RFR: 8299870: TLS record version check allows invalid records [v3]
Matthew Donovan
duke at openjdk.org
Fri Jan 13 04:03:51 UTC 2023
> - Updated ProtocolVersion.isNegotiable() to check a bounded range of version numbers.
> - Removed IllegalRecordVersion.java from ProblemList.txt
>
> Tested with jdk_security and jdk_security3 test groups.
Matthew Donovan has updated the pull request incrementally with two additional commits since the last revision:
- revert one more chnage
- reverted ProtocolVersion and changed to use SSLContextTemplate
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/11929/files
- new: https://git.openjdk.org/jdk/pull/11929/files/01e0a60a..b67c9deb
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=11929&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=11929&range=01-02
Stats: 40 lines in 2 files changed: 2 ins; 26 del; 12 mod
Patch: https://git.openjdk.org/jdk/pull/11929.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/11929/head:pull/11929
PR: https://git.openjdk.org/jdk/pull/11929
More information about the security-dev
mailing list