RFR: 8315436: HttpsServer does not send TLS alerts
Daniel Fuchs
dfuchs at openjdk.org
Thu Aug 31 11:27:02 UTC 2023
On Thu, 31 Aug 2023 06:57:52 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
> Please review this patch that ensures that alerts produced by `wrap` are sent to the peer.
>
> When a fatal alert is produced by a `wrap` call, the returned status is `CLOSED`, but some bytes are produced in the destination buffer. These bytes need to be sent to the client.
>
> The new test verifies this fix; without the fix the test fails with:
>
> javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
>
> With the fix the test passes; the exception thrown is :
>
> javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
>
> Existing tier1-3 tests continue to pass.
Looks good.
-------------
Marked as reviewed by dfuchs (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/15505#pullrequestreview-1604538949
More information about the net-dev
mailing list