RFR: 8273553: sun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368
Bradford Wetmore
wetmore at openjdk.java.net
Fri Mar 18 18:50:58 UTC 2022
JDK-8253368 changed the behavior of SSLSocket to no longer throw a fatal internal_error (80) and invalidate existing sessions (either completed or under construction) as described in (RFC 4346/TLSv1.1+) if a connection was closed without receiving a close_notify alert from the peer.
This change introduces similar behavior to SSLEngine.
The unit test checks that closing the read(input) sides of the SSLSocket/SSLEngine throws an SSLException, but doesn't invalidate their respective sessions.
Tier1/2 mach5 tests have been successfully run.
-------------
Commit messages:
- Merge branch 'master' into JDK-8273553
- Added SSLSocket bugid since we're actually checking both sides now.
- I/O Issues, rewrite the I/O section so that early Socket closes don't kill our server-side reads.
- Merge branch 'master' into JDK-8273553
- Merge branch 'master' into JDK-8273553
- Merge
- Minor test tweaks.
- Remove inadvertent whitespace
- Forgot copyright Info
- 8273553: sun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368
Changes: https://git.openjdk.java.net/jdk/pull/7796/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=7796&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8273553
Stats: 506 lines in 3 files changed: 493 ins; 4 del; 9 mod
Patch: https://git.openjdk.java.net/jdk/pull/7796.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/7796/head:pull/7796
PR: https://git.openjdk.java.net/jdk/pull/7796
More information about the security-dev
mailing list