RFR 8214688: TLS 1.3 session resumption with hello retry request failed with "illegal_parameter"
Adam Petcher
adam.petcher at oracle.com
Thu Dec 6 20:14:08 UTC 2018
Webrev: http://cr.openjdk.java.net/~apetcher/8214688/webrev.00/
JBS: https://bugs.openjdk.java.net/browse/JDK-8214688
The last session resumption bug fix[1] I made introduced a new issue
when the server sends a HelloRetryRequest message. The proposed fix is
pretty simple: when the client selects a ticket ID to use, it stores the
ID in its context so it can find it again when it sends the second
ClientHello message. We don't have regression tests for
HelloRetryRequest, but I did more interop testing this time to try to
prevent additional issues like this.
[1] https://bugs.openjdk.java.net/browse/JDK-8213202
More information about the security-dev
mailing list