Code Review Request, JDK-8213782: NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers
Xue-Lei Fan
xuelei.fan at oracle.com
Fri Dec 14 17:00:02 UTC 2018
Hi,
Could I have the fix reviewed?
http://cr.openjdk.java.net/~xuelei/8213782/webrev.00/
The SSLCipher.createReadCipher() and createWriteCipher() could return
null if the cipher is not supported or the cipher is not available for a
certain protocol version. The caller should check the null value, and
send back a "illegal_parameter" alert for such cases.
I did not add new regression test. The update is straightforward, while
constructing an illegal handshake message for such cases is complicated.
Thanks,
Xuelei
More information about the security-dev
mailing list