RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v3]

[Bernd]

On Thu, 19 Sep 2024 21:33:11 GMT, Artur Barashev <duke at openjdk.org> wrote:

>> https://bugs.openjdk.org/browse/JDK-8331682
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Add assertions. Add the final server wrap

See the actual comment at the end..

test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 56:

> 54:  * as directly connected pipes.
> 55:  * <p>
> 56:  * Note, this is a *very* simple example: real code will be much more

Maybe this is a bit overly verbose, should it better describe the error condition which is checked?

test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 73:

> 71:     protected final ByteBuffer serverIn;        // read side of serverEngine
> 72: 
> 73:     // For data transport, this example uses local ByteBuffers.  This

If we want to keep the code it should speak of “this test” not “this example not useful”

test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 96:

> 94:         // won't generate BUFFER_OVERFLOWS.
> 95:         //
> 96:         // We'll use a mix of direct and indirect ByteBuffers for

Same here, no tutorial?

test/jdk/javax/net/ssl/TLSv13/SSLEngineNoServerHelloClientShutdown.java line 114:

> 112: 
> 113:     //
> 114:     // Protected methods could be used to customize the test case.

Template comment can be removed

-------------

PR Review: https://git.openjdk.org/jdk/pull/21043#pullrequestreview-2319070879
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1769071608
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1769072698
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1769073482
PR Review Comment: https://git.openjdk.org/jdk/pull/21043#discussion_r1769074141