RFR: 8270344: Session resumption errors [v2]
Sean Coffey
coffeys at openjdk.java.net
Thu Aug 19 09:10:53 UTC 2021
> Corner case where a session resumption can fail if the TLS server changes supported protocol versions in relation to a cached SSLSession. This is primarily an issue where the legacy TLS version is used in place of the newer "supported_versions" TLS extension.
Sean Coffey has updated the pull request incrementally with one additional commit since the last revision:
Alter fix to focus on max version sent in CH
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/5110/files
- new: https://git.openjdk.java.net/jdk/pull/5110/files/50f50d50..0a24d520
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=00-01
Stats: 43 lines in 2 files changed: 4 ins; 31 del; 8 mod
Patch: https://git.openjdk.java.net/jdk/pull/5110.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/5110/head:pull/5110
PR: https://git.openjdk.java.net/jdk/pull/5110
More information about the security-dev
mailing list