RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Wed Mar 31 21:00:43 UTC 2021
As described in the bug, by connecting the SSLEngine with a misbehaving peer SSL implementation, it can get into a state where it calling `wrap` reports getStatus == OK, getHandshakeStatus === NEED_WRAP but still doesn't produce any further output. It happens when the output bound is not empty.
The handshake status could have more precise status if the out bound. The patch was confirmed by the bug submitter.
-------------
Commit messages:
- 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output
Changes: https://git.openjdk.java.net/jdk/pull/3292/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=3292&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8263779
Stats: 44 lines in 3 files changed: 21 ins; 1 del; 22 mod
Patch: https://git.openjdk.java.net/jdk/pull/3292.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/3292/head:pull/3292
PR: https://git.openjdk.java.net/jdk/pull/3292
More information about the security-dev
mailing list