NPE in SupportedGroupsExtension
Bradford Wetmore
bradford.wetmore at oracle.com
Thu Sep 13 01:17:46 UTC 2018
Thomas,
>> i found another bug with firefox nigthly "64.0a1 (2018-09-08)
>> (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)".
Max/I are running a slightly later builds, 64.0a1 (2018-09-10) and
(2018-09-12) respectively, and we're now seeing the
psk_key_exchange_modes extension.
Can you confirm if you're seeing this (or not) with a more recent build
of FF 64.0a1?
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
}
Thanks much,
Brad
On 9/9/2018 9:11 PM, Jamil Nimeh wrote:
> Hi Thomas,
>
> This is a known issue captured in JDK-8210334 and the fix for it was
> committed to JDK 12 a few days ago. Looks like the backport of the fix
> is planned for 11.0.2. The backport ID is JDK-8210445 in case you're
> interested.
>
> --Jamil
>
> On 9/9/2018 2:44 PM, Thomas Lußnig wrote:
>> Hi,
>>
>> i found another bug with firefox nigthly "64.0a1 (2018-09-08)
>> (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)".
>> It is not possible to establish an connection. The exception i receive
>> is "pre_shared_key key extension is offered without a
>> psk_key_exchange_modes extension".
>> If there is an PSK without an matching extension this should not kill
>> the connection i think. Nearly all other server accept this.
>>
>> Gruß Thomas Lußnig
>>
>> javax.net.ssl.SSLHandshakeException: pre_shared_key key extension is
>> offered without a psk_key_exchange_modes extension
>>
>> at
>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
>> at
>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>> at
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
>>
>> at
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
>>
>> at
>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
>>
>> at
>> java.base/sun.security.ssl.PskKeyExchangeModesExtension$PskKeyExchangeModesOnTradeAbsence.absent(PskKeyExchangeModesExtension.java:327)
>>
>> at
>> java.base/sun.security.ssl.SSLExtension.absentOnTrade(SSLExtension.java:572)
>>
>> at
>> java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:180)
>>
>> at
>> java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:522)
>>
>> at
>> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>> at
>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1189)
>>
>> at
>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1125)
>>
>> at
>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:831)
>>
>> at
>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)
>>
>> at
>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>> at
>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
>>
>> at
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)
>>
>> at
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052)
>>
>> at java.base/java.security.AccessController.doPrivileged(Native
>> Method)
>> at
>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999)
>>
>>
>
More information about the security-dev
mailing list