RFR: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message [v7]
Prasadrao Koppula
pkoppula at openjdk.org
Thu Mar 21 02:03:39 UTC 2024
> JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message.
>
> According to RFC 8446 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest.
>
> https://datatracker.ietf.org/doc/html/rfc8446#appendix-D.4
Prasadrao Koppula has updated the pull request incrementally with one additional commit since the last revision:
JDK-8326643
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/18372/files
- new: https://git.openjdk.org/jdk/pull/18372/files/02bb8ddf..8507c444
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=18372&range=06
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=18372&range=05-06
Stats: 17 lines in 1 file changed: 0 ins; 8 del; 9 mod
Patch: https://git.openjdk.org/jdk/pull/18372.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/18372/head:pull/18372
PR: https://git.openjdk.org/jdk/pull/18372
More information about the security-dev
mailing list