NPE in SupportedGroupsExtension
Bradford Wetmore
bradford.wetmore at oracle.com
Thu Sep 13 01:37:52 UTC 2018
We finally found what I think are the 2018-09-08 nightly builds.
https://download-origin.cdn.mozilla.net/pub/firefox/nightly/2018/09/
specifically:
https://download-origin.cdn.mozilla.net/pub/firefox/nightly/2018/09/2018-09-08-10-04-02-mozilla-central/firefox-64.0a1.en-US.win64.installer.exe
Max/I tried it on Windows-x64 with no problems.
Can you confirm which build/architecture, etc.?
Thanks,
Brad
On 9/12/2018 6:17 PM, Bradford Wetmore wrote:
> Thomas,
>
> >> i found another bug with firefox nigthly "64.0a1 (2018-09-08)
> >> (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)".
>
> Max/I are running a slightly later builds, 64.0a1 (2018-09-10) and
> (2018-09-12) respectively, and we're now seeing the
> psk_key_exchange_modes extension.
>
> Can you confirm if you're seeing this (or not) with a more recent build
> of FF 64.0a1?
>
> "psk_key_exchange_modes (45)": {
> "ke_modes": [psk_dhe_ke]
> }
>
> Thanks much,
>
> Brad
>
>
>
>
> On 9/9/2018 9:11 PM, Jamil Nimeh wrote:
>> Hi Thomas,
>>
>> This is a known issue captured in JDK-8210334 and the fix for it was
>> committed to JDK 12 a few days ago. Looks like the backport of the
>> fix is planned for 11.0.2. The backport ID is JDK-8210445 in case
>> you're interested.
>>
>> --Jamil
>>
>> On 9/9/2018 2:44 PM, Thomas Lußnig wrote:
>>> Hi,
>>>
>>> i found another bug with firefox nigthly "64.0a1 (2018-09-08)
>>> (64-bit)" and "OpenJDK Runtime Environment 18.9 (build 11+28)".
>>> It is not possible to establish an connection. The exception i
>>> receive is "pre_shared_key key extension is offered without a
>>> psk_key_exchange_modes extension".
>>> If there is an PSK without an matching extension this should not kill
>>> the connection i think. Nearly all other server accept this.
>>>
>>> Gruß Thomas Lußnig
>>>
>>> javax.net.ssl.SSLHandshakeException: pre_shared_key key extension is
>>> offered without a psk_key_exchange_modes extension
>>>
>>> at
>>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
>>> at
>>> java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
>>> at
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
>>>
>>> at
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
>>>
>>> at
>>> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
>>>
>>> at
>>> java.base/sun.security.ssl.PskKeyExchangeModesExtension$PskKeyExchangeModesOnTradeAbsence.absent(PskKeyExchangeModesExtension.java:327)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLExtension.absentOnTrade(SSLExtension.java:572)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLExtensions.consumeOnTrade(SSLExtensions.java:180)
>>>
>>> at
>>> java.base/sun.security.ssl.ServerHello$T13ServerHelloProducer.produce(ServerHello.java:522)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)
>>> at
>>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1189)
>>>
>>> at
>>> java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1125)
>>>
>>> at
>>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:831)
>>>
>>> at
>>> java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
>>> at
>>> java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)
>>>
>>> at
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052)
>>>
>>> at java.base/java.security.AccessController.doPrivileged(Native
>>> Method)
>>> at
>>> java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999)
>>>
>>>
>>
More information about the security-dev
mailing list