RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server
Artur Barashev
duke at openjdk.org
Wed Sep 18 20:30:57 UTC 2024
On Wed, 18 Sep 2024 13:59:59 GMT, Artur Barashev <duke at openjdk.org> wrote:
>> test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 204:
>>
>>> 202: // Server unwrap should process an unencrypted 2 byte packet,
>>> 203: log("---Server Unwrap user_cancelled alert---");
>>> 204: serverResult = serverEngine.unwrap(cTOs, serverIn);
>>
>> does that mean that we don't throw a SSLHandshakeException on receipt of close_notify in the middle of the handshake?
>
> Our own client code is unable to produce `close_notify` during the handshake, it sends `user_cancelled` as per RFC. If `close_notify` alert is received during handshake and it doesn't follow the `user_cancelled` alert, then we throw UNEXPECTED_MESSAGE SSLHandshakeException.
Please disregard my last comment. Our own client code does produce `close_notify` after `user_cancelled` during the handshake, as it SHOULD per RFC. I've updated the test to reflect that.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1765679626
More information about the security-dev
mailing list