RFR: 8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session [v3]
Jaikiran Pai
jpai at openjdk.org
Fri Sep 29 01:30:57 UTC 2023
On Thu, 28 Sep 2023 17:53:39 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> Jaikiran Pai has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains five additional commits since the last revision:
>>
>> - limit line length in test case to 80 chars
>> - Brad's suggestion - replace "the" with "this"
>> - merge latest from master branch
>> - review comment - use SSLContextTemplate for SSLContext creation in test
>> - 8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session
>
> src/java.base/share/classes/sun/security/ssl/ServerNameExtension.java line 347:
>
>> 345: shc.resumingSession = null;
>> 346: // this server is disallowing this session resumption,
>> 347: // so don't include the pre-shared key in the ServerHello handshake message
>
> If you wouldn't mind <= 80 here also. The other changes look great.
>
> No need for another full test cycle.
>
> Thanks for considering.
Sorry Brad, I didn't notice that one in my previous update. I've now updated the PR to fix this line.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13669#discussion_r1340785946
More information about the security-dev
mailing list