Right now we support upto about Java 8 and the main limitation is Java killing Bancho connections due to osu sending over as TLS 1.0 as default which is (rightfully so) disabled on newer versions.
This may require moving to an alternative library to handle TLS rather than using the Java implementation to at least support TLS 1.0 but preferably causing osu to negotiate up to 1.2 or 1.3.
This is what I discovered through Wireshark but may be down to the implementation not doing protocol negotiation properly.
This may require peppy to also get involved to require 1.2 by default but hopefully we can handle that here without needing external change.
Just to be clear this may not even be an issue with osu and more Java's TLS handling so I'm not saying osu is insecure by default at all.
Right now we support upto about Java 8 and the main limitation is Java killing Bancho connections due to osu sending over as TLS 1.0 as default which is (rightfully so) disabled on newer versions.
This may require moving to an alternative library to handle TLS rather than using the Java implementation to at least support TLS 1.0 but preferably causing osu to negotiate up to 1.2 or 1.3.
This is what I discovered through Wireshark but may be down to the implementation not doing protocol negotiation properly.
This may require peppy to also get involved to require 1.2 by default but hopefully we can handle that here without needing external change.
Just to be clear this may not even be an issue with osu and more Java's TLS handling so I'm not saying osu is insecure by default at all.