[1.8, 1.9, 1.10 APPROVAL] Regression due to BEAST fix in last security update

Dr Andrew John Hughes ahughes at redhat.com
Thu Dec 22 17:07:18 PST 2011 

I'd like to apply the attached OpenJDK patch to our release branches -
1.8, 1.9 and 1.10.  The patch is a simple one line change which fixes
a regression caused by the last security update, specifically the fix
for the BEAST SSL flaw.  See:

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7103725

for details.  The length can be 0 on entering AppOutputStream.write
and the security fix did not handle this case.  7 and 8 handle this
case by returning early, due to an earlier cleanup fix during the
7 development cycle:

6697270: Inputstream dosent behave correct
Summary: do not try to read zero byte from a InputStream, and do always return
immediately for zero byte reading in a InputStream implementation.
http://hg.openjdk.java.net/jdk7u/jdk7u-dev-gate/jdk/rev/6bdbb2f5c763

The fix is now in HEAD.
Ok for 1.8, 1.9 and 1.10 (with accompanying ChangeLog/NEWS updates as in HEAD)?
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
-------------- next part --------------
# HG changeset patch
# User robm
# Date 1324518632 0
# Node ID cb20ed4b953add8f2443831a0552640efca53ab7
# Parent  6b46f3c7c97cb060f88b196171b95d33bff80b7c
7103725: REGRESSION - 6u29 breaks ssl connectivity using TLS_DH_anon_WITH_AES_128_CBC_SHA
Summary: resolving an issue with 7064341.
Reviewed-by: wetmore, coffeys

diff -r 6b46f3c7c97c -r cb20ed4b953a src/share/classes/sun/security/ssl/AppOutputStream.java
--- openjdk/jdk/src/share/classes/sun/security/ssl/AppOutputStream.java	Wed Nov 16 13:14:57 2011 +0000
+++ openjdk/jdk/src/share/classes/sun/security/ssl/AppOutputStream.java	Thu Dec 22 01:50:32 2011 +0000
@@ -90,7 +90,8 @@
             do {
                 int howmuch;
                 if (isFirstRecordOfThePayload && c.needToSplitPayload()) {
-                    howmuch = Math.min(0x01, r.availableDataBytes());
+                    howmuch = (len == 0) ? 0 : Math.min(
+                        0x01, r.availableDataBytes());
                 } else {
                     howmuch = Math.min(len, r.availableDataBytes());
                 }
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20111223/e808e082/attachment.bin

More information about the distro-pkg-dev mailing list