RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message
Prasadrao Koppula
pkoppula at openjdk.org
Tue Mar 19 08:46:21 UTC 2024
On Tue, 19 Mar 2024 08:13:02 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message.
>>
>> According to RFC 8446 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest.
>>
>> https://datatracker.ietf.org/doc/html/rfc8446#appendix-D.4
>
> src/java.base/share/classes/sun/security/ssl/ServerHello.java line 804:
>
>> 802: shc.conContext.outputRecord.changeWriteCiphers(
>> 803: SSLWriteCipher.nullTlsWriteCipher(),
>> 804: (clientHello.sessionId.length() != 0));
>
> Suggestion:
>
> if (clientHello.sessionId.length() != 0) {
> shc.conContext.outputRecord.encodeChangeCipherSpec();
> }
Unfortunately, we lack separate properties to control named groups in both the server and client. When running server and client threads in the same JVM, manipulating client hello packets to prompt the server to trigger HRR becomes exceedingly challenging.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1529948640
More information about the security-dev
mailing list