RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v20]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Thu Oct 17 18:54:22 UTC 2024
On Fri, 11 Oct 2024 18:36:50 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Check for unexpected plaintext alert message during TLSv1.3 handshake. This can happen if client doesn't receive ServerHello due to network timeout and tries to close the connection by sending an alert message.
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Adjust line length
src/java.base/share/classes/sun/security/ssl/SSLTransport.java line 150:
> 148: int contentLen = Record.getInt16(currentFlight); // pos: 3, 4
> 149:
> 150: if (contentLen == 2 && ContentType.ALERT.equals(ContentType.valueOf(contentType))) {
The timeout case could happen during rekeying as well. For rekeying, the content might be encrypted with previous keys and cannot decrypted with the current keys. As may void the condition "contentLen == 2".
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1805270355
More information about the security-dev
mailing list