Integrated: 8277881 Missing SessionID in TLS1.3 resumption in compatibility mode
Daniel Jeliński
duke at openjdk.java.net
Fri Dec 24 00:05:18 UTC 2021
On Mon, 29 Nov 2021 08:42:22 GMT, Daniel Jeliński <duke at openjdk.java.net> wrote:
> All TLS 1.3 handshakes in compatibility mode must send a non-empty SessionID field. Currently TLS1.3 session resumptions are sending empty session ID. This patch fixes that problem.
>
> All jdk_core tests passed. The newly added check passes with the patch, fails without it.
This pull request has now been integrated.
Changeset: 9d99a377
Author: Daniel Jelinski <djelinski1 at gmail.com>
Committer: Anthony Scarpino <ascarpino at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/9d99a377bfb6ffa890db049aee575e97914fc2a1
Stats: 15 lines in 3 files changed: 4 ins; 1 del; 10 mod
8277881: Missing SessionID in TLS1.3 resumption in compatibility mode
Reviewed-by: ascarpino
-------------
PR: https://git.openjdk.java.net/jdk/pull/6583
More information about the security-dev
mailing list