RFR: 8331682: Slow networks/Impatient clients can potentially send unencrypted TLSv1.3 alerts that won't parse on the server [v4]
Artur Barashev
duke at openjdk.org
Fri Sep 20 21:35:53 UTC 2024
> https://bugs.openjdk.org/browse/JDK-8331682
Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
- Switch server to use plaintext after getting the unexpected plaintext alert message during TLSv1.3 handshake
- Always send user_cancelled alert before close_notify alert during handshake. This is actually a different issue which was discovered during this fix.
- Update tests accordingly
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/21043/files
- new: https://git.openjdk.org/jdk/pull/21043/files/accbb49d..e8dcda09
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=21043&range=03
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=21043&range=02-03
Stats: 103 lines in 4 files changed: 65 ins; 26 del; 12 mod
Patch: https://git.openjdk.org/jdk/pull/21043.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/21043/head:pull/21043
PR: https://git.openjdk.org/jdk/pull/21043
More information about the security-dev
mailing list