RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v5]

[John Jiang]

On Wed, 20 Mar 2024 09:55:34 GMT, Prasadrao Koppula <pkoppula at openjdk.org> wrote:

>> JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message.
>> 
>> According to RFC 8446 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest.
>> 
>> https://datatracker.ietf.org/doc/html/rfc8446#appendix-D.4
>
> Prasadrao Koppula has updated the pull request incrementally with one additional commit since the last revision:
> 
>   JDK-8326643

test/jdk/javax/net/ssl/TLSv13/EngineOutOfSeqCCS.java line 39:

> 37: import javax.net.ssl.SSLParameters;
> 38: 
> 39: 

You may want to remove the redundant blank lines.

test/jdk/javax/net/ssl/TLSv13/EngineOutOfSeqCCS.java line 61:

> 59:     }
> 60: 
> 61:     public static void main(String args[]) throws Exception{

I suppose Java generally uses `String[] args`.

test/jdk/javax/net/ssl/TLSv13/EngineOutOfSeqCCS.java line 62:

> 60: 
> 61:     public static void main(String args[]) throws Exception{
> 62:         if(args.length > 0 && args[0].compareTo("isHRRTest") == 0){

new EngineOutOfSeqCCS().runDemo(args.length > 0 && args[0].equals("isHRRTest"));

test/jdk/javax/net/ssl/TLSv13/EngineOutOfSeqCCS.java line 263:

> 261:      */
> 262:     private static void dumpByteBuffer(String header, ByteBuffer bBuf) {
> 263:         if (dumpBufs == false) {

if (!dumpBufs)

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531853750
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531864040
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531856780
PR Review Comment: https://git.openjdk.org/jdk/pull/18372#discussion_r1531862260