Code Review Request, JDK-8214418 half-closed SSLEnigne status may cause application dead loop

Xue-Lei Fan xuelei.fan at oracle.com
Wed Jan 9 17:00:16 UTC 2019



On 1/9/2019 6:10 AM, Chris Hegarty wrote:
> Xuelei,
> 
> Is it possible to update the synopsis of this bug to better
> reflect the underlying issue ( rather than one particular
> symptom )?
> 
Updated.

> Also, it is possible to construct a small, non-HTTP related,
> targeted test that verifies the fix?
> 
There was an test update that covered the fix.

Thanks,
Xuelei

> -Chris.
> 
> On 08/01/2019 23:00, Xue-Lei Fan wrote:
>> ping ...
>>
>> Xuelei
>>
>> On 12/22/2018 9:20 AM, Xue-Lei Fan wrote:
>>> Hi,
>>>
>>> Could I get the update reviewed?
>>>     http://cr.openjdk.java.net/~xuelei/8214418/webrev.00/
>>>
>>> The reproducing testing case passed with the update.
>>>
>>> The issue is caused by the handshake status "NEED_WRAP" while the 
>>> connection is half-closed. An application may just call wrap() when 
>>> the handshake status is "NEED_WRAP". For compatibility, I changed the 
>>> handshake status from NEED_WRAP back to NOT_HANDSHAKING for inbound 
>>> half-closed connection.  An application can use 
>>> SSLEngine.isOutboundDone() for the determination if SSLEngine.wrap() 
>>> should be called.
>>>
>>> Thanks,
>>> Xuelei
>>>
>>>



More information about the security-dev mailing list