RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v5]
Sibabrata Sahoo
ssahoo at openjdk.org
Wed Mar 20 10:07:22 UTC 2024
On Wed, 20 Mar 2024 09:59:14 GMT, Prasadrao Koppula <pkoppula at openjdk.org> wrote:
>> I am not an expert in this field and expressing one of my thought here and my assumption could be wrong too.
>> Shouldn't it check "SSLConfiguration.useCompatibilityMode" or similar for any change applicable to solve middlebox compatibility issue?
>
> (clientHello.sessionId.length() != 0) condition checks for same
Got it. Thanks.. CH legacy_session_id uses this check for non-empty sessionId.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531800010
More information about the security-dev
mailing list