RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v4]
Sibabrata Sahoo
ssahoo at openjdk.org
Wed Mar 20 09:28:21 UTC 2024
On Wed, 20 Mar 2024 08:26:58 GMT, Prasadrao Koppula <pkoppula at openjdk.org> wrote:
>> Thanks for adding the test.
>>
>> My main concern with using changeWriteCiphers here is that it sends the wrong message to the future readers of this code. It suggests that we want to actually change the cipher, and sending CCS is just a side effect. Note that all other uses of changeWriteCiphers actually change the write ciphers. If you don't want to use the other method, at least add a comment explaining why you're using it here.
>
> Thanks for the review, in the comments I mentioned that, this call sends a dummy change_cipher_spec (CCS) record. I hope, It explains why we are calling it here.
Will it produce 2 ChangeCipherSpec record. One after HRR and other after SH?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531741964
More information about the security-dev
mailing list