New status code in SSLEngineResult.HandshakeStatus
Xuelei Fan
xuelei.fan at oracle.com
Tue Jul 7 23:57:43 UTC 2015
Hi David,
Thanks for the suggestion. Here is the JBS bug for the track of the
improvement:
https://bugs.openjdk.java.net/browse/JDK-8130461
Thanks,
Xuelei
On 7/2/2015 12:45 AM, David M. Lloyd wrote:
> It has caused some consternation among certain of our engineers that
> there is a new possible status code in SSLEngineResult.HandshakeStatus.
> If a new status were generally added, it would cause subtle or not so
> subtle breakage amount current SSLEngine consumers.
>
> I request that it be made more clear in the documentation that the new
> status code applies only to DTLS; something like this:
>
> diff --git
> a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
> b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
> index e2865e6..5473188 100644
> --- a/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
> +++ b/src/java.base/share/classes/javax/net/ssl/SSLEngineResult.java
> @@ -156,6 +156,9 @@ public class SSLEngineResult {
> * This value is used to indicate that not-yet-interpreted data
> * has been previously received from the remote side, and does
> * not need to be received again.
> + * <P>
> + * This result code is only used by DTLS and is not a possible
> + * result for stream-oriented TLS.
> *
> * @since 1.9
> */
>
> Thanks.
>
More information about the security-dev
mailing list