New status code in SSLEngineResult.HandshakeStatus
David M. Lloyd
david.lloyd at redhat.com
Wed Jul 1 16:45:52 UTC 2015
It has caused some consternation among certain of our engineers that
there is a new possible status code in SSLEngineResult.HandshakeStatus.
If a new status were generally added, it would cause subtle or not so
subtle breakage amount current SSLEngine consumers.
I request that it be made more clear in the documentation that the new
status code applies only to DTLS; something like this:
diff --git
a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
index e2865e6..5473188 100644
--- a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
@@ -156,6 +156,9 @@ public class SSLEngineResult {
* This value is used to indicate that not-yet-interpreted data
* has been previously received from the remote side, and does
* not need to be received again.
+ * <P>
+ * This result code is only used by DTLS and is not a possible
+ * result for stream-oriented TLS.
*
* @since 1.9
*/
Thanks.
--
- DML
More information about the security-dev
mailing list