Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/8.0] Disable user mapper for SslStream on Windows (TLS 1.3) (#100833) #109116

Merged
merged 2 commits into from
Nov 14, 2024
Merged

[release/8.0] Disable user mapper for SslStream on Windows (TLS 1.3) (#100833) #109116

merged 2 commits into from
Nov 14, 2024

Conversation

rzikm
Copy link
Member

@rzikm rzikm commented Oct 22, 2024
edited by karelz
Loading

Backport of #100833 to release/8.0-staging.

Fixes #108966, #100774

/cc @rzikm @avin3sh

Customer Impact

Reported by customer: From #108966 (comment)
The bug generates 12.1 millions of events in 24h period. They have to filter them out. The problem is that due to regulatory requirement they have to store them for a year, which requires large storage.

Note: Same fix for TLS 1.0-1.2 happened in .NET 8 (before GA): #80886 ... we just missed the branch for TLS 1.3.

Regression

No

Testing

CI tests pass.
Pending customer validation - unclear if it will happen in time.

Risk

Low, the change is small and affects only a specific scenario (Windows, SSL Server). The same change has been made in 9.0 few months ago for TLS 1.3 and there are no known issues. Similar fix happened in 8.0 (before GA) for TLS 1.0-1.2 (see #80886).

@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/ncl, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@build-analysis build-analysis bot mentioned this pull request Oct 22, 2024
Open
wfurt
wfurt approved these changes Oct 22, 2024
View reviewed changes
Copy link
Member

@wfurt wfurt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@teo-tsirpanis teo-tsirpanis added this to the 8.0.x milestone Oct 24, 2024
@teo-tsirpanis
Copy link
Contributor

Did you forget the Servicing-Consider tag?

@rzikm
Copy link
Member Author

rzikm commented Nov 7, 2024

Did you forget the Servicing-Consider tag?

We only put that tag once the PR description has been finalized, there are some missing pieces waiting for @karelz's input.

@karelz karelz added the Servicing-consider Issue for next servicing release review label Nov 11, 2024
@rzikm rzikm marked this pull request as ready for review November 11, 2024 16:48
@karelz
Copy link
Member

karelz commented Nov 11, 2024

Large impact on few customers on LTS with regulatory impact. We should backport it to 8.0.x

@rzikm rzikm added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Nov 14, 2024
@rzikm
Copy link
Member Author

rzikm commented Nov 14, 2024

Approved via email on 11/14

@rzikm
Copy link
Member Author

rzikm commented Nov 14, 2024

The CI failure is unrelated (System.Text.Json). ready to merge.

@rzikm
Copy link
Member Author

rzikm commented Nov 14, 2024

/ba-g CI failure is unrelated

@rzikm rzikm merged commit 84ab9ed into dotnet:release/8.0-staging Nov 14, 2024
108 of 111 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Dec 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wfurt wfurt wfurt approved these changes

@karelz karelz karelz approved these changes

Assignees

@rzikm rzikm

Labels
area-System.Net.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
8.0.x
Development

Successfully merging this pull request may close these issues.
4 participants
@rzikm @teo-tsirpanis @karelz @wfurt