RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v20]
Bradford Wetmore
wetmore at openjdk.org
Fri Oct 18 04:32:15 UTC 2024
On Fri, 11 Oct 2024 18:36:50 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Check for unexpected plaintext alert message during TLSv1.3 handshake. This can happen if client doesn't receive ServerHello due to network timeout and tries to close the connection by sending an alert message.
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Adjust line length
Changes requested by wetmore (Reviewer).
test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 1:
> 1: /*
New tests which exercise existing implementation functionality belong in the implementation test directories (i.e. `sun/security/ssl`), not the API directories (i.e. `javax/net/ssl`). If the code changes were mainly in the `javax.net.ssl` code, then they would live here.
Suggest you move these two new tests to:
- `open/test/jdk/sun/security/ssl/InputRecord`
test/jdk/javax/net/ssl/TLSv13/SSLSocketNoServerHelloClientShutdown.java line 1:
> 1: /*
Same directory comment.
-------------
PR Review: https://git.openjdk.org/jdk/pull/21043#pullrequestreview-2376657460
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1805654874
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1805833751
More information about the security-dev
mailing list