support for TLS 1.3 won't be available until 2021-04-20 at the earliest. - // See: https://java.com/en/jre-jdk-cryptoroadmap.html - : ImmutableList.of("TLSv1.2"); } @Override @@ -133,7 +130,7 @@ protected void initChannel(C channel) throws Exception { .sslProvider(sslProvider) .trustManager(InsecureTrustManagerFactory.INSTANCE) .clientAuth(requireClientCert ? ClientAuth.REQUIRE : ClientAuth.NONE) - .protocols(supportedSslVersions) + .protocols(SUPPORTED_TLS_VERSIONS) .ciphers(ALLOWED_TLS_CIPHERS, SupportedCipherSuiteFilter.INSTANCE) .build();