RFR: 8270344: Session resumption errors [v5]

Sean Coffey coffeys at openjdk.java.net
Fri Aug 20 16:34:51 UTC 2021


> Corner case where a session resumption can fail if the TLS server changes supported protocol versions in relation to a cached SSLSession. This is primarily an issue where the legacy TLS version is used in place of the newer "supported_versions" TLS extension.

Sean Coffey has updated the pull request incrementally with one additional commit since the last revision:

  Remove redundant method and testcase cleanup

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/5110/files
  - new: https://git.openjdk.java.net/jdk/pull/5110/files/c12551ad..b32a69cd

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=04
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=5110&range=03-04

  Stats: 52 lines in 3 files changed: 10 ins; 31 del; 11 mod
  Patch: https://git.openjdk.java.net/jdk/pull/5110.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/5110/head:pull/5110

PR: https://git.openjdk.java.net/jdk/pull/5110


More information about the security-dev mailing list