RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v20]
Artur Barashev
abarashev at openjdk.org
Thu Oct 17 17:30:31 UTC 2024
On Thu, 17 Oct 2024 17:19:36 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Yes, we have tests for both `SSLEngine` and `SSLSocket` usages. In case of SSLEngine the data is passed downstream in `srcs` array.
>
> It looks like SSLEngine does not use the cached record? I did not get the point to have two different logic for SSLEngine and SSLSocket.
Yes, `SSLEngineInputRecord` gets the data from upstream, no need to cache it. We have access to that data right here at `SSLTransport`
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1805152975
More information about the security-dev
mailing list