RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v4]
Prasadrao Koppula
pkoppula at openjdk.org
Wed Mar 20 08:48:34 UTC 2024
> JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message.
>
> According to RFC 8446 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest.
>
> https://datatracker.ietf.org/doc/html/rfc8446#appendix-D.4
Prasadrao Koppula has updated the pull request incrementally with one additional commit since the last revision:
JDK-8326643
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/18372/files
- new: https://git.openjdk.org/jdk/pull/18372/files/8250dc60..a5232303
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=18372&range=03
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=18372&range=02-03
Stats: 3 lines in 1 file changed: 2 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/18372.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18372/head:pull/18372
PR: https://git.openjdk.org/jdk/pull/18372
More information about the security-dev
mailing list