RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v2]
Prasadrao Koppula
pkoppula at openjdk.org
Wed Mar 20 07:39:53 UTC 2024
On Tue, 19 Mar 2024 09:03:57 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> Unfortunately, we lack separate properties to control named groups in both the server and client. When running server and client threads in the same JVM, manipulating client hello packets to prompt the server to trigger HRR becomes exceedingly challenging.
>
> since [JDK-8281236](https://bugs.openjdk.org/browse/JDK-8281236) / 5d4c71c8bd361af78c90777f17b79e95d8eb5afe / JDK 20 we have setNamedGroups function to control named groups on every endpoint.
Thank you, I added a test
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531620236
More information about the security-dev
mailing list