Integrated: 8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message
Prasadrao Koppula
pkoppula at openjdk.org
Fri Mar 22 07:05:29 UTC 2024
On Tue, 19 Mar 2024 07:13:19 GMT, Prasadrao Koppula <pkoppula at openjdk.org> wrote:
> JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message.
>
> According to RFC 8446 (Middlebox Compatibility Mode), if the client sends a non-empty session ID in the ClientHello message, the server sends a dummy change_cipher_spec (CCS) record immediately after its first handshake message. This may either be after a ServerHello or a HelloRetryRequest.
>
> https://datatracker.ietf.org/doc/html/rfc8446#appendix-D.4
This pull request has now been integrated.
Changeset: d44aaa37
Author: Prasadrao Koppula <pkoppula at openjdk.org>
Committer: Sean Coffey <coffeys at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/d44aaa37f98dd383aebbec097427feb1f1c29b74
Stats: 294 lines in 2 files changed: 293 ins; 0 del; 1 mod
8326643: JDK server does not send a dummy change_cipher_spec record after HelloRetryRequest message
Reviewed-by: djelinski, coffeys, jjiang, ascarpino
-------------
PR: https://git.openjdk.org/jdk/pull/18372
More information about the security-dev
mailing list